lp.idam-gov.us
Open in
urlscan Pro
2600:9000:21ea:cc00:e:4fa:1100:93a1
Public Scan
Effective URL: https://lp.idam-gov.us/?pid=ENhFD_CoSOGr0ZhC9YNTQKM5m_lsRECVseXQ1Gv1QVI=
Submission: On March 30 via manual from US — Scanned from US
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on March 1st 2023. Valid for: 10 months.
This is the only time lp.idam-gov.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.152.167.150 54.152.167.150 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 2600:9000:21e... 2600:9000:21ea:cc00:e:4fa:1100:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 1 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-167-150.compute-1.amazonaws.com
ygxktslf.r.us-east-1.awstrack.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
idam-gov.us
lp.idam-gov.us |
22 KB |
1 |
awstrack.me
1 redirects
ygxktslf.r.us-east-1.awstrack.me |
186 B |
3 | 2 |
Domain | Requested by | |
---|---|---|
3 | lp.idam-gov.us |
lp.idam-gov.us
|
1 | ygxktslf.r.us-east-1.awstrack.me | 1 redirects |
3 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.phishtaco.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
lp.hr-sharepoint.com Amazon RSA 2048 M02 |
2023-03-01 - 2023-12-16 |
10 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://lp.idam-gov.us/?pid=ENhFD_CoSOGr0ZhC9YNTQKM5m_lsRECVseXQ1Gv1QVI=
Frame ID: F1F08400CEF8A3008E208FCD1B95AECF
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
PhishTACO | A better phishing simulation platformPage URL History Show full URLs
-
https://ygxktslf.r.us-east-1.awstrack.me/L0/https:%2F%2Flp.idam-gov.us%2F%3Fpid=ENhFD_CoSOGr0ZhC9YNTQKM5m_lsRECVseXQ1...
HTTP 302
https://lp.idam-gov.us/?pid=ENhFD_CoSOGr0ZhC9YNTQKM5m_lsRECVseXQ1Gv1QVI= Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: PhishTACO
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ygxktslf.r.us-east-1.awstrack.me/L0/https:%2F%2Flp.idam-gov.us%2F%3Fpid=ENhFD_CoSOGr0ZhC9YNTQKM5m_lsRECVseXQ1Gv1QVI=/1/01000186748d1fbe-6dcde67d-772f-4593-bef6-7789da38f0fb-000000/gX_yb4w-TI3vTkJ8gNS3UZT_HX8=310
HTTP 302
https://lp.idam-gov.us/?pid=ENhFD_CoSOGr0ZhC9YNTQKM5m_lsRECVseXQ1Gv1QVI= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
lp.idam-gov.us/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_pt_black.png
lp.idam-gov.us/error-pages/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_pt_color-filtered.svg
lp.idam-gov.us/error-pages/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
lp.idam-gov.us
ygxktslf.r.us-east-1.awstrack.me
2600:9000:21ea:cc00:e:4fa:1100:93a1
54.152.167.150
24488c640b1ee716a90e1138bdeff5c2dd027f4f99158d97b0de946f17a948c6
2a92bba46d5fa1eba3eb9747db625bb9f3b84c9746053c11e8e16c60391d6e54
4382e00002feab317baf271f92d27e36378334b53b9d8dbbbf222cdbc16f09b3