axapay.eabcorporation.com

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 116.92.187.69, located in Central, Hong Kong and belongs to HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK. The main domain is axapay.eabcorporation.com.
TLS certificate: Issued by R3 on March 25th 2021. Valid for: 3 months.

This is the only time axapay.eabcorporation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	116.92.187.69 116.92.187.69	9381 (HKBNES-AS...) (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited)
2	107.162.165.156 107.162.165.156	55002 (DEFENSE-NET) (DEFENSE-NET)
3	2

1 116.92.187.69 (Central, Hong Kong)

ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK)
PTR: mail.eabsystems.com

axapay.eabcorporation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.162.165.156 (United States)

ASN55002 (DEFENSE-NET, US)

uat.axa.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	axa.com.sg uat.axa.com.sg	609 KB
1	eabcorporation.com axapay.eabcorporation.com	3 KB
3	2

	Domain	Requested by
2	uat.axa.com.sg	axapay.eabcorporation.com
1	axapay.eabcorporation.com
3	2

This site contains no links.

Subject Issuer	Validity	Valid
axapay.eabcorporation.com R3	`2021-03-25` - `2021-06-23`	3 months	crt.sh
*.axa.com.sg DigiCert SHA2 Secure Server CA	`2020-05-15` - `2022-05-19`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://axapay.eabcorporation.com/
Frame ID: C234F2136D6BF08BDFA69C31D1AF5EC2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

612 kB
Transfer

2676 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
axapay.eabcorporation.com/ 3 KB
3 KB 721ms
236ms Document
text/html 116.92.187.69
HKBNES-AS-AP HKBN...

General

Check archive.org

Show headers Download Go to

Full URL: https://axapay.eabcorporation.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.92.187.69 Central, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),
Reverse DNS: mail.eabsystems.com
Software: nginx/1.16.1 /
Resource Hash: 1709f79e4d51fc46266fde39b22cd0a17096e092e895f9dd5a4dd4d097e4bf11

Request headers

Host: axapay.eabcorporation.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.16.1
Date: Thu, 25 Mar 2021 10:15:20 GMT
Content-Type: text/html
Content-Length: 2854
Connection: keep-alive
Last-Modified: Thu, 25 Mar 2021 09:25:50 GMT
ETag: "b26-5be59004d8380"
Accept-Ranges: bytes

GET
H/1.1 200
OK env.js Show response
uat.axa.com.sg/payment/js/ 2 KB
6 KB 1226ms
858ms Script
application/javascript 107.162.165.156
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.axa.com.sg/payment/js/env.js

Requested by

Host: axapay.eabcorporation.com
URL: https://axapay.eabcorporation.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.165.156 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

