login-demo-admin.cesfxhkd.com
Open in
urlscan Pro
13.55.198.191
Public Scan
Effective URL: https://login-demo-admin.cesfxhkd.com/sepas/serve?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&URL=%2FFIM%2FSHK%2F&REFE...
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On March 02 via api from IT — Scanned from AU
Summary
TLS certificate: Issued by Entrust Certification Authority - L1M on February 28th 2024. Valid for: a year.
This is the only time login-demo-admin.cesfxhkd.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.253.41.149 54.253.41.149 | 16509 (AMAZON-02) (AMAZON-02) | |
1 7 | 13.55.198.191 13.55.198.191 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 1 |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-253-41-149.ap-southeast-2.compute.amazonaws.com
login-demo-admin.cesfxhkd.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-55-198-191.ap-southeast-2.compute.amazonaws.com
login-demo-admin.cesfxhkd.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
cesfxhkd.com
2 redirects
login-demo-admin.cesfxhkd.com |
36 KB |
6 | 1 |
Domain | Requested by | |
---|---|---|
8 | login-demo-admin.cesfxhkd.com |
2 redirects
login-demo-admin.cesfxhkd.com
|
6 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.macquarie.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
demo.cesfxhkd.com Entrust Certification Authority - L1M |
2024-02-28 - 2025-02-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login-demo-admin.cesfxhkd.com/sepas/serve?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&URL=%2FFIM%2FSHK%2F&REFERER=&PROTOCOL=https&HTTPHDR_Host=login-demo-admin.cesfxhkd.com&HOSTNAME=login-demo-admin.cesfxhkd.com
Frame ID: 3F12DF46E6CCA5D8FB1EFE6E307E3CAA
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
AWS LoginPage URL History Show full URLs
-
http://login-demo-admin.cesfxhkd.com/
HTTP 302
https://login-demo-admin.cesfxhkd.com/ HTTP 302
https://login-demo-admin.cesfxhkd.com/sepas/serve?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&URL=... Page URL
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://login-demo-admin.cesfxhkd.com/
HTTP 302
https://login-demo-admin.cesfxhkd.com/ HTTP 302
https://login-demo-admin.cesfxhkd.com/sepas/serve?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&URL=%2FFIM%2FSHK%2F&REFERER=&PROTOCOL=https&HTTPHDR_Host=login-demo-admin.cesfxhkd.com&HOSTNAME=login-demo-admin.cesfxhkd.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
serve
login-demo-admin.cesfxhkd.com/sepas/ Redirect Chain
|
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home_stylesheet.css
login-demo-admin.cesfxhkd.com/sepas/static/pages/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav-banner.gif
login-demo-admin.cesfxhkd.com/sepas/static/pages/ |
20 KB 21 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shim.gif
login-demo-admin.cesfxhkd.com/sepas/static/pages/ |
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_button.gif
login-demo-admin.cesfxhkd.com/sepas/static/pages/ |
266 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_box_corner.gif
login-demo-admin.cesfxhkd.com/sepas/static/pages/ |
667 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| do_login function| IsNumeric7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.cesfxhkd.com/sepas | Name: TAMBrand Value: default |
|
login-demo-admin.cesfxhkd.com/sepas | Name: TAMTrack Value: 631130 |
|
login-demo-admin.cesfxhkd.com/ | Name: PD-S-SESSION-ID Value: 1_2_0_vPX1xnu8m-4utBZI6ttZzQyKAug+64hZzY6JK4vlmz0nhc6B |
|
login-demo-admin.cesfxhkd.com/ | Name: TAMURL Value: "https://login-demo-admin.cesfxhkd.com/FIM/SHK/" |
|
login-demo-admin.cesfxhkd.com/ | Name: AWSELB Value: DDCFA3DB168A71535BD4C080259F41B1561A9F86047D25E5DD66F68EFB864D0CCFE98838A12DB5A833332EBC07AC9BC149DACB34B1275F1172F933AC538BB8CCB2A3012B0B |
|
login-demo-admin.cesfxhkd.com/ | Name: AWSALB Value: HQnTGquaEjCmeh6QFfgJiDPk6gCa7BCBslbVw7R9jEEvGQJ5/YwtKlr18LDtUcoH2o5+T684E0kVDmf3FesEF+ImInmx0Ssx3tAbNmmpIqhpyk6D97Mhfx62ZKEZ |
|
login-demo-admin.cesfxhkd.com/ | Name: AWSALBCORS Value: HQnTGquaEjCmeh6QFfgJiDPk6gCa7BCBslbVw7R9jEEvGQJ5/YwtKlr18LDtUcoH2o5+T684E0kVDmf3FesEF+ImInmx0Ssx3tAbNmmpIqhpyk6D97Mhfx62ZKEZ |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login-demo-admin.cesfxhkd.com
13.55.198.191
54.253.41.149
6b3e80d8576157af1c94e6f74725794d8ba4eba770462d7d2d99b4d6057a6450
83971df295831419a4b2a5a700c5bc4a875c0c04fdeff895c039df2eb31038e4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
a79274c56f251b8eb5719e131529cefa24d6d27726f4598dc0a5c04c2f34cef5
f3f0bd7ac3b3f5902f5ee5e2da7df702e1c9856e84f5e7f82033d7cc6194b860
f759a22b71a8ae779f9dbf45494455e139f253d21645c2ee30dcdfcee5d39c2b