login.on-premises.dingtalk.com
Open in
urlscan Pro
39.96.127.246
Public Scan
Effective URL: https://login.on-premises.dingtalk.com/qrlogin/webAppLogin.htm?APP_NAME=ar-tzjc_dingoa&protocolKey=8d44f2e0-bb4b-44c8-96f4-7e7304650c30...
Submission: On June 18 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on May 29th 2024. Valid for: a year.
This is the only time login.on-premises.dingtalk.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 16 | 39.96.127.246 39.96.127.246 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
19 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
dingtalk.com
login.on-premises.dingtalk.com fe-static.on-premises.dingtalk.com |
2 MB |
6 |
dg-work.cn
2 redirects
emm-manager.dg-work.cn login.dg-work.cn |
307 KB |
0 |
aliyuncs.com
Failed
zwdd-saas-configuration-pre.oss-cn-north-2-gov-1.aliyuncs.com Failed |
|
0 |
effirst.com
Failed
px.effirst.com Failed |
|
19 | 4 |
Domain | Requested by | |
---|---|---|
7 | fe-static.on-premises.dingtalk.com |
login.on-premises.dingtalk.com
fe-static.on-premises.dingtalk.com |
5 | emm-manager.dg-work.cn |
1 redirects
emm-manager.dg-work.cn
|
3 | login.on-premises.dingtalk.com |
emm-manager.dg-work.cn
fe-static.on-premises.dingtalk.com login.on-premises.dingtalk.com |
1 | login.dg-work.cn | 1 redirects |
0 | zwdd-saas-configuration-pre.oss-cn-north-2-gov-1.aliyuncs.com Failed |
login.on-premises.dingtalk.com
|
0 | px.effirst.com Failed |
fe-static.on-premises.dingtalk.com
|
19 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.dg-work.cn GlobalSign Organization Validation CA - SHA256 - G3 |
2024-04-10 - 2025-05-12 |
a year | crt.sh |
on-premises.dingtalk.com GlobalSign RSA OV SSL CA 2018 |
2024-05-29 - 2025-06-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.on-premises.dingtalk.com/qrlogin/webAppLogin.htm?APP_NAME=ar-tzjc_dingoa&protocolKey=8d44f2e0-bb4b-44c8-96f4-7e7304650c30&protocol=oauth2&BACK_URL=https://emm-manager.dg-work.cn/index&scope=get_user_info&state=
Frame ID: 7727A5D1AC9632159DFF314FC32F5D88
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
δΈζιιPage URL History Show full URLs
-
https://emm-manager.dg-work.cn/
HTTP 302
http://emm-manager.dg-work.cn/index HTTP 307
https://emm-manager.dg-work.cn/index Page URL
-
https://login.dg-work.cn/oauth2/auth.htm?response_type=code&client_id=ar-tzjc_dingoa&redirect_uri=htt...