/

Resource Hash

7d5a0160c3de476b873043d2556d22d9816339aaec25f13d7e46a2c5b07839da

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	Sameorigin
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://axapay.eabcorporation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 10:15:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Content-Security-Policy-Report-Only: default-src 'self' data: blob: *.axa-contento-118412.eu unpkg.com *.google-analytics.com *.tagcommander.com *.collect.igodigital.com *.googletagmanager.com *.hotjar.com stats.g.doubleclick.net *.google.com.sg *.google.com *.gstatic.com *.github.io *.ati-host.net *.hotjar.io *.facebook.net *.rmtag.com *.sojern.com *.fls.doubleclick.net *.doubleclick.net *.axa.com.sg *.jsdelivr.net *.g.doubleclick.net *.linksynergy.com *.algolianet.com *.algolia.net *.adnxs.com *.adsrvr.org *.bootstrapcdn.com *.s3.amazonaws.com *.dc-storm.com *.adsymptotic.com *.commandersact.com *.ads.linkedin.com *.licdn.com unpkg.com *.ra.linksynergy.com *.facebook.com *.googleadservices.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: fonts.googleapis.com ssl.google-analytics.com *.axa-contento-118412.eu unpkg.com *.google-analytics.com *.tagcommander.com *.collect.igodigital.com *.googletagmanager.com *.hotjar.com stats.g.doubleclick.net *.google.com.sg *.google.com *.gstatic.com *.github.io *.ati-host.net *.hotjar.io *.facebook.net *.rmtag.com *.sojern.com *.fls.doubleclick.net *.doubleclick.net *.axa.com.sg *.jsdelivr.net *.g.doubleclick.net *.linksynergy.com *.algolianet.com *.algolia.net *.adnxs.com *.adsrvr.org *.bootstrapcdn.com *.s3.amazonaws.com *.dc-storm.com *.adsymptotic.com *.commandersact.com *.ads.linkedin.com *.licdn.com unpkg.com *.ra.linksynergy.com *.facebook.com *.googleadservices.com; font-src 'self' fonts.gstatic.com *.axa-contento-118412.eu unpkg.com *.google-analytics.com *.tagcommander.com *.collect.igodigital.com *.googletagmanager.com *.hotjar.com stats.g.doubleclick.net *.google.com.sg *.google.com *.gstatic.com *.github.io *.ati-host.net *.hotjar.io *.facebook.net *.rmtag.com *.sojern.com *.fls.doubleclick.net *.doubleclick.net *.axa.com.sg *.jsdelivr.net *.g.doubleclick.net *.linksynergy.com *.algolianet.com *.algolia.net *.adnxs.com *.adsrvr.org *.bootstrapcdn.com *.s3.amazonaws.com *.dc-storm.com *.adsymptotic.com *.commandersact.com *.ads.linkedin.com *.licdn.com unpkg.com *.ra.linksynergy.com *.facebook.com *.googleadservices.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: fonts.googleapis.com *.axa-contento-118412.eu unpkg.com *.google-analytics.com *.tagcommander.com *.collect.igodigital.com *.googletagmanager.com *.hotjar.com stats.g.doubleclick.net *.google.com.sg *.google.com *.gstatic.com *.github.io *.ati-host.net *.hotjar.io *.facebook.net *.rmtag.com *.sojern.com *.fls.doubleclick.net *.doubleclick.net *.axa.com.sg *.jsdelivr.net *.g.doubleclick.net *.linksynergy.com *.algolianet.com *.algolia.net *.adnxs.com *.adsrvr.org *.bootstrapcdn.com *.s3.amazonaws.com *.dc-storm.com *.adsymptotic.com *.commandersact.com *.ads.linkedin.com *.licdn.com unpkg.com *.ra.linksynergy.com *.facebook.com *.googleadservices.com; img-src 'self' data: blob: ssl.google-analytics.com *.axa-contento-118412.eu unpkg.com *.google-analytics.com *.tagcommander.com *.collect.igodigital.com *.googletagmanager.com *.hotjar.com stats.g.doubleclick.net *.google.com.sg *.google.com *.gstatic.com *.github.io *.ati-host.net *.hotjar.io *.facebook.net *.rmtag.com *.sojern.com *.fls.doubleclick.net *.doubleclick.net *.axa.com.sg *.jsdelivr.net *.g.doubleclick.net *.linksynergy.com *.algolianet.com *.algolia.net *.adnxs.com *.adsrvr.org *.bootstrapcdn.com *.s3.amazonaws.com *.dc-storm.com *.adsymptotic.com *.commandersact.com *.ads.linkedin.com *.licdn.com unpkg.com *.ra.linksynergy.com *.facebook.com *.googleadservices.com; report-uri https://uat.axa.com.sg/_csp
Connection: keep-alive
X-DNS-Prefetch-Control: off
Vary: Origin, Accept-Encoding
Content-Length: 993
X-XSS-Protection: 1; mode=block, 1; mode=block
ETag: W/"905-7Vdz3g/vJ9SffB9yDyYFusnv4E8"
X-Frame-Options: Sameorigin
Strict-Transport-Security: max-age=5184000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=utf-8
Via: 1.1 fra1-bit26
Cache-control: private, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
x-correlation-id: 80c73e5a-e5fe-472c-991a-7c6e8306c1f7

GET
H/1.1 200
OK bundle-payment-processing-widget.js Show response
uat.axa.com.sg/payment/js/ 3 MB
603 KB 2015ms
1625ms Script
application/javascript 107.162.165.156
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.axa.com.sg/payment/js/bundle-payment-processing-widget.js

Requested by

Host: axapay.eabcorporation.com
URL: https://axapay.eabcorporation.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.165.156 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

