![](/screenshots/640e2141-d65a-4057-810e-96cbe915c3a2.png)
login.microsoftonline.com
Open in
urlscan Pro
2603:1016:1400:70::4
Public Scan
Effective URL: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?domain_hint=zea-ship.com&client_id=a219aebc-6919-4994-aa82-f...
Submission Tags: @phish_report
Submission: On February 12 via api from FI — Scanned from NZ
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 18th 2023. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 20.52.182.15 20.52.182.15 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2404:6800:400... 2404:6800:4006:809::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2603:1016:140... 2603:1016:1400:70::4 | () () | |
19 | 5 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
one.zea-ship.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
zea-ship.com
1 redirects
one.zea-ship.com |
942 KB |
1 |
microsoftonline.com
login.microsoftonline.com |
|
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223 |
19 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
1 KB |
0 |
msauth.net
Failed
aadcdn.msauth.net Failed |
|
19 | 5 |
Domain | Requested by | |
---|---|---|
14 | one.zea-ship.com |
1 redirects
one.zea-ship.com
|
1 | login.microsoftonline.com |
one.zea-ship.com
|
1 | cdnjs.cloudflare.com |
one.zea-ship.com
|
1 | fonts.googleapis.com |
one.zea-ship.com
|
0 | aadcdn.msauth.net Failed |
login.microsoftonline.com
|
19 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
one.zea-ship.com R3 |
2024-01-12 - 2024-04-11 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2023-11-18 - 2024-11-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?domain_hint=zea-ship.com&client_id=a219aebc-6919-4994-aa82-fcc0e54e66db&redirect_uri=https%3a%2f%2fone.zea-ship.com&response_type=code&response_mode=query&scope=openid%20https://graph.microsoft.com/user.read
Frame ID: 27DD273699D1A4EB202A529E0FD16188
Requests: 19 HTTP requests in this frame
Screenshot
![](/screenshots/640e2141-d65a-4057-810e-96cbe915c3a2.png)
Page URL History Show full URLs
-
http://one.zea-ship.com/
HTTP 307
https://one.zea-ship.com/ Page URL
- https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?domain_hint=zea-ship.com&client_id=a219a... Page URL
Detected technologies
Detected patterns
- moment(?:\.min)?\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://one.zea-ship.com/
HTTP 307
https://one.zea-ship.com/ Page URL
- https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?domain_hint=zea-ship.com&client_id=a219aebc-6919-4994-aa82-fcc0e54e66db&redirect_uri=https%3a%2f%2fone.zea-ship.com&response_type=code&response_mode=query&scope=openid%20https://graph.microsoft.com/user.read Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://one.zea-ship.com/ HTTP 307
- https://one.zea-ship.com/
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
one.zea-ship.com/ Redirect Chain
|
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.min.css
one.zea-ship.com/comp/ |
31 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui.css
one.zea-ship.com/core/ |
154 KB 155 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
one.zea-ship.com/app/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js
one.zea-ship.com/comp/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.min.js
one.zea-ship.com/comp/ |
249 KB 250 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
moment.min.js
one.zea-ship.com/comp/ |
57 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reporting.js
one.zea-ship.com/core/ |
114 KB 115 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signalr.min.js
cdnjs.cloudflare.com/ajax/libs/microsoft-signalr/3.1.7/ |
118 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui.js
one.zea-ship.com/core/ |
35 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
one.zea-ship.com/app/ |
45 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
controls.js
one.zea-ship.com/core/ |
59 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.js
one.zea-ship.com/core/ |
91 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkLogin
one.zea-ship.com/api/app/ |
324 B 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.com/organizations/oauth2/v2.0/ |
37 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ConvergedLogin_PCore_mhdbJ62YdCWpzYzhbauKwg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ux.converged.login.strings-en.min_zn1jlr3oaoh2ceggl3w3fw2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- aadcdn.msauth.net
- URL
- https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
- Domain
- aadcdn.msauth.net
- URL
- https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_mhdbJ62YdCWpzYzhbauKwg2.js
- Domain
- aadcdn.msauth.net
- URL
- https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_zn1jlr3oaoh2ceggl3w3fw2.js
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
one.zea-ship.com/ | Name: AzureAppProxyAnalyticCookie_a219aebc-6919-4994-aa82-fcc0e54e66db_1.3 Value: 4|WEZDYvTMaDoJ7hzmggObe6WsrUOUWyu1+ulV0PcFWtdTmpRtt6fgt9hvAcXglsxM16RBVejduQK/qCd0UcNopNj9Hccph+ktAvkjCw4xS159T5IShCM4g4wLROMWjttJk5yByv6+iMo8kGIz6FoYTw== |
|
one.zea-ship.com/ | Name: AzureAppProxyAnalyticCookie_a219aebc-6919-4994-aa82-fcc0e54e66db_https_1.3 Value: 4|ETgX307PsDQ2SCvIyuTLHD2RtnJtkhFiVlT0GfLWCe++lr3ACXyEUKgHX9K1+OI2nTYXdrnu+atd/Fecrh5vbip7px5HOZm3DrGDCTjf6bbsJLEsEb3VMy37zkuFVjQVIgOMTpWrCKv2NTgaggJfqg== |
|
one.zea-ship.com/ | Name: .zeaone.session Value: CfDJ8Mhz4YrVur1Fvg7C8Xi5HkLUGl5mJJBGNysMkH5z5CZf2cjCmS6upb%2BF84ZBnXVq1U9uQoaGt7NA9QhANO%2Bp6SK6hk20PHlGAKezjtz1XWYp9IrCD2HKp7Gm1hvT2q266vYPv1N2V3wW%2FNjFR6eAueRCBqb4oKJSODa8PKochyKC |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
cdnjs.cloudflare.com
fonts.googleapis.com
login.microsoftonline.com
one.zea-ship.com
aadcdn.msauth.net
20.52.182.15
2404:6800:4006:809::200a
2603:1016:1400:70::4
2606:4700::6811:190e
16dbc1f7686b3191b032891b8b2adb7319885e8862218e3c6641f2cc061a5c88
2c84ce9878816c157fe8ad7cbea7784c3d92901a5c9e4100b063d4d585845b0b
32b4f70ac5b44fb35a46ce4280cbefe3a7a3075f3fce6c7129e67359b2162119
5b4cfccd0255ffd1e3b728a687bba3b31d991040c78525fb6bf98362e9da6c0a
6f619d2f1388df16c8731ae47545643054fd7ce90b74c8d5de3748209cdbae40
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526
83484f198f04cc3476de1f81b46ebae66ec4c9edfcb4e3f9c30c8f8a743df405
9902b914924a612bf1f3ff18c346bb9de711f9c2639291e21cefa9b49210c9d4
a0662dd90ee81610ad080a3d9f631bcbb6c294a460de72716a1c1355dd43e7db
a2dd9f032e9162aa26a988621d9a07bb8ef1b1136d7a1a7efa4af779025b13fc
d5755741c2ca60a793e70be8bef7f83814965ec7b64041a5ed2a0116228dc4d9
e1ead995d337ef02ec830f4ffa513b92b98c7eacfccfcfa2ad8c61cf9064bea0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e