login.dingtalk.com
Open in
urlscan Pro
2401:b180:2000:60::f
Public Scan
Effective URL: https://login.dingtalk.com/oauth2/challenge.htm?response_type=code&client_id=dingohetqw5ecb5bs1db&scope=openid&prompt=conse...
Submission: On March 14 via api from US — Scanned from US
Summary
TLS certificate: Issued by GlobalSign Organization Validation CA... on April 6th 2023. Valid for: a year.
This is the only time login.dingtalk.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 118.190.152.250 118.190.152.250 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
1 2 | 2401:b180:200... 2401:b180:2000:60::f | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
14 | 2404:2280:1b2... 2404:2280:1b2:0:3::a | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
1 | 8.38.121.230 8.38.121.230 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
2 | 203.119.145.40 203.119.145.40 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
2 | 123.183.232.34 123.183.232.34 | 4134 (CHINANET-...) (CHINANET-BACKBONE No.31) | |
3 | 2401:b180:700... 2401:b180:7003::2e | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
23 | 6 |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
tb-test.idolmoba.com |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
login.dingtalk.com |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
g.alicdn.com | |
img.alicdn.com | |
at.alicdn.com |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
csp.dingtalk.com |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
log.mmstat.com | |
gm.mmstat.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
alicdn.com
g.alicdn.com — Cisco Umbrella Rank: 9171 o.alicdn.com — Cisco Umbrella Rank: 33749 img.alicdn.com — Cisco Umbrella Rank: 12819 at.alicdn.com — Cisco Umbrella Rank: 16324 |
649 KB |
4 |
dingtalk.com
1 redirects
login.dingtalk.com — Cisco Umbrella Rank: 508429 csp.dingtalk.com — Cisco Umbrella Rank: 252289 |
2 KB |
3 |
mmstat.com
log.mmstat.com — Cisco Umbrella Rank: 17384 gm.mmstat.com — Cisco Umbrella Rank: 19065 |
937 B |
2 |
taobao.com
fourier.taobao.com — Cisco Umbrella Rank: 16017 |
1 KB |
2 |
idolmoba.com
2 redirects
tb-test.idolmoba.com |
3 KB |
23 | 5 |
Domain | Requested by | |
---|---|---|
9 | g.alicdn.com |
login.dingtalk.com
g.alicdn.com |
4 | img.alicdn.com |
login.dingtalk.com
|
2 | log.mmstat.com |
login.dingtalk.com
|
2 | fourier.taobao.com |
g.alicdn.com
|
2 | csp.dingtalk.com |
g.alicdn.com
login.dingtalk.com |
2 | login.dingtalk.com | 1 redirects |
2 | tb-test.idolmoba.com | 2 redirects |
1 | gm.mmstat.com |
g.alicdn.com
|
1 | at.alicdn.com |
login.dingtalk.com
|
1 | o.alicdn.com |
login.dingtalk.com
|
23 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.dingtalk.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-04-06 - 2024-05-07 |
a year | crt.sh |
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G3 |
2023-12-26 - 2024-07-30 |
7 months | crt.sh |
*.alibabacorp.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
tfe.alibaba.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-12-04 - 2024-12-30 |
a year | crt.sh |
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-08-01 - 2024-09-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.dingtalk.com/oauth2/challenge.htm?response_type=code&client_id=dingohetqw5ecb5bs1db&scope=openid&prompt=consent&redirect_uri=https%3A%2F%2Ftb-test.idolmoba.com%2Fauth%2FcallBack%2Fding
Frame ID: D6EFC1C85D07283D4054B0CBC274E446
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
点歌台 - DingTalk unified identity authenticationPage URL History Show full URLs
-
https://tb-test.idolmoba.com/
HTTP 302
https://tb-test.idolmoba.com/auth/login HTTP 302
https://login.dingtalk.com/oauth2/auth?response_type=code&client_id=dingohetqw5ecb5bs1db&scope=openid&p... HTTP 302