HTTP 302
https://login.on-premises.dingtalk.com/qrlogin/webAppLogin.htm?APP_NAME=ar-tzjc_dingoa&protocolKey=8d44f2e0-bb4b-44... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://emm-manager.dg-work.cn/
HTTP 302
http://emm-manager.dg-work.cn/index HTTP 307
https://emm-manager.dg-work.cn/index Page URL
-
https://login.dg-work.cn/oauth2/auth.htm?response_type=code&client_id=ar-tzjc_dingoa&redirect_uri=https://emm-manager.dg-work.cn/index&scope=get_user_info&authType=QRCODE
HTTP 302
https://login.on-premises.dingtalk.com/qrlogin/webAppLogin.htm?APP_NAME=ar-tzjc_dingoa&protocolKey=8d44f2e0-bb4b-44c8-96f4-7e7304650c30&protocol=oauth2&BACK_URL=https://emm-manager.dg-work.cn/index&scope=get_user_info&state= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://emm-manager.dg-work.cn/ HTTP 302
- http://emm-manager.dg-work.cn/index HTTP 307
- https://emm-manager.dg-work.cn/index
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
index
emm-manager.dg-work.cn/ Redirect Chain
|
885 B 916 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
emm-manager.dg-work.cn/static/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-5e0e1d03.js
emm-manager.dg-work.cn/static/js/ |
724 KB 229 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-131da112.css
emm-manager.dg-work.cn/static/css/ |
549 KB 75 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
webAppLogin.htm
login.on-premises.dingtalk.com/qrlogin/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global.css
fe-static.on-premises.dingtalk.com/legao/zwding_sso_pc/3.7.0/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web.css
fe-static.on-premises.dingtalk.com/legao/zwding_sso_pc/3.7.0/ |
90 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-web.js
fe-static.on-premises.dingtalk.com/legao/zwding_sso_pc/3.7.0/ |
1 MB 361 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
render-engine.min.js
fe-static.on-premises.dingtalk.com/legao/zwding_sso_pc/3.7.0/lib/ |
311 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web.js
fe-static.on-premises.dingtalk.com/legao/zwding_sso_pc/3.7.0/ |
5 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0975a66af2c090255918a73105de14db.css
fe-static.on-premises.dingtalk.com/legao/zwding_sso_pc/3.7.0/lib/ |
404 KB 62 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca5378045ab1ba176eb78caadeaf66ab.css
fe-static.on-premises.dingtalk.com/legao/zwding_sso_pc/3.7.0/lib/ |
306 KB 64 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FORM-3KYJN7RV-HU9EXY9Q1QQTW54XE7923-RJ6K458K-9__nav.js
login.on-premises.dingtalk.com/legao/zwding_sso_pc/3.7.0/lib/ |
53 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18n.json
login.on-premises.dingtalk.com/zwding_sso_pc/2.5.0/static/ |
9 KB 0 |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jconfig
px.effirst.com/api/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
generate_qrcode.json
login.on-premises.dingtalk.com/rpc/login/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0fb79b85-bd7b-4b0b-82d3-417124286cf8.png
zwdd-saas-configuration-pre.oss-cn-north-2-gov-1.aliyuncs.com/mozi-console/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
TB1mUH0zrH1gK0jSZFwXXc7aXXa-112-112.png
login.on-premises.dingtalk.com/legao/zwding_sso_pc/3.7.0/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
upload
px.effirst.com/api/v1/jssdk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- px.effirst.com
- URL
- https://px.effirst.com/api/v1/jconfig?wpk-header=app%3Dmozi_sso_pc%26tm%3D1718706800%26ud%3D43aa2197-597a-491a-0a4a-990f7286df2f%26sver%3D2.3.18%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce
- Domain
- login.on-premises.dingtalk.com
- URL
- https://login.on-premises.dingtalk.com/rpc/login/generate_qrcode.json
- Domain