/

Resource Hash

188bc7664bfb22ced5bc93167fb8bc3daea9f150c19752882238f965c378c5e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://axapay.eabcorporation.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 10:15:27 GMT
Content-Encoding: gzip
Content-Security-Policy-Report-Only: default-src 'self' data: blob: *.axa-contento-118412.eu unpkg.com *.google-analytics.com *.tagcommander.com *.collect.igodigital.com *.googletagmanager.com *.hotjar.com stats.g.doubleclick.net *.google.com.sg *.google.com *.gstatic.com *.github.io *.ati-host.net *.hotjar.io *.facebook.net *.rmtag.com *.sojern.com *.fls.doubleclick.net *.doubleclick.net *.axa.com.sg *.jsdelivr.net *.g.doubleclick.net *.linksynergy.com *.algolianet.com *.algolia.net *.adnxs.com *.adsrvr.org *.bootstrapcdn.com *.s3.amazonaws.com *.dc-storm.com *.adsymptotic.com *.commandersact.com *.ads.linkedin.com *.licdn.com unpkg.com *.ra.linksynergy.com *.facebook.com *.googleadservices.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: fonts.googleapis.com ssl.google-analytics.com *.axa-contento-118412.eu unpkg.com *.google-analytics.com *.tagcommander.com *.collect.igodigital.com *.googletagmanager.com *.hotjar.com stats.g.doubleclick.net *.google.com.sg *.google.com *.gstatic.com *.github.io *.ati-host.net *.hotjar.io *.facebook.net *.rmtag.com *.sojern.com *.fls.doubleclick.net *.doubleclick.net *.axa.com.sg *.jsdelivr.net *.g.doubleclick.net *.linksynergy.com *.algolianet.com *.algolia.net *.adnxs.com *.adsrvr.org *.bootstrapcdn.com *.s3.amazonaws.com *.dc-storm.com *.adsymptotic.com *.commandersact.com *.ads.linkedin.com *.licdn.com unpkg.com *.ra.linksynergy.com *.facebook.com *.googleadservices.com; font-src 'self' fonts.gstatic.com *.axa-contento-118412.eu unpkg.com *.google-analytics.com *.tagcommander.com *.collect.igodigital.com *.googletagmanager.com *.hotjar.com stats.g.doubleclick.net *.google.com.sg *.google.com *.gstatic.com *.github.io *.ati-host.net *.hotjar.io *.facebook.net *.rmtag.com *.sojern.com *.fls.doubleclick.net *.doubleclick.net *.axa.com.sg *.jsdelivr.net *.g.doubleclick.net *.linksynergy.com *.algolianet.com *.algolia.net *.adnxs.com *.adsrvr.org *.bootstrapcdn.com *.s3.amazonaws.com *.dc-storm.com *.adsymptotic.com *.commandersact.com *.ads.linkedin.com *.licdn.com unpkg.com *.ra.linksynergy.com *.facebook.com *.googleadservices.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: fonts.googleapis.com *.axa-contento-118412.eu unpkg.com *.google-analytics.com *.tagcommander.com *.collect.igodigital.com *.googletagmanager.com *.hotjar.com stats.g.doubleclick.net *.google.com.sg *.google.com *.gstatic.com *.github.io *.ati-host.net *.hotjar.io *.facebook.net *.rmtag.com *.sojern.com *.fls.doubleclick.net *.doubleclick.net *.axa.com.sg *.jsdelivr.net *.g.doubleclick.net *.linksynergy.com *.algolianet.com *.algolia.net *.adnxs.com *.adsrvr.org *.bootstrapcdn.com *.s3.amazonaws.com *.dc-storm.com *.adsymptotic.com *.commandersact.com *.ads.linkedin.com *.licdn.com unpkg.com *.ra.linksynergy.com *.facebook.com *.googleadservices.com; img-src 'self' data: blob: ssl.google-analytics.com *.axa-contento-118412.eu unpkg.com *.google-analytics.com *.tagcommander.com *.collect.igodigital.com *.googletagmanager.com *.hotjar.com stats.g.doubleclick.net *.google.com.sg *.google.com *.gstatic.com *.github.io *.ati-host.net *.hotjar.io *.facebook.net *.rmtag.com *.sojern.com *.fls.doubleclick.net *.doubleclick.net *.axa.com.sg *.jsdelivr.net *.g.doubleclick.net *.linksynergy.com *.algolianet.com *.algolia.net *.adnxs.com *.adsrvr.org *.bootstrapcdn.com *.s3.amazonaws.com *.dc-storm.com *.adsymptotic.com *.commandersact.com *.ads.linkedin.com *.licdn.com unpkg.com *.ra.linksynergy.com *.facebook.com *.googleadservices.com; report-uri https://uat.axa.com.sg/_csp
Last-Modified: Fri, 05 Mar 2021 03:50:45 GMT
X-Frame-Options: Sameorigin
ETag: W/"29bd21-17800825608"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 fra1-bit26
Cache-Control: public, max-age=0, private, no-cache="set-cookie"
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Connection: keep-alive
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

axapay.eabcorporation.com
uat.axa.com.sg
107.162.165.156
116.92.187.69
1709f79e4d51fc46266fde39b22cd0a17096e092e895f9dd5a4dd4d097e4bf11
188bc7664bfb22ced5bc93167fb8bc3daea9f150c19752882238f965c378c5e9
7d5a0160c3de476b873043d2556d22d9816339aaec25f13d7e46a2c5b07839da

axapay.eabcorporation.com Open in urlscan Pro 116.92.187.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

612 kBTransfer

2676 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

0 Cookies

Indicators

axapay.eabcorporation.com Open in urlscan Pro
116.92.187.69 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

612 kB
Transfer

2676 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions