point-homeofficeukuk.s3.us-east-2.amazonaws.com
Open in
urlscan Pro
52.219.111.50
Malicious Activity!
Public Scan
Effective URL: https://point-homeofficeukuk.s3.us-east-2.amazonaws.com/homeoffice.htm
Submission: On October 01 via api — Scanned from NL
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on February 29th 2024. Valid for: a year.
This is the only time point-homeofficeukuk.s3.us-east-2.amazonaws.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 6 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 52.219.111.50 52.219.111.50 | 16509 (AMAZON-02) (AMAZON-02) | |
17 | 108.128.238.148 108.128.238.148 | 16509 (AMAZON-02) (AMAZON-02) | |
24 | 4 |
ASN13335 (CLOUDFLARENET, US)
home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
point-homeofficeukuk.s3.us-east-2.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-238-148.eu-west-1.compute.amazonaws.com
www.points.homeoffice.gov.uk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
homeoffice.gov.uk
www.points.homeoffice.gov.uk — Cisco Umbrella Rank: 460999 |
68 KB |
6 |
workers.dev
2 redirects
home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev |
9 KB |
2 |
amazonaws.com
point-homeofficeukuk.s3.us-east-2.amazonaws.com Failed |
12 KB |
24 | 3 |
Domain | Requested by | |
---|---|---|
17 | www.points.homeoffice.gov.uk |
point-homeofficeukuk.s3.us-east-2.amazonaws.com
www.points.homeoffice.gov.uk |
6 | home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev |
2 redirects
home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev
|
2 | point-homeofficeukuk.s3.us-east-2.amazonaws.com | |
24 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.gov.uk |
www.points.homeoffice.gov.uk |
www.ukba.homeoffice.gov.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
99e83d8765512e76mn70qq2c7.workers.dev WE1 |
2024-09-05 - 2024-12-04 |
3 months | crt.sh |
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01 |
2024-02-29 - 2025-02-12 |
a year | crt.sh |
points.homeoffice.gov.uk R11 |
2024-09-03 - 2024-12-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://point-homeofficeukuk.s3.us-east-2.amazonaws.com/homeoffice.htm
Frame ID: 76E55A96B516D5AC668977E0D91DDED6
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
SMS log inPage URL History Show full URLs
- https://home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev/ Page URL
-
https://home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev/cdn-cgi/phish-bypass?atok=nbXHaK87MIyUVqRT0gQKQ1dDsysxlHYpqK1i.6qJdFM-172777...
HTTP 301
https://home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev/ HTTP 301
https://point-homeofficeukuk.s3.us-east-2.amazonaws.com/homeoffice.htm Page URL
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Home
Search URL Search Domain Scan URL
Title: Log in
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: sponsor application
Search URL Search Domain Scan URL
Title: Forgotten your password?
Search URL Search Domain Scan URL
Title: SMS user guides (opens in a new window)
Search URL Search Domain Scan URL
Title: Information for sponsors (opens in a new window)
Search URL Search Domain Scan URL
Title: Accessibility Statement (opens in a new window)
Search URL Search Domain Scan URL
Title: Cookie Statement (opens in a new window)
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev/ Page URL
-
https://home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev/cdn-cgi/phish-bypass?atok=nbXHaK87MIyUVqRT0gQKQ1dDsysxlHYpqK1i.6qJdFM-1727774744-0.0.1.1-%2F
HTTP 301
https://home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev/ HTTP 301
https://point-homeofficeukuk.s3.us-east-2.amazonaws.com/homeoffice.htm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev/favicon.ico HTTP 301
- https://point-homeofficeukuk.s3.us-east-2.amazonaws.com/homeoffice.htm
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
speculation
home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev/cdn-cgi/ |
128 B 611 B |
Other
application/speculationrules+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev/cdn-cgi/images/ |
452 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
homeoffice.htm
point-homeofficeukuk.s3.us-east-2.amazonaws.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
homeoffice.htm
point-homeofficeukuk.s3.us-east-2.amazonaws.com/ Redirect Chain
|
11 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
biaBasic.css
www.points.homeoffice.gov.uk/gui-sms-jsf/styles/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
biaCore.css
www.points.homeoffice.gov.uk/gui-sms-jsf/styles/ |
704 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
biaCommon.css
www.points.homeoffice.gov.uk/gui-sms-jsf/styles/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
biaContent.css
www.points.homeoffice.gov.uk/gui-sms-jsf/styles/ |
21 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sms.css
www.points.homeoffice.gov.uk/gui-sms-jsf/styles/ |
17 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
local-sms.css
www.points.homeoffice.gov.uk/gui-sms-jsf/styles/ |
888 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sms-common.js
www.points.homeoffice.gov.uk/gui-sms-jsf/styles/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
biaLogo.gif
www.points.homeoffice.gov.uk/gui-sms-jsf/images/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bcBgTop.gif
www.points.homeoffice.gov.uk/gui-sms-jsf/images/ |
500 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bcBgTopRow.gif
www.points.homeoffice.gov.uk/gui-sms-jsf/images/ |
126 B 653 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bcTopLeft.gif
www.points.homeoffice.gov.uk/gui-sms-jsf/images/ |
355 B 881 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bcBotRight.gif
www.points.homeoffice.gov.uk/gui-sms-jsf/images/ |
116 B 643 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navArrowBlue.gif
www.points.homeoffice.gov.uk/gui-sms-jsf/images/ |
84 B 609 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
butBg.gif
www.points.homeoffice.gov.uk/gui-sms-jsf/images/ |
98 B 623 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fbTitleBg.gif
www.points.homeoffice.gov.uk/gui-sms-jsf/images/ |
99 B 623 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_appForms.gif
www.points.homeoffice.gov.uk/gui-sms-jsf/images/ |
409 B 936 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrowBlue.gif
www.points.homeoffice.gov.uk/gui-sms-jsf/images/ |
49 B 574 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
point-homeofficeukuk.s3.us-east-2.amazonaws.com/ |
243 B 520 B |
Other
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- point-homeofficeukuk.s3.us-east-2.amazonaws.com
- URL
- https://point-homeofficeukuk.s3.us-east-2.amazonaws.com/homeoffice.htm
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| GetId function| setFocus1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev/ | Name: __cf_mw_byp Value: nbXHaK87MIyUVqRT0gQKQ1dDsysxlHYpqK1i.6qJdFM-1727774744-0.0.1.1-/ |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
home-points-ac7c.99e83d8765512e76mn70qq2c7.workers.dev
point-homeofficeukuk.s3.us-east-2.amazonaws.com
www.points.homeoffice.gov.uk
point-homeofficeukuk.s3.us-east-2.amazonaws.com
108.128.238.148
188.114.97.3
52.219.111.50
02f13c02a855e9d67319d4536f794a8f93ca167e6cfecc03441313cad42658f1
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
16eff64ee411ee90c5b20c7dbc19cd21eadaf3bf30b16a4717d714ead675b118
18089adb83e3bd1e5948781125fcbbf029375443bfa979775cabda0444eaa096
19fa240713eec6ca05726a82c61e67a54cb738187855c78728bf0f375770dee9
2217fd3becad5910ed304e437888cc985e015c863ef076a55342411cacd139fa
3c587b173747c5b0af5309c9eb3dd02b2f3bb05c5242fde301aa43a5cc83825d
43569a3d445dfd09a7802ac1509a09d16656a1c0b5bfbdd50c6f4496f9e77a76
4395c56813c5118ea03de52ea71f87c01e174053a38dde5de45db1cd8d9ab5cf
59ba6572796d69d0899ce77b7c05624a3c9440abdc8dbbc21183dc680f79f252
5fa96c7dc1f1df808bfa637602e25e943eeee934a4434e8e64b4e51f2fc77356
72d03e34b75c1279c84a45da09627979bd00d9fc8c748a8a4e805126df55524b
75c276a0b82d1345bc2be45906f80c8100804dc383b7e82d8eedba8677de074b
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
876705ee7deba8a19439d6a8c3ede4523982da10492870aea1c125314ba3a735
8e3bd4f27259086d8f0379578a190889d5aa8bc8028ee1f79487d24349b66e14
8ef73526c8855133ad7cac442e8a4d392b10a95f370531900bdb0f906543c62e
96ea4e73acbba959f061a002a62e8cf357e01b1fc82cefb7b6df87f03295c5df
9b69fa3d3222584dd0884e8cd0db648f7e01ad8b6f4f2bfef30ad96353ed15ea
d0ddbf6a47a32f9df5a4388a71d18729de6abfbda7c30dad75fdd814de1e5a71
d49063624a6438a2462f262b4db1655523fb6712f55c09ee87c35ded972115d9
d73fe2757945d2db65e1be3d25fc744a39600d1ea1a48e33d48a380f66e5e4e3
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016