login.larksuite.com
Open in
urlscan Pro
2.16.241.12
Public Scan
Effective URL: https://login.larksuite.com/accounts/page/login?app_id=2&query_scope=all&redirect_uri=https%3A%2F%2Fax1kns1zy1.larksuite.com...
Submission: On November 21 via api from US — Scanned from DE
Summary
TLS certificate: Issued by RapidSSL TLS ECC CA G1 on March 27th 2023. Valid for: a year.
This is the only time login.larksuite.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2.16.241.17 2.16.241.17 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 2 | 2.16.241.12 2.16.241.12 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 2.16.241.16 2.16.241.16 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2008 | 15169 (GOOGLE) (GOOGLE) | |
6 | 4 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-17.deploy.static.akamaitechnologies.com
ax1kns1zy1.larksuite.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-12.deploy.static.akamaitechnologies.com
ax1kns1zy1.larksuite.com | |
login.larksuite.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-16.deploy.static.akamaitechnologies.com
sf16-va.larksuitecdn.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
larksuitecdn.com
sf16-va.larksuitecdn.com — Cisco Umbrella Rank: 184727 |
856 KB |
3 |
larksuite.com
2 redirects
ax1kns1zy1.larksuite.com login.larksuite.com — Cisco Umbrella Rank: 297640 |
11 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35 |
|
6 | 3 |
Domain | Requested by | |
---|---|---|
4 | sf16-va.larksuitecdn.com |
login.larksuite.com
|
2 | ax1kns1zy1.larksuite.com | 2 redirects |
1 | www.googletagmanager.com |
login.larksuite.com
|
1 | login.larksuite.com | |
6 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.larksuite.com RapidSSL TLS ECC CA G1 |
2023-03-27 - 2024-04-26 |
a year | crt.sh |
*.larksuitecdn.com RapidSSL TLS ECC CA G1 |
2023-06-19 - 2024-07-19 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.larksuite.com/accounts/page/login?app_id=2&query_scope=all&redirect_uri=https%3A%2F%2Fax1kns1zy1.larksuite.com%2Fdrive%2Fhome%2F%3Flogin_redirect_times%3D1
Frame ID: BD1F7EEA75EAA747711A9AF1C0CFD5F8
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ax1kns1zy1.larksuite.com/
HTTP 302
https://ax1kns1zy1.larksuite.com/drive/home/ HTTP 302
https://login.larksuite.com/accounts/page/login?app_id=2&query_scope=all&redirect_uri=https%3A%2F%2Fax1k... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ax1kns1zy1.larksuite.com/
HTTP 302
https://ax1kns1zy1.larksuite.com/drive/home/ HTTP 302
https://login.larksuite.com/accounts/page/login?app_id=2&query_scope=all&redirect_uri=https%3A%2F%2Fax1kns1zy1.larksuite.com%2Fdrive%2Fhome%2F%3Flogin_redirect_times%3D1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
login.larksuite.com/accounts/page/ Redirect Chain
|
87 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor~page.b2640808.css
sf16-va.larksuitecdn.com/goofy/ee/suite/passport/static/login/css/ |
214 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page.0acd7232.css
sf16-va.larksuitecdn.com/goofy/ee/suite/passport/static/login/css/ |
229 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor~page.f9c09b79.chunk.js
sf16-va.larksuitecdn.com/goofy/ee/suite/passport/static/login/chunk/ |
2 MB 568 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.233b979b.js
sf16-va.larksuitecdn.com/goofy/ee/suite/passport/static/login/js/ |
899 KB 209 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
191 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
75 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.larksuite.com/ | Name: swp_csrf_token Value: 145c87d5-042f-4b9c-b146-2e7b21ba6749 |
|
.larksuite.com/ | Name: t_beda37 Value: 14b8796f1831fca55b7122c22ca95aa547385e1a7763234410752ad097d81254 |
|
.larksuite.com/ | Name: passport_web_did Value: 7303899283038683141 |
|
.larksuite.com/ | Name: QXV0aHpDb250ZXh0 Value: 53a66bed65a34efb90bf7fb800fa92b3 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ax1kns1zy1.larksuite.com
login.larksuite.com
sf16-va.larksuitecdn.com
www.googletagmanager.com
2.16.241.12
2.16.241.16
2.16.241.17
2a00:1450:4001:806::2008
ea150f38f4bf03f71fedd07b36ff5d425b8c823bf84663c417d77189c22829fe