keycloak.beta.kc.hextech.io
Open in
urlscan Pro
54.255.0.138
Public Scan
Effective URL: https://keycloak.beta.kc.hextech.io/auth/realms/htm/protocol/openid-connect/auth?client_id=talos&redirect_uri=https%3A%2F%2Fhextrust...
Submission Tags: phishingrod
Submission: On December 19 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 11th 2022. Valid for: 3 months.
This is the only time keycloak.beta.kc.hextech.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 35.190.33.144 35.190.33.144 | 15169 (GOOGLE) (GOOGLE) | |
1 | 34.120.195.249 34.120.195.249 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
9 | 54.255.0.138 54.255.0.138 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:1f18:24e... 2600:1f18:24e6:b900:66d1:15fb:444a:c5ee | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:400d:804::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:82b::2003 | 15169 (GOOGLE) (GOOGLE) | |
27 | 6 |
ASN15169 (GOOGLE, US)
PTR: 144.33.190.35.bc.googleusercontent.com
hextrust-sandbox.whitelabel-talos.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o268278.ingest.sentry.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-0-138.ap-southeast-1.compute.amazonaws.com
keycloak.beta.kc.hextech.io |
ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
whitelabel-talos.com
1 redirects
hextrust-sandbox.whitelabel-talos.com |
2 MB |
9 |
hextech.io
keycloak.beta.kc.hextech.io |
212 KB |
3 |
gstatic.com
fonts.gstatic.com |
47 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37 |
1 KB |
1 |
browser-intake-datadoghq.com
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2702 |
|
1 |
sentry.io
o268278.ingest.sentry.io |
292 B |
27 | 6 |
Domain | Requested by | |
---|---|---|
13 | hextrust-sandbox.whitelabel-talos.com |
1 redirects
hextrust-sandbox.whitelabel-talos.com
|
9 | keycloak.beta.kc.hextech.io |
hextrust-sandbox.whitelabel-talos.com
keycloak.beta.kc.hextech.io |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
keycloak.beta.kc.hextech.io
|
1 | rum.browser-intake-datadoghq.com |
hextrust-sandbox.whitelabel-talos.com
|
1 | o268278.ingest.sentry.io |
hextrust-sandbox.whitelabel-talos.com
|
27 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
hextrust-sandbox.whitelabel-talos.com GTS CA 1D4 |
2022-10-21 - 2023-01-19 |
3 months | crt.sh |
*.ingest.sentry.io R3 |
2022-12-18 - 2023-03-18 |
3 months | crt.sh |
beta.kc.hextech.io R3 |
2022-12-11 - 2023-03-11 |
3 months | crt.sh |
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-21 - 2023-07-22 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://keycloak.beta.kc.hextech.io/auth/realms/htm/protocol/openid-connect/auth?client_id=talos&redirect_uri=https%3A%2F%2Fhextrust-sandbox.whitelabel-talos.com%2Fauth%2Fcallback&response_type=code&scope=openid+profile+email&state=705f6bd9-35f3-4f6e-bfdd-ff45b2905bb1
Frame ID: F36004DCA5BB7F68D0D701C0F2CA40F9
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Sign in to Hex Trust MarketsPage URL History Show full URLs
- https://hextrust-sandbox.whitelabel-talos.com/ Page URL
-
https://hextrust-sandbox.whitelabel-talos.com/auth/login
HTTP 302
https://keycloak.beta.kc.hextech.io/auth/realms/htm/protocol/openid-connect/auth?client_id=talos&redirect_uri=ht... Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://hextrust-sandbox.whitelabel-talos.com/ Page URL
-
https://hextrust-sandbox.whitelabel-talos.com/auth/login
HTTP 302
