hsbc-staging.kikoya.mx
Open in
urlscan Pro
52.200.34.95
Public Scan
Effective URL: https://hsbc-staging.kikoya.mx/landing
Submission: On July 20 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on July 20th 2020. Valid for: 3 months.
This is the only time hsbc-staging.kikoya.mx was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 52.200.34.95 52.200.34.95 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 52.216.128.149 52.216.128.149 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:819::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:303... 2606:4700:3037::6812:323a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE) | |
13 | 5 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-34-95.compute-1.amazonaws.com
hsbc-staging.kikoya.mx |
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
kikoya.mx
1 redirects
hsbc-staging.kikoya.mx |
686 KB |
4 |
gstatic.com
fonts.gstatic.com |
42 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
2 |
amazonaws.com
s3.amazonaws.com |
|
1 |
mifiel.com
app-sandbox.mifiel.com |
1 KB |
13 | 5 |
Domain | Requested by | |
---|---|---|
5 | hsbc-staging.kikoya.mx |
1 redirects
hsbc-staging.kikoya.mx
|
4 | fonts.gstatic.com |
hsbc-staging.kikoya.mx
|
2 | fonts.googleapis.com |
hsbc-staging.kikoya.mx
|
2 | s3.amazonaws.com |
hsbc-staging.kikoya.mx
|
1 | app-sandbox.mifiel.com |
hsbc-staging.kikoya.mx
|
13 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
hsbc-staging.kikoya.mx Let's Encrypt Authority X3 |
2020-07-20 - 2020-10-18 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-06-30 - 2020-09-22 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-01-30 - 2020-10-09 |
8 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-06-30 - 2020-09-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://hsbc-staging.kikoya.mx/landing
Frame ID: 744929A112D6623E5114CA9F874B6861
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://hsbc-staging.kikoya.mx/
HTTP 302
https://hsbc-staging.kikoya.mx/landing Page URL
Detected technologies
Erlang (Programming Languages) ExpandDetected patterns
- headers server /^Cowboy$/i
Ruby (Programming Languages) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Cowboy (Web Frameworks) Expand
Detected patterns
- headers server /^Cowboy$/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://hsbc-staging.kikoya.mx/
HTTP 302
https://hsbc-staging.kikoya.mx/landing Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
landing
hsbc-staging.kikoya.mx/ Redirect Chain
|
11 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-c3a77227416f5cd3a18d56e2f137381008e7b864d83207bc6362c3955562e692.css
hsbc-staging.kikoya.mx/assets/ |
428 KB 65 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application-a6d6a690bc08254058e2daf70d1d82bbb53445f22a93fb9df4d2651de6799e7e.js
hsbc-staging.kikoya.mx/assets/ |
2 MB 533 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logotipo.png
s3.amazonaws.com/arbol-financiero-staging/uploads/9/landing/ |
0 0 |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logotipoAdelana.png
s3.amazonaws.com/arbol-financiero-staging/uploads/9/landing/https%3A//s3.amazonaws.com/arbol-financiero-production/static-files/whitelabels/freemium/ |
0 0 |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 946 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sign-widget-v1.0.0.js
app-sandbox.mifiel.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
hsbc-staging.kikoya.mx/assets/font-awesome/ |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
169 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| seekZero function| RecordRTC function| RecordRTCConfiguration function| GetRecorderType function| MRecordRTC function| bytesToSize function| invokeSaveAsDialog function| isElectron function| getTracks function| setSrcObject function| getSeekableBlob function| isMediaRecorderCompatible function| MediaStreamRecorder function| StereoAudioRecorder function| CanvasRecorder function| WhammyRecorder function| GifRecorder function| MultiStreamsMixer function| MultiStreamRecorder function| RecordRTCPromisesHandler function| WebAssemblyRecorder function| displaySignatureOptions function| setNameOnTextField function| setAuthorityOnTextField function| validateSignersForm function| signedCallback function| requestSignature function| addEventToButton function| changeRadios function| validateEnrollmentOptions function| appearsOnSignUpOk function| checkIfRfcEnabled function| checkIfCellphoneEnabled function| Finance string| browserFakeUserAgent undefined| lastTime boolean| isEdge boolean| isOpera boolean| isFirefox boolean| isChrome boolean| isSafari object| Whammy object| DiskStorage function| $ function| jQuery object| jQuery1124012277762210779519 function| AbstractChosen function| SelectParser object| Turbolinks function| swal function| sweetAlert function| BaseClass function| Component function| Docxtemplater function| JSZip object| JSZipUtils function| require function| Color function| Chart object| TinyMCERails object| tinymce object| tinyMCE object| zip object| DEFAULT_CHOSEN_OPTIONS function| startChosen function| sweet_confirm function| sweet_alert function| sweet_success function| custom_alert function| AddressFill function| AddressZipCode object| Admin object| CarDealerships object| ArbolScoreResults function| CreditReportRequestPinCode function| CreditReportUpdateWithPinCode function| initMap function| AsyncLink function| AttendoNewProject function| AutosavingField function| BeeInitializer function| BirthdaySelection function| CalculatePayment function| CirculoAuthenticationReports function| CirculoAuthenticationReportsStatus function| CollectionCreate function| CollectionRemove function| ContactRequests function| CreditReportRequestForm function| CardsControlComponent function| JointObligorPrivateLink function| FormHandler function| DependentElementDisplay function| DeviseAjaxyForm function| DocumentRemove function| DocumentRemoveBureau function| EmploymentRecordCreate function| EmploymentRecordRemove function| EmploymentRecordWarning function| EnableDisableCampusesGroups function| FinancialAssetCreate function| FinancialAssetRemove object| Financier object| Pollings function| FinancierType object| ProductApplications function| ProductLandingPages function| ProductLandingPagesForm function| FinancingConfigCarVersion function| ReportBlacklistUpdatesRequest function| GenerateReport function| GetMonthlyPayment function| ProgressBarGrower object| Helpers object| ContentEditables function| FlashMessage function| ZipParser function| LaudexFinancingOpts function| LivePreapprovalResultsTable object| mifiel function| initOcularVisitMap function| OcularVisitVideoRecorder function| PhotoModals function| ProductApplicationPhoto function| PackageCertificate function| PasswordGenerator function| PersonalReferenceCreate function| PersonalReferenceRemove function| PolledOperation function| PreapprovalResultStatuses function| PreviousAddress function| PreviousStudyCreate function| PreviousStudyRemove function| ProductApplicationDestroy function| ProductApplicationMessages function| ProductApplicationSearchForm function| ProductApplicationStatuses function| ProductApplicationSubmit function| EmploymentDocumentTypeUpdate function| initMaps function| UpdateProductApplication function| ProductApplicationsOrderBy object| Products function| ProgressBar function| ProjectSubmit object| Projects function| RemoveJointObligor function| ReportRequest function| ReportRequestStatus function| RfcCreation object| Routes function| ScrollableRow function| SearchProducts function| SearchProductsCampusLoader object| CustomForms object| Settings function| StatusModal function| StepBubbles function| SubmitDocument function| SubmitDocumentBureau function| ToggleDisplayInput object| User function| ValidationObligorModal object| Validations function| DocumentTypeValidator function| QuestionaryVerification object| VerificationRequests function| isEmpty function| encodeQueryData1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
hsbc-staging.kikoya.mx/ | Name: _creditos_session Value: UmR6amlYZ0NLbnBkSXgxUGlDKzJLYXh1ZGtRYitvbXdVODhwSFU3c00yK1lQVGxYL3VGNTF2bGM5b2l4c2l2K2FINWpaMHNIUklkUmJ1bld3MlUvTGRvNFZoZzQ4RXJoVFg4RkRSMEpXWHpJZlpORkNWWWZGSXJRU1NMTFUvd2RabktlSHJWbjh6cDJKeEgvSnNiWXFBPT0tLVp1UXVLY2lFa0JOamdZMXNhSmIrOVE9PQ%3D%3D--5e4acf7d3ebf0daded48893061130d009e44e45b |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app-sandbox.mifiel.com
fonts.googleapis.com
fonts.gstatic.com
hsbc-staging.kikoya.mx
s3.amazonaws.com
2606:4700:3037::6812:323a
2a00:1450:4001:806::2003
2a00:1450:4001:819::200a
52.200.34.95
52.216.128.149
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
23c2b12707631d54a821e0b98b89779d866b73c24314eb701f4e02b0919a798c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
585e1d1da7164c6010b133fabb5d447cf580f51b97da5057831fa4ce0598d0a3
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
66ec0c558e69bbf02dfffd78b5015adf941af3bfa2c1ceb9fa4682e3dbf1f5a0
81e80ee9f76c33a09fe3cfe56a41718290bd5abd3a41d9cd9805edb5e4a83602
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
a6d6a690bc08254058e2daf70d1d82bbb53445f22a93fb9df4d2651de6799e7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb6e66b13d40d5c52cd9424d0a84ada975458861ae5750b495dc9114c5d8bc2