https://login.dingtalk.com/oauth2/challenge.htm?response_type=code&client_id=dingohetqw5ecb5bs1db&scope... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tb-test.idolmoba.com/
HTTP 302
https://tb-test.idolmoba.com/auth/login HTTP 302
https://login.dingtalk.com/oauth2/auth?response_type=code&client_id=dingohetqw5ecb5bs1db&scope=openid&prompt=consent&redirect_uri=https%3A%2F%2Ftb-test.idolmoba.com%2Fauth%2FcallBack%2Fding HTTP 302
https://login.dingtalk.com/oauth2/challenge.htm?response_type=code&client_id=dingohetqw5ecb5bs1db&scope=openid&prompt=consent&redirect_uri=https%3A%2F%2Ftb-test.idolmoba.com%2Fauth%2FcallBack%2Fding Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
challenge.htm
login.dingtalk.com/oauth2/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
g.alicdn.com/ |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
o.alicdn.com/dingding/bird/ |
68 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
g.alicdn.com/dingding/h5-dingtalk-login/0.52.2/ |
2 MB 331 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
et_f.js
g.alicdn.com/AWSC/et/1.77.3/ |
238 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp
csp.dingtalk.com/ |
9 B 198 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rp
fourier.taobao.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
g.alicdn.com/ |
30 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aplus_v2.js
g.alicdn.com/alilog/mlog/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
g.alicdn.com/alilog/ |
116 KB 43 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collina.js
g.alicdn.com/AWSC/uab/1.140.0/ |
243 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O1CN01SFzKuD28PF9A6X2RA_!!6000000007924-2-tps-360-210.png
img.alicdn.com/imgextra/i2/ |
17 KB 17 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font_2266628_5h8v9rx657m.woff2
at.alicdn.com/t/a/ |
3 KB 3 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O1CN01WElbd21CHEVIFcZwE_!!6000000000055-2-tps-180-180.png
img.alicdn.com/imgextra/i1/ |
9 KB 9 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O1CN01nbCqSO1dfV3JNFq7F_!!6000000003763-2-tps-600-360.png
img.alicdn.com/imgextra/i1/ |
485 B 793 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp
csp.dingtalk.com/ |
9 B 112 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eg.js
log.mmstat.com/ |
91 B 330 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O1CN01a2J40d1HtlqT5oBD8_!!6000000000816-2-tps-204-204.png
img.alicdn.com/imgextra/i1/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
arms.1.1
gm.mmstat.com/ |
43 B 133 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
g.alicdn.com/sd/baxia-entry/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
g.alicdn.com/secdev/sufei_data/3.9.14/ |
17 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v.gif
log.mmstat.com/ |
43 B 474 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
fourier.taobao.com/ |
0 59 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| baxiaCommon object| AWSC object| AWSCInner function| AWSCFY number| etrprtrt object| __BIRD_CONFIG object| __LOGIN_PAGE_VARS object| __BIRD_perf_data boolean| __BIRD_inited object| __BIRD object| __baxia__ number| g_aplus_grey_launched object| goldlog object| __awsc_et__ object| __etModule function| etSign function| clearImmediate function| setImmediate object| regeneratorRuntime function| TraceJSErrorPlugin function| TracePvPlugin function| TraceResourceErrorPlugin object| ali_analytics object| goldlog_queue number| g_tb_aplus_loaded number| aplus_spmact object| UA_Opt number| __acjs number| _uab_module object| __acjs_awsc_140 object| AWSC_UAB_MODULE object| g_SPM11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.dingtalk.com/oauth2 | Name: arms_uid Value: f6b97a4e-f8f6-440e-bbfd-4a1a74a8fa8e |