https://keycloak.beta.kc.hextech.io/auth/realms/htm/protocol/openid-connect/auth?client_id=talos&redirect_uri=https%3A%2F%2Fhextrust-sandbox.whitelabel-talos.com%2Fauth%2Fcallback&response_type=code&scope=openid+profile+email&state=705f6bd9-35f3-4f6e-bfdd-ff45b2905bb1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
hextrust-sandbox.whitelabel-talos.com/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.js
hextrust-sandbox.whitelabel-talos.com/tradingview/datafeeds/udf/dist/ |
9 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
hextrust-sandbox.whitelabel-talos.com/tradingview/datafeeds/udf/dist/ |
13 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.9474130b.chunk.css
hextrust-sandbox.whitelabel-talos.com/static/css/ |
162 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.43ca5b79.chunk.css
hextrust-sandbox.whitelabel-talos.com/static/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.78287c87.chunk.js
hextrust-sandbox.whitelabel-talos.com/static/js/ |
1 MB 257 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.ff9f1b61.chunk.js
hextrust-sandbox.whitelabel-talos.com/static/js/ |
3 MB 527 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.bd8d41bb.chunk.js
hextrust-sandbox.whitelabel-talos.com/static/js/ |
163 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.eff4e4f3.chunk.js
hextrust-sandbox.whitelabel-talos.com/static/js/ |
489 KB 146 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.da0d245e.chunk.js
hextrust-sandbox.whitelabel-talos.com/static/js/ |
1 MB 293 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.cb824763.chunk.js
hextrust-sandbox.whitelabel-talos.com/static/js/ |
979 KB 231 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.b28fcb0c.chunk.js
hextrust-sandbox.whitelabel-talos.com/static/js/ |
141 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
o268278.ingest.sentry.io/api/5843393/envelope/ |
2 B 292 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
auth
keycloak.beta.kc.hextech.io/auth/realms/htm/protocol/openid-connect/ Redirect Chain
|
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
rum.browser-intake-datadoghq.com/api/v2/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.css
keycloak.beta.kc.hextech.io/auth/resources/5g3ma/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ |
42 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
keycloak.beta.kc.hextech.io/auth/resources/5g3ma/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ |
1 MB 112 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patternfly.min.css
keycloak.beta.kc.hextech.io/auth/resources/5g3ma/common/keycloak/node_modules/patternfly/dist/css/ |
178 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patternfly-additions.min.css
keycloak.beta.kc.hextech.io/auth/resources/5g3ma/common/keycloak/node_modules/patternfly/dist/css/ |
220 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pficon.css
keycloak.beta.kc.hextech.io/auth/resources/5g3ma/common/keycloak/lib/pficon/ |
577 B 559 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
keycloak.beta.kc.hextech.io/auth/resources/5g3ma/login/htm-theme/css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tile.css
keycloak.beta.kc.hextech.io/auth/resources/5g3ma/login/htm-theme/css/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HTM-logo.png
keycloak.beta.kc.hextech.io/auth/resources/5g3ma/login/htm-theme/img/ |
20 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
keycloak.beta.kc.hextech.io/auth/realms/htm/ | Name: AUTH_SESSION_ID Value: a379f4f0-53af-4653-8592-ec1ff2eb425d.keycloak-2-28118 |
|
keycloak.beta.kc.hextech.io/auth/realms/htm/ | Name: AUTH_SESSION_ID_LEGACY Value: a379f4f0-53af-4653-8592-ec1ff2eb425d.keycloak-2-28118 |
|
keycloak.beta.kc.hextech.io/auth/realms/htm/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJlZjFhN2U3My00NTY4LTQ0OGEtYTNlMC00ZTU0ZDhlYTllMmIifQ.eyJjaWQiOiJ0YWxvcyIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vaGV4dHJ1c3Qtc2FuZGJveC53aGl0ZWxhYmVsLXRhbG9zLmNvbS9hdXRoL2NhbGxiYWNrIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsImlzcyI6Imh0dHBzOi8va2V5Y2xvYWsuYmV0YS5rYy5oZXh0ZWNoLmlvL2F1dGgvcmVhbG1zL2h0bSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9oZXh0cnVzdC1zYW5kYm94LndoaXRlbGFiZWwtdGFsb3MuY29tL2F1dGgvY2FsbGJhY2siLCJzdGF0ZSI6IjcwNWY2YmQ5LTM1ZjMtNGY2ZS1iZmRkLWZmNDViMjkwNWJiMSJ9fQ.z1l7GYnYOI7ANIDAebz6oFVuOOcEbdd9DSSe6sMgKck |
|
hextrust-sandbox.whitelabel-talos.com/ | Name: _dd_s Value: rum=2&id=31bee156-2cf2-46ac-a49c-c951f15c3dfd&created=1671482898171&expire=1671483798171 |
|
hextrust-sandbox.whitelabel-talos.com/ | Name: csrf Value: MTY3MTQ4Mjg5OHx2U2ZfcGRjZDMwemVrYjlacUZhYzVyNXFySENfQzVTS05sejBDZW9lcTVZZmZnS05xLUgwdjZIa0RGQ3dNMGlFQVJid0NCSU5SOThFbUlaYktPWHdyMXA3cmk3bVg1dVhrenlid0w4WnpaNXR6X3BKTFZYVUpjb0Y5QjdEWi1UQ0RIdER8OGVoF9YBHp2Yh47s5_tLKnFvNGM-LeeurlbkIbhbi50= |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; base-uri 'self'; script-src 'self' 'unsafe-inline' https: sentry.io widget.intercom.io js.intercomcdn.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; style-src-elem 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' data: storage.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com; connect-src wss: sentry.io *.sentry.io *.datadoghq.com *.browser-intake-datadoghq.com *.intercom.io *.mixpanel.com hextrust-sandbox.whitelabel-talos.com |
Strict-Transport-Security | max-age=86400 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
hextrust-sandbox.whitelabel-talos.com
keycloak.beta.kc.hextech.io
o268278.ingest.sentry.io
rum.browser-intake-datadoghq.com
2600:1f18:24e6:b900:66d1:15fb:444a:c5ee
2a00:1450:4001:82b::2003
2a00:1450:400d:804::200a
34.120.195.249
35.190.33.144
54.255.0.138
038eff911c6a2a50885b4210227142dbfef93a20e85ab6a282ef022032f1e026
1b653540b3cf0561b420d7787d944cd502a71d1ba110bf2ebc1afa4ceb5f151e
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
38f57a9833dde172f48a5d3294357b7cdde64c6ad734ad59261e2c4246e4dd40
3c091ff5e2ad104f1678446b501d0e3595933a854136045e9a71be052549bfc5
4891821ebc2db4c531ab849f7ce3231cde07f577c15656d7e0ace02e15f047ed
5e214e2d05ccfc9674d8c8ce02ae33ce2cfd8ba59e824508ab4b75eca9d95d56
748e20d4cd5765f85a083dbed3ed4565c698bd83a7c63760fdc5d47a6dbf6b86
81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd
861332606f51f63d2793c81b22f631497f56eb9ab867e7813ce1a7acbd684707
8832013de23df9286ce7f5895a0aeab7a01d226840ca0c9570618d36bebadbee
8b11bbdaec682f99b08e07bf56c7638b36d924fa8e07957b0d639b90b9849c26
99b572dd5b56b2f0a21cdcff3fdb427ba3f4e95cb6b9b0a39f3b5baa01fb10b7
9ad413652aa4dc0937b020dee08483b9784b2ad35039e1015a48160be7997ba4
9cf86341f7734af1c67cccca1349deab899d8cf9308e5e955817a4189c6557f6
a0655bebba56730cec5731634928273e9cebb3d81f362f0ab741657c57b98ace
a0ae09929605e6f45470f62f9ec51e9ec846c70ba08947c673728468044ca1f0
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1e557b2a263eb969ce2298e9b90437d940c5c3082796495a039ec7dc288f63f
d1f63688b46802c76e60dd1797bd89db40f4385e40f88399785c73953cf52164
e65c33c6d7756b802657db0d983c1a68a7151e7c6798cc86992eba8197bddefc
e820d9c58aae9d74664799d25e7060350dcd4a537844fd0ea6b371395a4eecae
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615