main.drjq1g9heo6r5.amplifyapp.com
Open in
urlscan Pro
18.239.83.65
Public Scan
Effective URL: https://main.drjq1g9heo6r5.amplifyapp.com/?sso=bm9uY2U9NWQyOGJiZWUzMTY1Mjc3ZGU3NDkwNjg3ZTAwNjJiNTUmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZ...
Submission Tags: phishingrod
Submission: On February 15 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on November 11th 2023. Valid for: a year.
This is the only time main.drjq1g9heo6r5.amplifyapp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700:10:... 2606:4700:10::6816:1a5a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 18.239.83.65 18.239.83.65 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2606:4700:10:... 2606:4700:10::6816:1b5a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 2 |
ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-65.ams58.r.cloudfront.net
main.drjq1g9heo6r5.amplifyapp.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
amplifyapp.com
main.drjq1g9heo6r5.amplifyapp.com |
135 KB |
4 |
rcvs.org.uk
2 redirects
discourse.rcvs.org.uk onecpd.rcvs.org.uk — Cisco Umbrella Rank: 892447 |
8 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
9 | main.drjq1g9heo6r5.amplifyapp.com |
main.drjq1g9heo6r5.amplifyapp.com
|
2 | onecpd.rcvs.org.uk |
main.drjq1g9heo6r5.amplifyapp.com
|
2 | discourse.rcvs.org.uk | 2 redirects |
11 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
myaccount.rcvs.org.uk |
www.rcvs.org.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.drjq1g9heo6r5.amplifyapp.com Amazon RSA 2048 M02 |
2023-11-11 - 2024-12-09 |
a year | crt.sh |
onecpd.rcvs.org.uk E1 |
2024-02-15 - 2024-05-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://main.drjq1g9heo6r5.amplifyapp.com/?sso=bm9uY2U9NWQyOGJiZWUzMTY1Mjc3ZGU3NDkwNjg3ZTAwNjJiNTUmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UucmN2cy5vcmcudWslMkZzZXNzaW9uJTJGc3NvX2xvZ2lu&sig=c890b84b5c4563c764bac0fc8b1d1e3ab2fe5d06a29d557a47f19f4420ee16fa
Frame ID: 55E6A29DE3CA2EABD5F510933B9D4016
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
RCVS Discourse SSOPage URL History Show full URLs
-
https://discourse.rcvs.org.uk/
HTTP 302
https://discourse.rcvs.org.uk/session/sso HTTP 302
https://main.drjq1g9heo6r5.amplifyapp.com/?sso=bm9uY2U9NWQyOGJiZWUzMTY1Mjc3ZGU3NDkwNjg3ZTAwNjJiNTUmcmV0dXJuX3Nzb191cmw... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: reset your username or password
Search URL Search Domain Scan URL
Title: Royal College of Veterinary Surgeons, The Cursitor, 38 Chancery Lane, London, WC2A 1EN
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://discourse.rcvs.org.uk/
HTTP 302
https://discourse.rcvs.org.uk/session/sso HTTP 302
https://main.drjq1g9heo6r5.amplifyapp.com/?sso=bm9uY2U9NWQyOGJiZWUzMTY1Mjc3ZGU3NDkwNjg3ZTAwNjJiNTUmcmV0dXJuX3Nzb191cmw9aHR0cHMlM0ElMkYlMkZkaXNjb3Vyc2UucmN2cy5vcmcudWslMkZzZXNzaW9uJTJGc3NvX2xvZ2lu&sig=c890b84b5c4563c764bac0fc8b1d1e3ab2fe5d06a29d557a47f19f4420ee16fa Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
main.drjq1g9heo6r5.amplifyapp.com/ Redirect Chain
|
161 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-runtime-c840ad7437d6bf1f1f21.js
main.drjq1g9heo6r5.amplifyapp.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-3e6dec6139dadaa7d0c7.js
main.drjq1g9heo6r5.amplifyapp.com/ |
126 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-fc143a081244681a5c7b.js
main.drjq1g9heo6r5.amplifyapp.com/ |
63 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles-9411612e31e4f14527d1.js
main.drjq1g9heo6r5.amplifyapp.com/ |
117 B 500 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
134602b1-ef98ff19e0e7c4564314.js
main.drjq1g9heo6r5.amplifyapp.com/ |
60 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
component---src-pages-index-js-263ab60db9a1784add22.js
main.drjq1g9heo6r5.amplifyapp.com/ |
97 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-data.json
main.drjq1g9heo6r5.amplifyapp.com/page-data/index/ |
117 B 497 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-data.json
main.drjq1g9heo6r5.amplifyapp.com/page-data/ |
50 B 428 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.b471a50694f8.svg
onecpd.rcvs.org.uk/static/images/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.b471a50694f8.svg
onecpd.rcvs.org.uk/static/images/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| pagePath object| ___chunkMapping object| webpackJsonp object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate string| ___webpackCompilationHash1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
discourse.rcvs.org.uk/ | Name: _forum_session Value: bGk1OXVYeFNhclhGc1lUR05OQmh3ZGVWREhBSmVqTFd6YkhhYUFxTitsOGV6YTVoZ0RuTzVkMWdIVnhLQ2tkemIrVldKTmN5bjZ5cVlKT2FuV01WcnpJZER0Y0UvOVFlTE0wN3UrcXM1YUVIaDk2S3p3NVIwQzI2bnk0YzN4N21VR3U0WUwycUZKUitVNEpmTHpPbFVvQjhtVjNtdEpwbFNIWGNmdzNDbitZPS0tdHZOODZRMU5hYlE1eHp2QzBkZmg2UT09--e9cde1573b4d2943d6fe055ea4e24edda3ad8038 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
discourse.rcvs.org.uk
main.drjq1g9heo6r5.amplifyapp.com
onecpd.rcvs.org.uk
18.239.83.65
2606:4700:10::6816:1a5a
2606:4700:10::6816:1b5a
04960f99bcb3caf0bb8146b268babae7c2c2b3508da9550dde88a9454b9b0b0d
39b0e6ce4aac872b1d223045587e5a5cc99db9968d27313358ce9d63a220f4b6
5c79959e194688c92b15ad0e0bc0467623c4a238f041953397afa44280824776
5f40982053a814607ac57c0043370390bccd7b59d8b1f6f4ddca689720edf664
7ab093f8edfc314da59e017f607013bb4101c30ad87166eb4e305d35fed70c22
852ab72c953be063a43b8d5e0504deb33d675cf427775e7d4b6f27ab56a777c0
a6fa755b1adcf0718a6af9a25a8f6e7365acc92617d763531fe211e718f6779f
ceaa46e7dfd320262bc3e2c88b234c8ba5be394a6fe429915119df9e8342348a
e3648ebe8fe283dcd3e569775592c9f3185654e67de7dbb4fe2d8020976a6df2
f42740ac6e929a9cd9700f66811849812d344492111378f809d2cd7e7a251bef