urlscan.io logo urlscan.io
SecurityTrails logo

rd0pqvzk7fa.larksuite.com Open in urlscan Pro
23.53.40.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rd0pqvzk7fa.larksuite.com/
Effective URL: https://rd0pqvzk7fa.larksuite.com/drive/home/
Submission: On January 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 23.53.40.104, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is rd0pqvzk7fa.larksuite.com.
TLS certificate: Issued by RapidSSL TLS ECC CA G1 on March 27th 2023. Valid for: a year.
This is the only time rd0pqvzk7fa.larksuite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 23.53.40.104 20940 (AKAMAI-ASN1)
1 2a0b:21c0:200... 21859 (ZEN-ECN)
2 2
Apex Domain
Subdomains		 Transfer
2 larksuite.com
rd0pqvzk7fa.larksuite.com
43 KB
1 feishucdn.com
lf-scm-cn.feishucdn.com — Cisco Umbrella Rank: 170954
607 KB
2 2
Domain Requested by
2 rd0pqvzk7fa.larksuite.com 1 redirects
1 lf-scm-cn.feishucdn.com rd0pqvzk7fa.larksuite.com
2 2

This site contains no links.

Subject Issuer Validity Valid
*.larksuite.com
RapidSSL TLS ECC CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.feishucdn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-07-19 -
2024-08-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://rd0pqvzk7fa.larksuite.com/drive/home/
Frame ID: A0C4F820DE7412C0C6215B11A14E6ED0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Docs - 页面访问人数过多高30 英文

Page URL History Show full URLs

  1. http://rd0pqvzk7fa.larksuite.com/ HTTP 302
    https://rd0pqvzk7fa.larksuite.com/drive/home/ Page URL

Page Statistics

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

649 kB
Transfer

3154 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rd0pqvzk7fa.larksuite.com/ HTTP 302
    https://rd0pqvzk7fa.larksuite.com/drive/home/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rd0pqvzk7fa.larksuite.com/drive/home/
Redirect Chain
  • http://rd0pqvzk7fa.larksuite.com/
  • https://rd0pqvzk7fa.larksuite.com/drive/home/
41 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rd0pqvzk7fa.larksuite.com/drive/home/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.40.104 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-40-104.deploy.static.akamaitechnologies.com
Software
TLB / Goofy Deploy
Resource Hash
6af55b6c4e4b2e687016d7a1a5d6a4d9d435bf510a1eba1a55013e3b129fbd02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=60
content-length
42193
content-type
text/html; charset=utf-8
date
Wed, 10 Jan 2024 07:10:13 GMT
proxy-status
0000201429033102
server
TLB
server-timing
bd-gf-file-origin;desc="file from memory cache", bd-gf-file-total;dur=0.163965, bd-gf-total;dur=1.297813 cdn-cache; desc=MISS, edge; dur=0, origin; dur=474
x-akamai-request-id
2b0bbd1c
x-cache
TCP_MISS from a23-53-40-100.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-content-type-options
nosniff
x-deploy-channel-id
258785
x-deploy-scm-version
1.0.0.3218
x-deploy-transfer
string
x-deploy-web-server-cache-hit
memory
x-dns-prefetch-control
off
x-goofy-deploy-version
1.0.0.3218
x-goofy-runtime
node
x-origin-response-time
474,23.53.40.100
x-powered-by
Goofy Deploy
x-tt-logid
20240110071012C2E7B8CC32AADB42CFF4
x-tt-trace-host
01f6bb0cf4844e897ed9b879250ec23f0fd31b061bf16ae53ecbc7bed5084c30a0be5c1c6fd285ada2c47912bfff89d636802f10179e42f5f370c1f90f9e56fca536eea05df4ad346a7e34733c63621bae22aa452378a0635ffc14b0d241c1e4c55cabee83cda8621355914ba0714ed5f7
x-tt-trace-id
00-240110071012C2E7B8CC32AADB42CFF4-04FF9AFF8EA58416-00
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-xss-protection
0

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
136
Content-Type
text/html
Date
Wed, 10 Jan 2024 07:10:12 GMT
Location
https://rd0pqvzk7fa.larksuite.com/drive/home/
Proxy-Status
0000201302026000
Server
TLB
Server-Timing
cdn-cache; desc=MISS, edge; dur=240, origin; dur=180
X-Akamai-Request-ID
2b0bb9ae
X-Cache
TCP_MISS from a23-53-40-100.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
X-Origin-Response-Time
420,23.53.40.100
X-TT-LOGID
20240110071011D1D0BAD342DAC72FA1D7
x-tt-trace-host
01f6bb0cf4844e897ed9b879250ec23f0fd31b061bf16ae53ecbc7bed5084c30a09d8af7ffd3e76d03f9d4819ce40e3bc84f88398481ea3eae4d6c3c46109f5a1a
x-tt-trace-id
00-240110071011D1D0BAD342DAC72FA1D7-3E1590905C01642A-00
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
en-US.d2561233aba85620.js
lf-scm-cn.feishucdn.com/ccm/pc/web/resource/bear/lang/ 		3 MB
607 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf-scm-cn.feishucdn.com/ccm/pc/web/resource/bear/lang/en-US.d2561233aba85620.js
Requested by
Host: rd0pqvzk7fa.larksuite.com
URL: https://rd0pqvzk7fa.larksuite.com/drive/home/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:21c0:2000:a6:3::3eb Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
Tengine /
Resource Hash
dc17a97596732fb173103f48793b12a08f0098474f37cf5de7dc66b6e21ac853

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rd0pqvzk7fa.larksuite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-encoding
br
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
content-md5
L50mlCczjeWMe0rucIHztg==
x-tt-trace-id
00-240108175435107C1564E8F9423F331D-51BC4897381B9B0A-00
age
162938
x-swift-cachetime
31534851
x-tos-storage-class
STANDARD
server-timing
cdn-cache;desc=HIT,edge;dur=1
x-swift-savetime
Mon, 08 Jan 2024 10:13:45 GMT
x-tos-request-id
9033509bc65b1303659bc65b-a812b88
x-tos-response-time
Mon, 08 Jan 2024 09:54:35 GMT
x-tt-logid
20240108175435107C1564E8F9423F331D
etag
W/"2f9d269427338de58c7b4aee7081f3b6"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-tt-trace-host
01279efe495e7950975fd12c5b753deb62d561e14cd8e7f63ffd80094aade517514d108c47a6554321fffa1a552f1839775a3e69e0232ef309fcfbb0a30156bb06f9ef5791bc4ab636b81efd305bd978060d5eab50624a979d5b2230ed0d19fcdf
access-control-request-methods
OPTIONS, HEAD, GET
x-response-cache
edge_hit
eagleid
6262ee9b17048706142738922e
date
Mon, 08 Jan 2024 09:54:35 GMT
via
cache38.l2fr1[0,0,200-0,H], cache24.l2fr1[1,0], ens-cache1.ae4[0,0,200-0,H], ens-cache7.ae4[1,0]
x-cache
HIT TCP_MEM_HIT dirn:13:836153214
x-tos-hash-crc64ecma
10632008623784134539
content-length
619746
last-modified
Mon, 08 Jan 2024 06:13:40 GMT
server
Tengine
ali-swift-global-savetime
1704707676
x-response-sinfo
2a0b:21c0:2000:a6:3::3eb
x-server
goofy
x-response-cinfo
2a01:4a0:1338:92::12
timing-allow-origin
*, *

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| gfdatav1 function| getQueryByName function| getCookie function| setCookie function| setLocalStorage function| goOnlineEnv object| langCdns object| baseLangCdns function| _handleI18nBackUp object| langConfig object| User object| TTI18N object| langCDNList string| langUrl object| tips object| calDiv object| refreshDiv number| countDown function| showClickBtn function| hideCountDown number| lastTime number| DELAY_INTERVAL number| CHECK_INTERVAL function| updateCountDown

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://rd0pqvzk7fa.larksuite.com/drive/home/
Message:
Failed to load resource: the server responded with a status of 429 ()
javascript warning URL: https://rd0pqvzk7fa.larksuite.com/drive/home/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lf-scm-cn.feishucdn.com/ccm/pc/web/resource/bear/lang/en-US.d2561233aba85620.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rd0pqvzk7fa.larksuite.com/drive/home/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lf-scm-cn.feishucdn.com/ccm/pc/web/resource/bear/lang/en-US.d2561233aba85620.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lf-scm-cn.feishucdn.com
rd0pqvzk7fa.larksuite.com
23.53.40.104
2a0b:21c0:2000:a6:3::3eb
6af55b6c4e4b2e687016d7a1a5d6a4d9d435bf510a1eba1a55013e3b129fbd02
dc17a97596732fb173103f48793b12a08f0098474f37cf5de7dc66b6e21ac853