|
tb-test.idolmoba.com/ | Name: old_url Value: eyJpdiI6IlpERmo3U2dTUVltZXYvQzJjUEozTUE9PSIsInZhbHVlIjoidUk2bXZVT2t1NFRSVDRySzJFSkJFUHRxRWhXZU5nMHJhcVNXdVF5ZWpSbXRnNTkyWTU2dTdkVGphbmZydDZzaWNTR2x2RTNYbWMxc0N6czY1SmJOUFFtSW0yVG4vNlpGcGw1U01RTkh0REk9IiwibWFjIjoiZjI2NjU1NjJlZmI3ZjFjZWYwYjNjMWFlYTBiNGUyMDU0YWVlNDM2YjQ0Y2NjYmMxYzJmOWM3N2MwZDA1ZmYzYSIsInRhZyI6IiJ9 |
|
tb-test.idolmoba.com/ | Name: XSRF-TOKEN Value: eyJpdiI6InF3U1BLUERrMjBONGpXaFNhcEdVQ1E9PSIsInZhbHVlIjoiUHp2WkFhNTBhSXNtTVczRi9WSm1FWUMxTnNUVStUS1FXSFowM0R1T3N3L2J4bnArYUsybXNlWUd6dUR0b1Y2VUlDQlczLzJRZXlyeHlrZjdtTTVlNnU2QnM0eTRqN2RsdVA0NFpsd0QyNVBlUExMMWU4OG5QV2QwN2tKRkNJSFgiLCJtYWMiOiIwYWI2YjVmYjM3ODYwNTZkZWZkMDgzMDg0MWQ4YjE5NTJjOTk0MjE5NmIzNDIyYzkxMDEzYTkyN2QwMDE1YTk2IiwidGFnIjoiIn0%3D |
|
tb-test.idolmoba.com/ | Name: jam_tb_app_session Value: eyJpdiI6IktZVCtNT2JnenpKdjdqNXI3MEtVRUE9PSIsInZhbHVlIjoicHd6eGlTcUw1UUhQYnJieXdGcHJldXV5OC96bVE4U2pTSFFnWWV4TlJmVVZ1bTFwcVFjY09oaWw3UExHZmYyM1E1N1BCdy94TmhaN2loYjFKNHRTaG04VE9jcVR3Yit6NXZUb2twZis0ZkZzVDBDRmhXbEE5NTlCUlJqTWpUajUiLCJtYWMiOiJmODIyYTg1ZjFjZGMzM2U1MzZkMTc0NWMyNWQ4ZWVjZTk3OGI1NmY4YTNiZTYzYmQyMGJlY2JiYWNiYTUxMzViIiwidGFnIjoiIn0%3D |
|
.dingtalk.com/ | Name: tfstk Value: f2-KOniXlfc3fboLuUgMzhO1ekkimHpe6BJbq_f3PCd9_CRHKLv5e0d9guDeZBYOwCOOO60FKTwRe1-HZ2Roeud9gebWq_x8LhdYqkcE8LZRqgGmim0MKJSPVjXpAZ5CTTJ1NH9JsQJF4gGiimmDLpR0UaHdygMOfTXuPg_BNlMOFTVQPkOWCCDAJS9f1hvPZMt3bpCTVuFNpw1j01E7VhBLis9IuuZWX6Qe2D5zwS_HPK72x9iLg9L6HCIHcYy1BF92atOIskCXudsy7nxxLwF0TZ4IBAUzzMMZQ-IVW7FvDBBOivILzz7MQOCmBAUzzw6NBsDdvzzPSd5.. |
|
.dingtalk.com/ | Name: xlly_s Value: 1 |
|
.mmstat.com/ | Name: cna Value: I/x5Hh3WrgECAQAAAAC5h2PJ |
|
.dingtalk.com/ | Name: cna Value: I/x5Hh3WrgECAQAAAAC5h2PJ |
|
.dingtalk.com/ | Name: isg Value: BH19CEtnxG8l3WCDoVFKskKcjNl3GrFsOZ2vWj_CuVQDdp2oB2rBPEs0JrIwbckk |
|
.mmstat.com/ | Name: atpsida Value: 123abd132d3d984bb626cfaa_1710427683_1 |
|
.mmstat.com/ | Name: sca Value: 363f72c5 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
at.alicdn.com
csp.dingtalk.com
fourier.taobao.com
g.alicdn.com
gm.mmstat.com
img.alicdn.com
log.mmstat.com
login.dingtalk.com
o.alicdn.com
tb-test.idolmoba.com
118.190.152.250
123.183.232.34
203.119.145.40
2401:b180:2000:60::f
2401:b180:7003::2e
2404:2280:1b2:0:3::a
8.38.121.230
04975704505b42dc124568d9d4be26aee2d4592826a0487920cb1d016d1a8e58
144a42a1034cfe8f3292c85c8519ff66610816b9655bcd72658110a500f1bda0
21d7c4c5179b6b4e691516c84646cc18979033008bd248bb161a935579676f11
23948fca566004c16d67b8ccc5998c2fb1105dc91d1bf744b7b3bb1698c4b9d1
29b7217acb615f118fba97483fb6909f81af614d76294e7e1a4bc1d3d2506c9a
457adf535d0255a5c76df9e02d19216f6938454ca2bc9b250eb0c58266a131f9
58cf1234d43c5434d1b822a982a5f2e011a04fcaadf8fc451cfa078240e72e51
605dad7bafa50d95f789a7bd16ffada31e5ce4480543fc976dcd0c3d7bd79c44
73ba9233615bef14473b29ff5e0a6f056e608b639102787ceefbb31aaf335e21
78080cb0dc00ad932214aaf80f209e61f84851d84cb46510a5ee20204beb2339
7ea672f9ecb968acecda9b7f9ac3a7264a0f95988c431eabd3b022eb30bdbc16
8d2a9bd0f03da8a82a684dc6052d53355185974baf2b8f5b583fae596c136e44
91e3aead734b16237ac435737eea953e998b67576fc9f599b03d90104bf864d7
b5a2bd9623aedbb726720f96a6df2a14562e0dd24dfe3355ee4097251d960641
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1b963e028ef5da02abf178828baad6044bfca72cc8d35d67c7e2cea6eb10e4b
e3391c70fd24c8d9fb2baba10d14aa2f08d85aa1e15948fc57b67805267144cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e413dd4e95f59098983808ec9c59415780758009f67bf9a16c24c024b125bf57
f4425a89ec24254262bc3d81a838890e5c9740428e28cd96e520c5bf8ddffa4c
fe80304747ee08781702937bd4e525a7a5f7a4b6c90aea30213fc913d24536c8