- zwdd-saas-configuration-pre.oss-cn-north-2-gov-1.aliyuncs.com
- URL
- https://zwdd-saas-configuration-pre.oss-cn-north-2-gov-1.aliyuncs.com/mozi-console/0fb79b85-bd7b-4b0b-82d3-417124286cf8.png
- Domain
- login.on-premises.dingtalk.com
- URL
- https://login.on-premises.dingtalk.com/legao/zwding_sso_pc/3.7.0/img/TB1mUH0zrH1gK0jSZFwXXc7aXXa-112-112.png
- Domain
- px.effirst.com
- URL
- https://px.effirst.com/api/v1/jssdk/upload?wpk-header=app%3Dmozi_sso_pc%26cp%3Dnone%26de%3D4%26seq%3D1718706800489%26tm%3D1718706800%26ud%3D816ced22-eb6e-4365-8be9-b1049569e3bb%26ver%3D%26type%3Dflow%26sver%3D2.3.18%26sign%3D9bf8a190ef82c5049df7b199c599c45b&uc_param_str=prveosfrnwutmisv
Verdicts & Comments Add Verdict or Comment
36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| React object| ReactDOM object| ReactRouter object| ReactRouterDOM object| PropTypes function| _ object| Immutable object| Highcharts function| nattyStorage object| nattyFetch number| mce-data-1i0legke8 object| tinyMCE object| tinymce object| g_config object| __visionStyleProcessor function| StoreEngine object| RenderEngine string| __webpack_public_path__ object| __vu_switch_schema_sdk__ object| __components function| __injectComponent object| regeneratorRuntime object| pageConfig object| LeGao object| __visionStyleSheet object| __core-js_shared__ function| filterCSS function| filterXSS object| __dingtalk_api_invoker__ object| AES_CONFIG object| LeGaoZwdingSsoPc undefined| __loadSchema object| ctx11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.on-premises.dingtalk.com/qrlogin | Name: __itrace_wid Value: 816ced22-eb6e-4365-8be9-b1049569e3bb |
|
emm-manager.dg-work.cn/ | Name: acw_tc Value: 276077c017187067702508709e58502863c75cc38dd32d97319c57c80dce8f |
|
emm-manager.dg-work.cn/ | Name: x-hng Value: lang=zh-CN |
|
login.dg-work.cn/ | Name: acw_tc Value: 276077c017187067746978876e5850582c14cfb330f2f8cb8b51e1a2824a3b |
|
login.dg-work.cn/ | Name: BUC_LOGIN_LANG_COOKIE Value: zh_CN |
|
login.dg-work.cn/ | Name: BucSsoJSESSIONID Value: b6ac1395-c0bd-4480-a133-4f261a299a20 |
|
login.on-premises.dingtalk.com/ | Name: acw_tc Value: 276077c617187067758674293ef2bb7b5a2388dc2d0d1c7a6744cf5aba7a0b |
|
login.on-premises.dingtalk.com/ | Name: BUC_LOGIN_LANG_COOKIE Value: zh_CN |
|
login.on-premises.dingtalk.com/ | Name: _sso_csrftoken_ Value: UeTo2GU |
|
login.on-premises.dingtalk.com/ | Name: BucSsoJSESSIONID Value: be1e8fe6-3f72-4ec4-88fc-b3fe6483c500 |
|
fe-static.on-premises.dingtalk.com/ | Name: acw_tc Value: 276077c617187067762664315ef2bb4f2dda9f697ee0c1afea71db5b585e7d |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
emm-manager.dg-work.cn
fe-static.on-premises.dingtalk.com
login.dg-work.cn
login.on-premises.dingtalk.com
px.effirst.com
zwdd-saas-configuration-pre.oss-cn-north-2-gov-1.aliyuncs.com
login.on-premises.dingtalk.com
px.effirst.com
zwdd-saas-configuration-pre.oss-cn-north-2-gov-1.aliyuncs.com
39.96.127.246
0a1ca6e77005f5893949177c554ea99c0b96c6f8d489dd3f7b47281803253c54
131da112186de6ce978da022e60e7add854a90b09a083883e018089917733360
1c7a03a353f48be70fea72b645821a6923b52d2e101a5435da37579c1ab6c2ee
2b8cc5e9ca3a8ad11e9386e9c752d9c70ad0eb38a6480a2c8b6665f9b42f15cb
402a753a10487c19169167f1280f38fa169372af2a903f0f6bbd554bef7b01d6
468d761fbc1a3abdc13ca4f989d3384a14f3c2079d9096320c6d6eac624faaf4
5cdaa4b1cfbd69cdaae01c1b78ac94c37ccc969b868129e784453687253f3586
62c9941dc07bcc0db9b58e4174fa87b127e5db5b820a51758a7d7fd71c5c691e
709546cf0df2c106acea31eed77ab391651d27b2d95dd39bd6f9912c4a47c27c
743bceb7acd5d522bba9997949b8f810b067b9dc6063c629c3b6874e0106a694
752bf77808a920551cdcdf7aeaa17a06b14c6ce6586869a712ee6e9efdf7d23c
82e6c32ad6834f0b11135a9bf4e003ad0fb0870f8b2a0e07020deae60488e4ae
aa72eb58556d0e5169ffac6fec2a580c8c6662f9d507c7a4717c99afd9bcc53f