urlscan.io logo urlscan.io
SecurityTrails logo

ilpportal.zenzero.co.uk Open in urlscan Pro
20.68.242.131  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://discourse.lightingforgood.org.uk/
Effective URL: https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb1...
Submission Tags: phishingrod
Submission: On November 29 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 20.68.242.131, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ilpportal.zenzero.co.uk.
TLS certificate: Issued by Gandi Standard SSL CA 2 on November 25th 2021. Valid for: a year.
This is the only time ilpportal.zenzero.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2602:fd3f:3:f... 6939 (HURRICANE)
6 20.68.242.131 8075 (MICROSOFT...)
6 1
Apex Domain
Subdomains		 Transfer
6 zenzero.co.uk
ilpportal.zenzero.co.uk
150 KB
2 lightingforgood.org.uk
discourse.lightingforgood.org.uk
4 KB
6 2
Domain Requested by
6 ilpportal.zenzero.co.uk ilpportal.zenzero.co.uk
2 discourse.lightingforgood.org.uk 2 redirects
6 2

This site contains links to these domains. Also see Links.

Domain
www.zenzero.co.uk
www.theilp.org.uk
Subject Issuer Validity Valid
*.zenzero.co.uk
Gandi Standard SSL CA 2		 2021-11-25 -
2022-12-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
Frame ID: 47CE1617343C383895A0FACAF19A2DE1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Discourse sign in

Page URL History Show full URLs

  1. https://discourse.lightingforgood.org.uk/ HTTP 302
    https://discourse.lightingforgood.org.uk/session/sso HTTP 302
    https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYm... Page URL

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

150 kB
Transfer

360 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://discourse.lightingforgood.org.uk/ HTTP 302
    https://discourse.lightingforgood.org.uk/session/sso HTTP 302
    https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request DiscourseLoginSso
ilpportal.zenzero.co.uk/Account/
Redirect Chain
  • https://discourse.lightingforgood.org.uk/
  • https://discourse.lightingforgood.org.uk/session/sso
  • https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayU...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.68.242.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4b00850ee66d24886e78aadee645ddf4292faf1ea6f9a612af4a0b2a70fe54b8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
2048
content-type
text/html; charset=utf-8
date
Tue, 29 Nov 2022 01:01:41 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET

Redirect headers

cache-control
no-cache, no-store
cdck-proxy-id
app-router-tiehunter03.sea2 app-balancer-tieinterceptor1b.sea2
content-security-policy
upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src https://discourse.lightingforgood.org.uk/logs/ https://discourse.lightingforgood.org.uk/sidekiq/ https://discourse.lightingforgood.org.uk/mini-profiler-resources/ https://global.discourse-cdn.com/business7/assets/ https://global.discourse-cdn.com/business7/brotli_asset/ https://discourse.lightingforgood.org.uk/extra-locales/ https://sea2.discourse-cdn.com/business7/highlight-js/ https://sea2.discourse-cdn.com/business7/javascripts/ https://sea2.discourse-cdn.com/business7/plugins/ https://sea2.discourse-cdn.com/business7/theme-javascripts/ https://sea2.discourse-cdn.com/business7/svg-sprite/ 'sha256-HZxBMVZe6P3MvHDZlFai9cUmLH+qwX6BNT3qTwNPATg='; worker-src 'self' https://global.discourse-cdn.com/business7/assets/ https://global.discourse-cdn.com/business7/brotli_asset/ https://sea2.discourse-cdn.com/business7/javascripts/ https://sea2.discourse-cdn.com/business7/plugins/; frame-ancestors 'self'; manifest-src 'self'
content-type
text/html; charset=utf-8
date
Tue, 29 Nov 2022 01:01:41 GMT
discourse-no-onebox
1
location
https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Accept
x-content-type-options
nosniff
x-discourse-route
session/sso
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
c618f2df-468f-498f-950d-0d0faa2b8e0b
x-xss-protection
0
css
ilpportal.zenzero.co.uk/Content/ 		135 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ilpportal.zenzero.co.uk/Content/css?v=E8XQ6wzCBiWvAnEIb3EMikRBctnpMqfSFsDToiVeDR41
Requested by
Host: ilpportal.zenzero.co.uk
URL: https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.68.242.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
535f924076abdfb3e1525953ccee7a9a59ddde3eb38e22c186bc63b08f6fdfb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 01:01:41 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 01:01:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public
content-length
32232
expires
Wed, 29 Nov 2023 01:01:41 GMT
modernizr
ilpportal.zenzero.co.uk/bundles/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ilpportal.zenzero.co.uk/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by
Host: ilpportal.zenzero.co.uk
URL: https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.68.242.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 01:01:41 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 01:01:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
5292
expires
Wed, 29 Nov 2023 01:01:41 GMT
ILP_Logo.png
ilpportal.zenzero.co.uk/Assets/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ilpportal.zenzero.co.uk/Assets/ILP_Logo.png
Requested by
Host: ilpportal.zenzero.co.uk
URL: https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.68.242.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c8fe8b9a2840fcb0dd0ac7bb8766b6f468f137f6bc2da202d8e24d5320b7bdec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 01:01:41 GMT
last-modified
Mon, 23 Oct 2017 11:59:26 GMT
server
Microsoft-IIS/10.0
etag
"0e37d5ff64bd31:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
42660
jquery
ilpportal.zenzero.co.uk/bundles/ 		112 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ilpportal.zenzero.co.uk/bundles/jquery?v=dwcPQws5SGcxh80R9qoEfReSZQEDXmU8L2hdfWo7FDA1
Requested by
Host: ilpportal.zenzero.co.uk
URL: https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.68.242.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
03c825e523bff74038ba53454d5705cf57054dc6b7907ab1365f63f9ca27d2d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 01:01:41 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 01:01:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
50253
expires
Wed, 29 Nov 2023 01:01:41 GMT
bootstrap
ilpportal.zenzero.co.uk/bundles/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ilpportal.zenzero.co.uk/bundles/bootstrap?v=-H0jpPMe_TI0TIuYB2ZfR5cqF6L7xyEoHjm-psZCb2M1
Requested by
Host: ilpportal.zenzero.co.uk
URL: https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.68.242.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
042cbc0047a80356037f5f651feccd115bef1e4f37fa02fe2d08a8b9b66f4415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ilpportal.zenzero.co.uk/Account/DiscourseLoginSso?sso=bm9uY2U9N2FhMjM2ZWY4MDA0NjM5OWM4YjA2OWZlNGUxYmZkYWYmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UubGlnaHRpbmdmb3Jnb29kLm9yZy51ayUyRnNlc3Npb24lMkZzc29fbG9naW4%3D&sig=15bcc3bf269f5ab2c8caaae17133405f7375a94f4ee5828966ca67ae12583f8f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 01:01:41 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 01:01:41 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
20687
expires
Wed, 29 Nov 2023 01:01:41 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr function| $ function| jQuery object| respond

2 Cookies

Domain/Path Name / Value
discourse.lightingforgood.org.uk/ Name: _forum_session
Value: AvfUQgt86TM%2B2qwmxeYVPCetmzEfIxmhcL6c5g6BEEDMFOxZIKLo1rlWinn6Y3INrrA64FgDpyGa%2BAEYQt9BMy1PlN9sGquVCh0txUHNngxbyiH4UFs5uOqwewItHNxzrKA1%2Fi0C4L7cFxN%2Bisfwxv5IPZx6NC1IG9rRaC7BYF%2Bt2dlfd8Ha4smaQGg%2FhR9eEcI22S5m%2Fa6uLphPV6M4zpRuaH55pefN9ai9XI9uRwTTM1NmoAZw4OVeG1uvCEMkmHmUtyby0SKM8N69VYQ%3D--3oQbZuCXgrY%2FLxcu--pxe4wtEbRdtaTJenIoyk%2BA%3D%3D
ilpportal.zenzero.co.uk/ Name: __RequestVerificationToken
Value: OT58TuZ_hReDgeoudvGE7jxrezYBgUDe6-W1Hbxd1SMWhzxcthIV67ZQh9On6ipcxkI4zVT3unRXdOh0MM-XwAeIDswSAGBVyVP41pFmCSI1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN