thermocapa2internal.platformforscience.com Open in urlscan Pro
52.201.5.250 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thermocapa2internal.platformforscience.com/
Effective URL:
https://thermocapa2internal.platformforscience.com/corelims
Submission: On September 10 via automatic, source certstream-suspicious (September 10th 2024, 7:23:31 pm UTC) — Scanned from DE

Summary HTTP 9 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 52.201.5.250, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is thermocapa2internal.platformforscience.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on September 10th 2024. Valid for: a year.

This is the only time thermocapa2internal.platformforscience.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 8	52.201.5.250 52.201.5.250		14618 (AMAZON-AES) (AMAZON-AES)
9	2

8 52.201.5.250 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-5-250.compute-1.amazonaws.com

thermocapa2internal.platformforscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	platformforscience.com 1 redirects thermocapa2internal.platformforscience.com	287 KB
0	Failed function sub() { [native code] }. Failed
9	2

	Domain	Requested by
8	thermocapa2internal.platformforscience.com	1 redirects thermocapa2internal.platformforscience.com
0	_layouts Failed	thermocapa2internal.platformforscience.com
9	2

This site contains links to these domains. Also see Links.

Domain
www.corelims.com
www.coreinformatics.com

Subject Issuer	Validity	Valid
thermocapa2internal.platformforscience.com Amazon RSA 2048 M02	`2024-09-10` - `2025-10-09`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://thermocapa2internal.platformforscience.com/corelims
Frame ID: FCE74183978AF29D1F06A7A3A60F201D
Requests: 5 HTTP requests in this frame

Frame: https://_layouts/signout.aspx
Frame ID: EEC16DEA0763DAC6BE848A845E2ACE74
Requests: 2 HTTP requests in this frame

Frame: https://_layouts/signout.aspx
Frame ID: D2BEB2C6CCADF1A6D8250F27A2852B38
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PFS | Login

Page URL History Show full URLs

https://thermocapa2internal.platformforscience.com/ HTTP 302
https://thermocapa2internal.platformforscience.com/corelims Page URL

Page Statistics

9
Requests

78 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

286 kB
Transfer

283 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.corelims.com/

Search URL Search Domain Scan URL

URL: http://www.coreinformatics.com/
Title: Core Informatics

Search URL Search Domain Scan URL

URL: http://www.corelims.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thermocapa2internal.platformforscience.com/ HTTP 302
https://thermocapa2internal.platformforscience.com/corelims Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request corelims Show response
thermocapa2internal.platformforscience.com/
Redirect Chain

https://thermocapa2internal.platformforscience.com/
https://thermocapa2internal.platformforscience.com/corelims

5 KB
5 KB

98ms
97ms

Document
text/html

52.201.5.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thermocapa2internal.platformforscience.com/corelims

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.201.5.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-5-250.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

51b66b46c1318a161bc038d9878a2eb68f4314e927469c0e9b8ede0943bfce40

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 4684
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 Sep 2024 19:23:27 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
correlationId: 2f949b6f-553a-4cbe-8edc-0fa172c34777
tenantId: UNKNOWN
vary: Origin

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 Sep 2024 19:23:27 GMT
Location: corelims
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
correlationId: d34e3abc-d120-435c-8d83-cde625275006
tenantId: UNKNOWN
vary: Origin

GET
H/1.1 200 core.css
thermocapa2internal.platformforscience.com/webjars/assets/css/ 269 KB
270 KB 186ms
186ms Stylesheet
text/css 52.201.5.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thermocapa2internal.platformforscience.com/webjars/assets/css/core.css?v=dddf59d8ac365845c29a50b2cb3b07c74407b61c

Requested by

Host: thermocapa2internal.platformforscience.com
URL: https://thermocapa2internal.platformforscience.com/corelims

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.201.5.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-5-250.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

cde26fd5c9400a155ed95175fd021497c0639a5312924532f22ae57edd3ff33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thermocapa2internal.platformforscience.com/corelims
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

correlationId: 68a37648-3b53-4d77-b2c9-43e14549e97c
Date: Tue, 10 Sep 2024 19:23:27 GMT
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 275758
Last-Modified: Thu, 13 Jan 2022 09:19:32 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
ETag: W/"275758-1642065572000"
vary: Origin
tenantId: UNKNOWN
Content-Type: text/css;charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
Accept-Ranges: bytes
Expires: Wed, 11 Sep 2024 19:23:27 GMT

GET
H/1.1 200 loginstyle.css
thermocapa2internal.platformforscience.com/core/css/ 2 KB
3 KB 285ms
97ms Stylesheet
text/css 52.201.5.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thermocapa2internal.platformforscience.com/core/css/loginstyle.css?v=dddf59d8ac365845c29a50b2cb3b07c74407b61c

Requested by

Host: thermocapa2internal.platformforscience.com
URL: https://thermocapa2internal.platformforscience.com/corelims

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.201.5.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-5-250.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

f7c1c389717adfddc717b0e7bfd78131c7727e075260c8531470693c47c4c8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thermocapa2internal.platformforscience.com/corelims
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

correlationId: d44543fa-4cb1-465f-b1e0-7fdee193e590
Date: Tue, 10 Sep 2024 19:23:27 GMT
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2300
Last-Modified: Tue, 10 Sep 2024 06:17:54 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
ETag: W/"2300-1725949074000"
vary: Origin
tenantId: UNKNOWN
Content-Type: text/css;charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86399
Accept-Ranges: bytes
Expires: Wed, 11 Sep 2024 19:23:27 GMT

GET
H/1.1 200 Platform-For-Science-Logo.png
thermocapa2internal.platformforscience.com/core/images5/ 4 KB
4 KB 95ms
94ms Image
image/png 52.201.5.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thermocapa2internal.platformforscience.com/core/images5/Platform-For-Science-Logo.png

Requested by

Host: thermocapa2internal.platformforscience.com
URL: https://thermocapa2internal.platformforscience.com/core/css/loginstyle.css?v=dddf59d8ac365845c29a50b2cb3b07c74407b61c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.201.5.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-5-250.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

7446c7de42eabc53b2e4eb65c303939147e06602f16c4cd77ff55831cca269ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thermocapa2internal.platformforscience.com/core/css/loginstyle.css?v=dddf59d8ac365845c29a50b2cb3b07c74407b61c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

correlationId: 68c19386-2393-4dbd-8e47-e3dff223e72f
Date: Tue, 10 Sep 2024 19:23:27 GMT
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 3669
Last-Modified: Tue, 10 Sep 2024 06:17:54 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
ETag: W/"3669-1725949074000"
vary: Origin
tenantId: UNKNOWN
Content-Type: image/png;charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
Accept-Ranges: bytes
Expires: Wed, 11 Sep 2024 19:23:27 GMT

GET
H/1.1 200 MSOfficeWebAppLogout.jsp Show response
thermocapa2internal.platformforscience.com/core/ Frame EEC1 587 B
963 B 104ms
103ms Document
text/html 52.201.5.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thermocapa2internal.platformforscience.com/core/MSOfficeWebAppLogout.jsp?

Requested by

Host: thermocapa2internal.platformforscience.com
URL: https://thermocapa2internal.platformforscience.com/corelims

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.201.5.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-5-250.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

a6ad4846bfd2710f166e345fd1375e4f48f5d19d1e5362def483110bd69200a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thermocapa2internal.platformforscience.com/corelims
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 587
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 Sep 2024 19:23:27 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
correlationId: 0e7be45f-0195-494a-b989-a92edf0e8535
tenantId: UNKNOWN
vary: Origin

GET
H/1.1 200 MSOfficeWebAppLogout.jsp Show response
thermocapa2internal.platformforscience.com/core/ Frame D2BE 587 B
963 B 208ms
102ms Document
text/html 52.201.5.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thermocapa2internal.platformforscience.com/core/MSOfficeWebAppLogout.jsp?

Requested by

Host: thermocapa2internal.platformforscience.com
URL: https://thermocapa2internal.platformforscience.com/corelims

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.201.5.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-5-250.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

a6ad4846bfd2710f166e345fd1375e4f48f5d19d1e5362def483110bd69200a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thermocapa2internal.platformforscience.com/corelims
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 587
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 Sep 2024 19:23:27 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
correlationId: 4a5798cc-78e2-406e-be82-bbff2a30b32e
tenantId: UNKNOWN
vary: Origin

GET signout.aspx
_layouts/ Frame EEC1 0
0

GET signout.aspx
_layouts/ Frame D2BE 0
0

GET
H/1.1 200 favicon5.ico
thermocapa2internal.platformforscience.com/core/ 2 KB
3 KB 95ms
95ms Other
image/x-icon 52.201.5.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thermocapa2internal.platformforscience.com/core/favicon5.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.201.5.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-5-250.compute-1.amazonaws.com

Software

Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /

Resource Hash

498dc77b03f8bafb62ab553ef46f747eea4f1d73b634c8693fa55c0756cd5a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://thermocapa2internal.platformforscience.com/corelims
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

correlationId: 6953ca10-e541-4ece-b783-984090d18eca
Date: Tue, 10 Sep 2024 19:23:28 GMT
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2461
Last-Modified: Tue, 10 Sep 2024 06:17:52 GMT
Server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8
ETag: W/"2461-1725949072000"
vary: Origin
tenantId: UNKNOWN
Content-Type: image/x-icon;charset=UTF-8
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=86400
Accept-Ranges: bytes
Expires: Wed, 11 Sep 2024 19:23:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: _layouts
URL: https://_layouts/signout.aspx

Domain: _layouts
URL: https://_layouts/signout.aspx

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			thermocapa2internal.platformforscience.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: A9F1CD3070A96F580CF6E6B6C3D0C693
			thermocapa2internal.platformforscience.com/	1969-12-31 23:59:59	Name: AWSELB Value: 09412F93169D7FDE3C539DF06D973957AB2E1DE4B0A209AD1C8A907BD274C578FE1B4E0D6395BD41FB1241E6EBE10CA35CE0C95FAAF916070F3FC0B074B935C0D3C2C19198E194A1D03D81168A994222E8FE0FD546

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

_layouts
thermocapa2internal.platformforscience.com
_layouts
52.201.5.250
498dc77b03f8bafb62ab553ef46f747eea4f1d73b634c8693fa55c0756cd5a35
51b66b46c1318a161bc038d9878a2eb68f4314e927469c0e9b8ede0943bfce40
7446c7de42eabc53b2e4eb65c303939147e06602f16c4cd77ff55831cca269ad
a6ad4846bfd2710f166e345fd1375e4f48f5d19d1e5362def483110bd69200a4
cde26fd5c9400a155ed95175fd021497c0639a5312924532f22ae57edd3ff33b
f7c1c389717adfddc717b0e7bfd78131c7727e075260c8531470693c47c4c8a5

thermocapa2internal.platformforscience.com Open in urlscan Pro 52.201.5.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

78 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

286 kBTransfer

283 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

thermocapa2internal.platformforscience.com Open in urlscan Pro
52.201.5.250 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

78 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

286 kB
Transfer

283 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions