auth.nprod.hsbclife.com.sg
Open in
urlscan Pro
13.226.58.123
Public Scan
Effective URL: https://auth.nprod.hsbclife.com.sg/srp/ap-southeast-1_q4U4eyPSW/idp-initiated?SPID=DEV_sp_sg_ease_uat_web_ext__idp_apdcaxatechcom&r...
Submission Tags: @phishunt_io
Submission: On March 20 via api from DE — Scanned from SG
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 19th 2022. Valid for: a year.
This is the only time auth.nprod.hsbclife.com.sg was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 9 | 13.226.58.18 13.226.58.18 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 13.113.159.78 13.113.159.78 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 13.226.58.123 13.226.58.123 | () () | |
17 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-58-18.mnl50.r.cloudfront.net
web.uat.ease.hsbclife.com.sg |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-159-78.ap-northeast-1.compute.amazonaws.com
coretk-prod-disclosures.auraservices.cloud |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
hsbclife.com.sg
2 redirects
web.uat.ease.hsbclife.com.sg auth.nprod.hsbclife.com.sg |
2 MB |
2 |
auraservices.cloud
coretk-prod-disclosures.auraservices.cloud |
717 KB |
0 |
cloudfront.net
Failed
d3ownpzpj4jdb9.cloudfront.net Failed |
|
17 | 3 |
Domain | Requested by | |
---|---|---|
9 | web.uat.ease.hsbclife.com.sg |
2 redirects
web.uat.ease.hsbclife.com.sg
|
2 | coretk-prod-disclosures.auraservices.cloud |
web.uat.ease.hsbclife.com.sg
|
1 | auth.nprod.hsbclife.com.sg |
web.uat.ease.hsbclife.com.sg
auth.nprod.hsbclife.com.sg |
0 | d3ownpzpj4jdb9.cloudfront.net Failed |
auth.nprod.hsbclife.com.sg
|
17 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.uat.ease.hsbclife.com.sg DigiCert SHA2 Extended Validation Server CA |
2022-04-19 - 2023-04-19 |
a year | crt.sh |
*.auraservices.cloud Go Daddy Secure Certificate Authority - G2 |
2023-01-22 - 2024-02-23 |
a year | crt.sh |
auth.nprod.hsbclife.com.sg DigiCert SHA2 Extended Validation Server CA |
2022-04-19 - 2023-04-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth.nprod.hsbclife.com.sg/srp/ap-southeast-1_q4U4eyPSW/idp-initiated?SPID=DEV_sp_sg_ease_uat_web_ext__idp_apdcaxatechcom&relay_state=xxx
Frame ID: 1DB84D5E2BC6DD76C1194DF360AA9B87
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://web.uat.ease.hsbclife.com.sg/ Page URL
-
https://web.uat.ease.hsbclife.com.sg/samlLogin
HTTP 302
https://web.uat.ease.hsbclife.com.sg/samlRedirect HTTP 302
https://auth.nprod.hsbclife.com.sg/srp/ap-southeast-1_q4U4eyPSW/idp-initiated?SPID=DEV_sp_sg_ease_uat_web_ext__... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://web.uat.ease.hsbclife.com.sg/ Page URL
-
https://web.uat.ease.hsbclife.com.sg/samlLogin
HTTP 302
https://web.uat.ease.hsbclife.com.sg/samlRedirect HTTP 302
https://auth.nprod.hsbclife.com.sg/srp/ap-southeast-1_q4U4eyPSW/idp-initiated?SPID=DEV_sp_sg_ease_uat_web_ext__idp_apdcaxatechcom&relay_state=xxx Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
web.uat.ease.hsbclife.com.sg/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
coretk-prod-disclosures.auraservices.cloud/disclosures/deui/ |
3 MB 687 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
coretk-prod-disclosures.auraservices.cloud/disclosures/deui/ |
190 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.bfc6efb6c1bebbf75223.css
web.uat.ease.hsbclife.com.sg/ |
96 KB 96 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.bundle.bfc6efb6c1bebbf75223.js
web.uat.ease.hsbclife.com.sg/ |
738 KB 191 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.bfc6efb6c1bebbf75223.js
web.uat.ease.hsbclife.com.sg/ |
10 MB 1 MB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init
web.uat.ease.hsbclife.com.sg/ |
551 B 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
982386e2d4b16d8a061d83647e35c39c.ttf
web.uat.ease.hsbclife.com.sg/ |
116 KB 117 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ce8a7a5d8c76d57e5a384baa25fe6342.ttf
web.uat.ease.hsbclife.com.sg/ |
116 KB 117 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
idp-initiated
auth.nprod.hsbclife.com.sg/srp/ap-southeast-1_q4U4eyPSW/ Redirect Chain
|
19 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bootstrap.min.css
auth.nprod.hsbclife.com.sg/rsrc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cognito-login.css
auth.nprod.hsbclife.com.sg/rsrc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jl9obvvallvohm6i9phj545fu.css
auth.nprod.hsbclife.com.sg/srp/ap-southeast-1_q4U4eyPSW/rsrc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
amazon-cognito-identity.js
auth.nprod.hsbclife.com.sg/rsrc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
custom.js
auth.nprod.hsbclife.com.sg/rsrc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-3.6.0.min.js
auth.nprod.hsbclife.com.sg/rsrc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
image.jpg
d3ownpzpj4jdb9.cloudfront.net/ap-southeast-1_q4U4eyPSW/ALL/20230119074317/assets/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- auth.nprod.hsbclife.com.sg
- URL
- https://auth.nprod.hsbclife.com.sg/rsrc/bootstrap.min.css
- Domain
- auth.nprod.hsbclife.com.sg
- URL
- https://auth.nprod.hsbclife.com.sg/rsrc/cognito-login.css
- Domain
- auth.nprod.hsbclife.com.sg
- URL
- https://auth.nprod.hsbclife.com.sg/srp/ap-southeast-1_q4U4eyPSW/rsrc/jl9obvvallvohm6i9phj545fu.css
- Domain
- auth.nprod.hsbclife.com.sg
- URL
- https://auth.nprod.hsbclife.com.sg/rsrc/amazon-cognito-identity.js
- Domain
- auth.nprod.hsbclife.com.sg
- URL
- https://auth.nprod.hsbclife.com.sg/rsrc/custom.js
- Domain
- auth.nprod.hsbclife.com.sg
- URL
- https://auth.nprod.hsbclife.com.sg/rsrc/jquery-3.6.0.min.js
- Domain
- d3ownpzpj4jdb9.cloudfront.net
- URL
- https://d3ownpzpj4jdb9.cloudfront.net/ap-southeast-1_q4U4eyPSW/ALL/20230119074317/assets/images/image.jpg
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
web.uat.ease.hsbclife.com.sg/ | Name: vssid Value: s%3A236Hmf0Eu3E9E7ren9BnQ_rYHaiEPaKx.EwlO0HF04pVp5MtcqkqCR7l%2BjVxwNkeyMf3N0mrSFaI |
|
web.uat.ease.hsbclife.com.sg/ | Name: d8459bfbc8017090106bbf9e0c5a084b Value: 79d736840362522d9e1e0f33e83aa32d |
|
web.uat.ease.hsbclife.com.sg/ | Name: lang Value: undefined |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.nprod.hsbclife.com.sg
coretk-prod-disclosures.auraservices.cloud
d3ownpzpj4jdb9.cloudfront.net
web.uat.ease.hsbclife.com.sg
auth.nprod.hsbclife.com.sg
d3ownpzpj4jdb9.cloudfront.net
13.113.159.78
13.226.58.123
13.226.58.18
2f8090b6647ee6ac16876a575867441e671fc3657e4fea8660b4f97feb698c23
4385dc332185ab9396fc2e2f36409f207cac0fbeeeb43aae4a4fc3ad46799ef5
4e2450ea86ebe1f85b6b90558aa5eaca3523d05df1e037d7b303a44d2eb3500f
a4a31732346eeabef85b2b6f4f2940f8b4d2ac2d8e53714bab6991295279d2a0
b4a6eea7574ba26183390a112421777a36b680dba18ada11e06bc145fbf96b4e
b76fe181565354991326654614adbd6c9600fa1a6cb0ea5351c637abe01420ea
de00831c67f5f5c9df927d5c7719a681bcb3d44a895e3bd73c9e0908e267121a