thermocapa3internal.platformforscience.com Open in urlscan Pro
52.45.242.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thermocapa3internal.platformforscience.com/
Effective URL:
https://thermocapa3internal.platformforscience.com/corelims
Submission: On September 13 via automatic, source certstream-suspicious (September 13th 2024, 3:51:06 pm UTC) — Scanned from DE

Summary HTTP 9 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 52.45.242.14, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is thermocapa3internal.platformforscience.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on September 13th 2024. Valid for: a year.

This is the only time thermocapa3internal.platformforscience.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 8	52.45.242.14 52.45.242.14		14618 (AMAZON-AES) (AMAZON-AES)
9	2

8 52.45.242.14 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-242-14.compute-1.amazonaws.com

thermocapa3internal.platformforscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	platformforscience.com 1 redirects thermocapa3internal.platformforscience.com	287 KB
0	Failed function sub() { [native code] }. Failed
9	2

	Domain	Requested by
8	thermocapa3internal.platformforscience.com	1 redirects thermocapa3internal.platformforscience.com
0	_layouts Failed	thermocapa3internal.platformforscience.com
9	2

This site contains links to these domains. Also see Links.

Domain
www.corelims.com
www.coreinformatics.com

Subject Issuer	Validity	Valid
thermocapa3internal.platformforscience.com Amazon RSA 2048 M02	`2024-09-13` - `2025-10-13`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://thermocapa3internal.platformforscience.com/corelims
Frame ID: D2068083A8A452A71B67FB933634B13E
Requests: 5 HTTP requests in this frame

Frame: https://_layouts/signout.aspx
Frame ID: FD7EF5463E74D88CAB8C1AE22C132C3A
Requests: 2 HTTP requests in this frame

Frame: https://_layouts/signout.aspx
Frame ID: DD135DE83568440A23E6C32A12C9FCE6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PFS | Login

Page URL History Show full URLs

https://thermocapa3internal.platformforscience.com/ HTTP 302
https://thermocapa3internal.platformforscience.com/corelims Page URL

Page Statistics

9
Requests

78 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

286 kB
Transfer

283 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.corelims.com/

Search URL Search Domain Scan URL

URL: http://www.coreinformatics.com/
Title: Core Informatics

Search URL Search Domain Scan URL

URL: http://www.corelims.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thermocapa3internal.platformforscience.com/ HTTP 302
https://thermocapa3internal.platformforscience.com/corelims Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request corelims Show response
thermocapa3internal.platformforscience.com/
Redirect Chain

https://thermocapa3internal.platformforscience.com/
https://thermocapa3internal.platformforscience.com/corelims

5 KB
5 KB

106ms
106ms

Document
text/html

52.45.242.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thermocapa3internal.platformforscience.com/corelims

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.45.242.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-242-14.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

91136e002567866d1d9f8aaef22c1d30150a4dc270d9e3c1587cb24f0c67fd1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 4684
Content-Type: text/html;charset=UTF-8
Date: Fri, 13 Sep 2024 15:51:01 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
correlationId: f24227ed-1eab-4639-bbbc-2f80e7d45404
tenantId: UNKNOWN
vary: Origin

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html;charset=UTF-8
Date: Fri, 13 Sep 2024 15:51:01 GMT
Location: corelims
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
correlationId: a0920f5f-2d27-4ab6-966f-b4d4f67a7d14
tenantId: UNKNOWN
vary: Origin

GET
H/1.1 200 core.css
thermocapa3internal.platformforscience.com/webjars/assets/css/ 269 KB
270 KB 203ms
202ms Stylesheet
text/css 52.45.242.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thermocapa3internal.platformforscience.com/webjars/assets/css/core.css?v=dddf59d8ac365845c29a50b2cb3b07c74407b61c

Requested by

Host: thermocapa3internal.platformforscience.com
URL: https://thermocapa3internal.platformforscience.com/corelims

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.45.242.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-242-14.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

cde26fd5c9400a155ed95175fd021497c0639a5312924532f22ae57edd3ff33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thermocapa3internal.platformforscience.com/corelims
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

correlationId: 02006aa5-504c-4938-97b0-43efbb308f61
Date: Fri, 13 Sep 2024 15:51:01 GMT
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 275758
Last-Modified: Thu, 13 Jan 2022 09:19:32 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
ETag: W/"275758-1642065572000"
vary: Origin
tenantId: UNKNOWN
Content-Type: text/css;charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
Accept-Ranges: bytes
Expires: Sat, 14 Sep 2024 15:51:02 GMT

GET
H/1.1 200 loginstyle.css
thermocapa3internal.platformforscience.com/core/css/ 2 KB
3 KB 300ms
101ms Stylesheet
text/css 52.45.242.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thermocapa3internal.platformforscience.com/core/css/loginstyle.css?v=dddf59d8ac365845c29a50b2cb3b07c74407b61c

Requested by

Host: thermocapa3internal.platformforscience.com
URL: https://thermocapa3internal.platformforscience.com/corelims

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.45.242.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-242-14.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

f7c1c389717adfddc717b0e7bfd78131c7727e075260c8531470693c47c4c8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thermocapa3internal.platformforscience.com/corelims
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

correlationId: ec0f48c1-5616-4b38-b6d0-54910167cf7b
Date: Fri, 13 Sep 2024 15:51:01 GMT
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2300
Last-Modified: Fri, 13 Sep 2024 02:46:36 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
ETag: W/"2300-1726195596000"
vary: Origin
tenantId: UNKNOWN
Content-Type: text/css;charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
Accept-Ranges: bytes
Expires: Sat, 14 Sep 2024 15:51:02 GMT

GET
H/1.1 200 Platform-For-Science-Logo.png
thermocapa3internal.platformforscience.com/core/images5/ 4 KB
4 KB 102ms
102ms Image
image/png 52.45.242.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thermocapa3internal.platformforscience.com/core/images5/Platform-For-Science-Logo.png

Requested by

Host: thermocapa3internal.platformforscience.com
URL: https://thermocapa3internal.platformforscience.com/core/css/loginstyle.css?v=dddf59d8ac365845c29a50b2cb3b07c74407b61c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.45.242.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-242-14.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

7446c7de42eabc53b2e4eb65c303939147e06602f16c4cd77ff55831cca269ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thermocapa3internal.platformforscience.com/core/css/loginstyle.css?v=dddf59d8ac365845c29a50b2cb3b07c74407b61c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

correlationId: 75f0261c-c346-4179-aaa1-a5a22a1444d4
Date: Fri, 13 Sep 2024 15:51:01 GMT
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 3669
Last-Modified: Fri, 13 Sep 2024 02:46:36 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
ETag: W/"3669-1726195596000"
vary: Origin
tenantId: UNKNOWN
Content-Type: image/png;charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
Accept-Ranges: bytes
Expires: Sat, 14 Sep 2024 15:51:02 GMT

GET
H/1.1 200 MSOfficeWebAppLogout.jsp Show response
thermocapa3internal.platformforscience.com/core/ Frame FD7E 587 B
963 B 117ms
116ms Document
text/html 52.45.242.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thermocapa3internal.platformforscience.com/core/MSOfficeWebAppLogout.jsp?

Requested by

Host: thermocapa3internal.platformforscience.com
URL: https://thermocapa3internal.platformforscience.com/corelims

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.45.242.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-242-14.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

a6ad4846bfd2710f166e345fd1375e4f48f5d19d1e5362def483110bd69200a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thermocapa3internal.platformforscience.com/corelims
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 587
Content-Type: text/html;charset=UTF-8
Date: Fri, 13 Sep 2024 15:51:01 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
correlationId: abf491de-49c3-4c62-b9ad-697304fce786
tenantId: UNKNOWN
vary: Origin

GET
H/1.1 200 MSOfficeWebAppLogout.jsp Show response
thermocapa3internal.platformforscience.com/core/ Frame DD13 587 B
963 B 223ms
107ms Document
text/html 52.45.242.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thermocapa3internal.platformforscience.com/core/MSOfficeWebAppLogout.jsp?

Requested by

Host: thermocapa3internal.platformforscience.com
URL: https://thermocapa3internal.platformforscience.com/corelims

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.45.242.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-242-14.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

a6ad4846bfd2710f166e345fd1375e4f48f5d19d1e5362def483110bd69200a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thermocapa3internal.platformforscience.com/corelims
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 587
Content-Type: text/html;charset=UTF-8
Date: Fri, 13 Sep 2024 15:51:01 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
correlationId: 0cd48500-6768-4d4d-a888-1cf7a921479b
tenantId: UNKNOWN
vary: Origin

GET signout.aspx
_layouts/ Frame FD7E 0
0

GET signout.aspx
_layouts/ Frame DD13 0
0

GET
H/1.1 200 favicon5.ico
thermocapa3internal.platformforscience.com/core/ 2 KB
3 KB 102ms
102ms Other
image/x-icon 52.45.242.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thermocapa3internal.platformforscience.com/core/favicon5.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.45.242.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-242-14.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

498dc77b03f8bafb62ab553ef46f747eea4f1d73b634c8693fa55c0756cd5a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thermocapa3internal.platformforscience.com/corelims
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

correlationId: cc6dae4b-63d2-4bdd-a990-a968189fd5fe
Date: Fri, 13 Sep 2024 15:51:01 GMT
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2461
Last-Modified: Fri, 13 Sep 2024 02:46:34 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
ETag: W/"2461-1726195594000"
vary: Origin
tenantId: UNKNOWN
Content-Type: image/x-icon;charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
Accept-Ranges: bytes
Expires: Sat, 14 Sep 2024 15:51:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: _layouts
URL: https://_layouts/signout.aspx

Domain: _layouts
URL: https://_layouts/signout.aspx

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			thermocapa3internal.platformforscience.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: B218ECB6DBBD1E399F90DE2A0A322DE7
			thermocapa3internal.platformforscience.com/	1969-12-31 23:59:59	Name: AWSELB Value: 0577C1750634D987BA038ECD598D21C3F909E36DEF61D055FDDDD16CD154E0AD65E02A257163203F9F2262F6216EE7CCB9D6CACC5162BD8074C984C0C483EE8C1DE580C1F81A1245CE635B58065CF7671353A8E6D7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

_layouts
thermocapa3internal.platformforscience.com
_layouts
52.45.242.14
498dc77b03f8bafb62ab553ef46f747eea4f1d73b634c8693fa55c0756cd5a35
7446c7de42eabc53b2e4eb65c303939147e06602f16c4cd77ff55831cca269ad
91136e002567866d1d9f8aaef22c1d30150a4dc270d9e3c1587cb24f0c67fd1c
a6ad4846bfd2710f166e345fd1375e4f48f5d19d1e5362def483110bd69200a4
cde26fd5c9400a155ed95175fd021497c0639a5312924532f22ae57edd3ff33b
f7c1c389717adfddc717b0e7bfd78131c7727e075260c8531470693c47c4c8a5

thermocapa3internal.platformforscience.com Open in urlscan Pro 52.45.242.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

78 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

286 kBTransfer

283 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

thermocapa3internal.platformforscience.com Open in urlscan Pro
52.45.242.14 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

78 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

286 kB
Transfer

283 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions