claims.mojainsurance.co.uk
Open in
urlscan Pro
85.159.155.43
Malicious Activity!
Public Scan
Effective URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Submission: On December 06 via automatic, source certstream-suspicious — Scanned from GB
Summary
TLS certificate: Issued by Thawte RSA CA 2018 on January 11th 2023. Valid for: a year.
This is the only time claims.mojainsurance.co.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Axa (Insurance)Domain & IP information
ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com |
ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-37-32-235.deploy.static.akamaitechnologies.com
cdn3.optimizely.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-64-165-248.deploy.static.akamaitechnologies.com
a247752487.cdn.optimizely.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-127.fra56.r.cloudfront.net
cdn.decibelinsight.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
sgtm.axa.co.uk |
ASN16509 (AMAZON-02, US)
lantern.roeyecdn.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-252-133.eu-west-1.compute.amazonaws.com
lantern.roeye.com |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-81-247-88.compute-1.amazonaws.com
logx.optimizely.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
mojainsurance.co.uk
1 redirects
claims.mojainsurance.co.uk |
2 MB |
6 |
linkedin.com
4 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419 |
5 KB |
5 |
doubleclick.net
3 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 ad.doubleclick.net — Cisco Umbrella Rank: 139 |
3 KB |
5 |
google.com
2 redirects
www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693 adservice.google.com — Cisco Umbrella Rank: 93 |
2 KB |
4 |
optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 774 cdn3.optimizely.com — Cisco Umbrella Rank: 4821 a247752487.cdn.optimizely.com logx.optimizely.com — Cisco Umbrella Rank: 1439 |
109 KB |
3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 329 |
14 KB |
2 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 786 |
281 B |
2 |
google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3754 |
562 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168 |
93 KB |
2 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 763 |
13 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
193 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
2 KB |
1 |
roeye.com
lantern.roeye.com — Cisco Umbrella Rank: 7156 |
128 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
185 B |
1 |
roeyecdn.com
lantern.roeyecdn.com — Cisco Umbrella Rank: 7355 |
2 KB |
1 |
axa.co.uk
sgtm.axa.co.uk — Cisco Umbrella Rank: 827777 |
3 KB |
1 |
decibelinsight.net
cdn.decibelinsight.net — Cisco Umbrella Rank: 7870 |
80 KB |
1 |
dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 3662 |
11 KB |
1 |
msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2370 |
22 KB |
46 | 19 |
Domain | Requested by | |
---|---|---|
13 | claims.mojainsurance.co.uk |
1 redirects
claims.mojainsurance.co.uk
|
4 | px.ads.linkedin.com |
3 redirects
az416426.vo.msecnd.net
|
3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com claims.mojainsurance.co.uk |
2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
2 | adservice.google.com |
claims.mojainsurance.co.uk
|
2 | ad.doubleclick.net | 2 redirects |
2 | www.google.co.uk |
claims.mojainsurance.co.uk
|
2 | connect.facebook.net |
claims.mojainsurance.co.uk
connect.facebook.net |
2 | snap.licdn.com |
www.googletagmanager.com
snap.licdn.com |
2 | googleads.g.doubleclick.net |
1 redirects
claims.mojainsurance.co.uk
|
2 | www.google.com | 2 redirects |
2 | www.googletagmanager.com |
claims.mojainsurance.co.uk
www.googletagmanager.com |
2 | fonts.googleapis.com |
claims.mojainsurance.co.uk
|
1 | logx.optimizely.com |
az416426.vo.msecnd.net
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | lantern.roeye.com |
claims.mojainsurance.co.uk
|
1 | www.facebook.com |
claims.mojainsurance.co.uk
|
1 | px4.ads.linkedin.com |
claims.mojainsurance.co.uk
|
1 | www.linkedin.com | 1 redirects |
1 | lantern.roeyecdn.com |
www.dwin1.com
|
1 | sgtm.axa.co.uk |
az416426.vo.msecnd.net
|
1 | cdn.decibelinsight.net |
claims.mojainsurance.co.uk
|
1 | www.dwin1.com |
www.googletagmanager.com
|
1 | a247752487.cdn.optimizely.com |
cdn.optimizely.com
|
1 | cdn3.optimizely.com |
cdn.optimizely.com
|
1 | az416426.vo.msecnd.net |
claims.mojainsurance.co.uk
|
1 | cdn.optimizely.com |
claims.mojainsurance.co.uk
|
46 | 28 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.axa.co.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
claims.mojainsurance.co.uk Thawte RSA CA 2018 |
2023-01-11 - 2024-01-10 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-09-01 - 2024-09-04 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2023-05-05 - 2024-04-28 |
a year | crt.sh |
*.optimizely.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-09-01 - 2024-09-04 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.cdn.optimizely.com GeoTrust RSA CA 2018 |
2023-02-26 - 2024-02-28 |
a year | crt.sh |
www.bing.com Microsoft Azure TLS Issuing CA 01 |
2023-10-24 - 2024-04-21 |
6 months | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2023-02-01 - 2024-01-31 |
a year | crt.sh |
*.dwin1.com Amazon RSA 2048 M03 |
2023-10-18 - 2024-11-15 |
a year | crt.sh |
*.decibelinsight.net Amazon RSA 2048 M01 |
2023-02-28 - 2024-02-12 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-09-15 - 2023-12-14 |
3 months | crt.sh |
sgtm.axa.co.uk GTS CA 1D4 |
2023-11-03 - 2024-02-01 |
3 months | crt.sh |
*.roeyecdn.com Amazon RSA 2048 M01 |
2023-10-04 - 2024-10-30 |
a year | crt.sh |
*.roeye.com Amazon RSA 2048 M03 |
2023-11-26 - 2024-12-24 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
www.google.co.uk GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
logx.optimizely.com Amazon RSA 2048 M01 |
2023-06-24 - 2024-07-22 |
a year | crt.sh |
www.linkedin.com DigiCert SHA2 Secure Server CA |
2023-11-03 - 2024-05-03 |
6 months | crt.sh |
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 03 |
2023-09-02 - 2024-08-27 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Frame ID: 41F7A77BED7484CCD5863A7412309243
Requests: 44 HTTP requests in this frame
Frame:
https://a247752487.cdn.optimizely.com/client_storage/a247752487.html
Frame ID: F35CE6136CA07B82736F95B1C8A73EC6
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Unauthorised User | AXA UKPage URL History Show full URLs
-
https://claims.mojainsurance.co.uk/
HTTP 302
https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Page URL
Detected technologies
AWIN (Affiliate programs) ExpandDetected patterns
- dwin1\.com
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
Linkedin Insight Tag (Analytics) Expand
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Optimizely (Analytics) Expand
Detected patterns
- optimizely\.com.*\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Cookie policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Terms and conditions
Search URL Search Domain Scan URL
Title: Regulated
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://claims.mojainsurance.co.uk/
HTTP 302
https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://www.google.com/pagead/landing?gcs=G111&gcd=11r1r1l1l5&rnd=940019988.1701905123&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&dma=0>m=45He3bt0n71TS5W33v6772558&auid=1986306331.1701905123 HTTP 302
- https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11r1r1l1l5&rnd=940019988.1701905123&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&dma=0>m=45He3bt0n71TS5W33v6772558&auid=1986306331.1701905123
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701905122913&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701905122913&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2764153%26time%3D1701905122913%26url%3Dhttps%253A%252F%252Fclaims.mojainsurance.co.uk%252FSession%252FUnauthorisedUser%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701905122913&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701905122913&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true&liSync=true&e_ipv6=AQLxVxuM8zGgfwAAAYxBc0lIa0mWyohGDx1vepNUbW8XD_NzjkBq9KFjAxoadh2C0LtX
- https://ad.doubleclick.net/activity;src=8312467;type=axa;cat=visits;ord=1;num=1454577619;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=1672493824.1701905123;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=612901415.1701905123;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser HTTP 302
- https://adservice.google.com/ddm/fls/z/src=8312467;type=axa;cat=visits;ord=1;num=1454577619;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=1672493824.1701905123;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=*;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser
- https://ad.doubleclick.net/activity;src=8312467;type=axa;cat=viewpage;ord=1608172466;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=1672493824.1701905123;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=612901415.1701905123;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser HTTP 302
- https://adservice.google.com/ddm/fls/z/src=8312467;type=axa;cat=viewpage;ord=1608172466;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=1672493824.1701905123;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=*;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1059897644/?random=1322704527&fst=1701905123099&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=45j91e3b82v883963684z86772558z9848097749&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&tiba=Unauthorised%20User%20%7C%20AXA%20UK&auid=612901415.1701905123&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dma=0&gcs=G111&gcd=11r1r1l1l5 HTTP 302
- https://www.google.com/pagead/1p-user-list/1059897644/?random=1322704527&fst=1701903600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=45j91e3b82v883963684z86772558z9848097749&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&tiba=Unauthorised%20User%20%7C%20AXA%20UK&is_vtc=1&cid=CAQSKQDICaaNClOm780zgOvQ0MNeEJfwYD7C_j289SX9F3kpB9tJYxc6OCd6&random=2790273769 HTTP 302
- https://www.google.co.uk/pagead/1p-user-list/1059897644/?random=1322704527&fst=1701903600000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=45j91e3b82v883963684z86772558z9848097749&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&tiba=Unauthorised%20User%20%7C%20AXA%20UK&is_vtc=1&cid=CAQSKQDICaaNClOm780zgOvQ0MNeEJfwYD7C_j289SX9F3kpB9tJYxc6OCd6&random=2790273769&ipr=y
46 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
UnauthorisedUser
claims.mojainsurance.co.uk/Session/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
569 B 775 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 779 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
247752487.js
cdn.optimizely.com/js/ |
380 KB 106 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VendorCssBundle
claims.mojainsurance.co.uk/ |
46 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.min.css
claims.mojainsurance.co.uk/Content/css/AXA/ |
220 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery
claims.mojainsurance.co.uk/bundles/ |
1 MB 387 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr
claims.mojainsurance.co.uk/bundles/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
venders
claims.mojainsurance.co.uk/bundles/ |
131 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
enolJsBundle
claims.mojainsurance.co.uk/bundles/ |
952 KB 292 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
claims.mojainsurance.co.uk/Content/images/AXA/svg/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo4.js
cdn3.optimizely.com/js/ |
313 B 795 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
406 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Regular.otf
claims.mojainsurance.co.uk/Content/fonts/SourceSansPro/ |
250 KB 251 KB |
Font
application/font-otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background_error.jpg
claims.mojainsurance.co.uk/Content/images/AXA/jpg/ |
201 KB 202 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
publico.eot
claims.mojainsurance.co.uk/Content/fonts/Publico/ |
206 KB 206 KB |
Font
application/vnd.ms-fontobject |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a247752487.html
a247752487.cdn.optimizely.com/client_storage/ Frame F35C |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
publico.ttf
claims.mojainsurance.co.uk/Content/fonts/Publico/ |
206 KB 206 KB |
Font
application/font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
landing
googleads.g.doubleclick.net/pagead/ Redirect Chain
|
42 B 588 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
1 KB 806 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13529.js
www.dwin1.com/ |
40 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
di.js
cdn.decibelinsight.net/i/13049/54678/ |
205 KB 80 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
202 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
260 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
sgtm.axa.co.uk/g/ |
2 KB 3 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5321252.js
bat.bing.com/p/action/ |
0 118 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 286 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.old.min.js
snap.licdn.com/li.lms-analytics/ |
31 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lantern_global_13529.min.js
lantern.roeyecdn.com/ |
2 KB 2 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 265 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
731504514000972
connect.facebook.net/signals/config/ |
214 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track.php
lantern.roeye.com/ |
0 128 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/s/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.co.uk/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
src=8312467;type=axa;cat=visits;ord=1;num=1454577619;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsuran...
adservice.google.com/ddm/fls/z/ Redirect Chain
|
42 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
src=8312467;type=axa;cat=viewpage;ord=1608172466;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.c...
adservice.google.com/ddm/fls/z/ Redirect Chain
|
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.co.uk/pagead/1p-user-list/1059897644/ Redirect Chain
|
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 669 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
px.ads.linkedin.com/wa/ |
0 202 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 281 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
6b8d1d9e-aa0e-4f6a-a102-23cc5a222aaf
https://claims.mojainsurance.co.uk/ |
15 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Axa (Insurance)162 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| appInsights object| dataLayer undefined| _ object| optimizely number| startTime number| duration object| uiAjax object| JQuery function| $ function| jQuery object| jsBezier object| Biltong function| Mottle function| Katavorio object| jsPlumbUtil object| jsPlumbAdapter function| jsPlumbUIComponent function| OverlayCapableJsPlumbUIComponent function| jsPlumbInstance object| jsPlumb function| SvgEndpoint function| VmlEndpoint object| html5 object| Modernizr function| moment function| closeAllSelect function| isSmallOrMediumScreen function| preventDefault function| theMouseWheel function| disable_scroll function| enable_scroll function| showModal function| disablePrintLinkIfUnsupported function| registerGlobalEvents function| clientValidationShouldSkipFor function| validateTwoDateInput function| validateThreeDateInput function| removeThreeDateInputValidationFeedbackFrom function| turnOffAutoComplete function| setupContactPreferences function| setupContextualHelp function| setupContextualHelpForControl function| showContextualHelp function| hideContextualHelp function| setupErrorMessaging function| openSlider function| resizeSliderFrame function| hasAndroidViewportChanged function| setupHealixSlider function| setupNonHealixSlider function| openAlert function| blockElementUntilContentLoaded function| unblockElementAfterContentHasLoaded function| closeSlider function| closeAlert function| setValidationSummaryBarVisibility function| showContent function| isOverlay function| isBackOffice function| isFrontOffice function| openThawte function| pageShouldFadeRightHandSideContent function| setupTooltips function| setupVehicleDamageTooltips function| isTouch function| isTablet function| isDesktop function| isMobile function| suppressKeyInputOverMaxLength function| makeButtonsNotEditable function| initNumberInputMaxLengths function| clickEventForDatePickers function| openAlertResponsive function| resizeAlertHeight function| UnbindRefreshPopup object| WhatSelectData object| WhereSelectData object| WithSelectData object| BestDescribesData object| DriverLicenceType object| DriverResidency object| DriverOccupation object| ClaimType object| ConvictionType object| HomeClaimDescription object| CategorySelectData object| ItemSelectData object| DamageTypeData object| RoomData object| DamageSeverityData object| RepairedReplacedData object| SvgIcons object| EnolDynamicViews object| EnolSavedClaims number| currentWindowHeight function| showErrorCountInValidationSummaryBar string| newwindow number| windowHeight function| isSpecialCharacter object| setupHtmlInputControls function| getWindowHeight function| dialogBeforeCloseResponsive function| dialogCreate function| dialogOpen function| dialogBeforeClose boolean| isDialogOpen number| scrollPosition object| ko object| jQuery111305181634430842779 function| openLocationMoja object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data undefined| date object| ddMmYyyy object| YyyyMmDd string| _linkedin_data_partner_id object| _da_ string| DecibelInsight function| decibelInsight function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_656b8747d3 object| uetq object| AWIN function| AwinCustomEvent object| _di_max_id object| _da_crcTable object| process function| lintrk boolean| _already_called_lintrk object| lanternTracker object| lantern object| ORIBILI undefined| brand undefined| product string| pageURL string| website object| newMotorRenewal object| motorRenewal object| homeRenewal object| axaWebsites object| scWebsites object| weekendEndTime object| weekendStartTime object| weekdayEndTime object| sundayStartTime object| sundayEndTime boolean| decibelInsight_initiated object| di_events28 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.decibelinsight.net/i/13049/ | Name: da_lid Value: -209F97F09A73EA1200ACBB99FA1541529E|0|0|0 |
|
.decibelinsight.net/i/13049/ | Name: da_sid Value: 13ACA4C38E33AE8995FDAA13B8170B592D|3|0|0 |
|
claims.mojainsurance.co.uk/Session | Name: cookieConsent Value: all |
|
claims.mojainsurance.co.uk/ | Name: f5avraaaaaaaaaaaaaaaa_session_ Value: FEOBAJNJHBAEMJMDIBENOJHBFLPOFFCOBAKMJGIPMBPPFLFNOCAKFODGAHFNAIGGJIJDKDFCNCHFKGCKLELANGODIAGBCECGDOLMEDMAELPKGECFGFLLEPCFGICGBJKI |
|
claims.mojainsurance.co.uk/ | Name: ASP.NET_SessionId Value: hgs4fgcvcnivp3wsojtjkp4v |
|
.mojainsurance.co.uk/ | Name: optimizelyEndUserId Value: oeu1701905122365r0.6340702309027209 |
|
claims.mojainsurance.co.uk/ | Name: ai_user Value: sORQ4|2023-12-06T23:25:22.579Z |
|
claims.mojainsurance.co.uk/ | Name: _gtm_userSampleGroup Value: 0.50 |
|
.mojainsurance.co.uk/ | Name: _gtm_decibelEnabled Value: true |
|
.mojainsurance.co.uk/ | Name: _gcl_au Value: 1.1.1986306331.1701905123 |
|
.mojainsurance.co.uk/ | Name: _ga_RE55ZQSXB7 Value: GS1.1.1701905122.1.0.1701905122.0.0.0 |
|
.mojainsurance.co.uk/ | Name: _ga Value: GA1.1.1672493824.1701905123 |
|
.mojainsurance.co.uk/ | Name: _uetsid Value: ba619800948e11eea445816391cbc6c7 |
|
.mojainsurance.co.uk/ | Name: _uetvid Value: ba61bd10948e11ee9675f1094b5fac62 |
|
.bing.com/ | Name: MUID Value: 37997B515533627A1988688E54886394 |
|
.mojainsurance.co.uk/ | Name: _fbp Value: fb.2.1701905123069.1316307610 |
|
claims.mojainsurance.co.uk/ | Name: ai_session Value: R59Oy|1701905123208.3|1701905123208.3 |
|
.linkedin.com/ | Name: li_sugr Value: 1538f53d-0fcf-4c20-9a85-4eb3612a071f |
|
.linkedin.com/ | Name: bcookie Value: "v=2&08777b8c-fa64-4080-8c01-f49de7555350" |
|
.linkedin.com/ | Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3107:u=1:x=1:i=1701905123:t=1701991523:v=2:sig=AQEPMUlrmyRL0sPUxgsoPJZqVcZIWNy0" |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmiomn3IBXkO9udlcgmJ8NBBywGYq6u6GUWb_c5UODLJOaT-QTDS0m6zuCd5mE |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQKFoaxIY7ZP1gAAAYxBc0f2s8cfKWdDkGWQvggJIqx0Dbo8BNJMl5Tzx8f2IfPoyEuiiMuaIldDlg |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQJxeC9bXi1VwAAAAYxBc0f2vF-SSOwvbPw6em5Wc3CjaCOOyuUFq2eXLWC6uzFpnM4IpuHW0EXrqueralrgBg |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&20231206232523dafdda9c-5b79-42f0-8c76-31b727d5a7efAQGvuEeKfqYLqVEaMZ8B244UhP4zkvo-" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE3MDE5MDUxMjM7MjswMjGMipB/GXrw4+ltOJu4GPXSzrDD1DWP9FSgIR5Y2r8PQg== |
|
.mojainsurance.co.uk/ | Name: da_sid Value: 13ACA4C38E33AE8995FDAA13B8170B592D|3|0|3 |
|
.mojainsurance.co.uk/ | Name: da_lid Value: 209F97F09A73EA1200ACBB99FA1541529E|0|0|0 |
|
.mojainsurance.co.uk/ | Name: da_intState Value: |
24 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a247752487.cdn.optimizely.com
ad.doubleclick.net
adservice.google.com
az416426.vo.msecnd.net
bat.bing.com
cdn.decibelinsight.net
cdn.optimizely.com
cdn3.optimizely.com
claims.mojainsurance.co.uk
connect.facebook.net
dc.services.visualstudio.com
fonts.googleapis.com
googleads.g.doubleclick.net
lantern.roeye.com
lantern.roeyecdn.com
logx.optimizely.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
sgtm.axa.co.uk
snap.licdn.com
stats.g.doubleclick.net
www.dwin1.com
www.facebook.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.linkedin.com
104.64.165.248
108.138.26.127
13.107.42.14
142.250.186.134
2001:4860:4802:34::36
23.37.32.235
2600:1901:0:35e6::
2600:9000:237d:9c00:1f:af3f:8a40:93a1
2600:9000:26db:a600:f:8ce2:fb80:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9d
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:889::13b8
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.81.247.88
52.236.186.216
85.159.155.43
99.80.252.133
08d39f9de62a5207ae77b80933552447823d3a60e4f371d24d018e0fe6a4b76a
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
11157f8316b1c222a98442aad19dc1b09341da54b21f64aecf5a9b966d09f4bb
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
316a0856b18d457d073ff70d1af7fed884bc29a5fc612bf94f3ed2dbf52d109c
3ac1c44ce3bbb2f796adeb4360c6dfb9c72a48384691e70d4fee706caa640571
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
407f5113d9e2b4d44e17cefbf45d040bd4b3bc3fd5952a43cffbeaa28ce3cc00
457c67da52db8eff1514df860417cdd9a6d44a29a52f794256fcaf4a980464c9
4f15551e8df16365a4eba91f078b16e4dc40959a98f6f8e1de8b2ad895ccc705
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
56267def56891a5f362d39c74bf78dd1cfe953bc2115f0a6cef8dfacfef7cf02
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6931e2e9219b23fd97a22e5578443512192e911d4f13f43d640c76b706c5037c
739201e205fb348ae399397d341aef7402902fb388084998955a0ad4e69ec677
7fbc6610f9daeb3abe9863316dfd50369d3e173fc7be8baefc334468e8a19888
862a929d4f3d5d8cc73bfd104e9ecf3e523694cd612f914d8c040a94788dd387
8eb0ee259863bc0abfb4ebf2d5138c3931fdd2dc3e4a920ee139064df8632c06
96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063
97dbf618328c6fa3f2822f8873339c9bfc82ed9766358cc194b6893297c9020f
99111c2c9d2617b28a94231c0309cbbd7b1073695bcab726da58364525eb0329
a03ed09f342b44819675f6768bb308af53d64056e7869991b1b311ed68148f05
a9afd5863382a64fbff5a548b2d31d74c7adfe004317dac48a81504842e847a8
ae78840ca7a22b943a2ffed193b13ed22033f0a9f0e9b2dc99f2155efc46acc9
baa97cb056524ee6f783090f83aa1f885c94b2b04316c0c79106d39648fa2a24
bcde0644cf35f62b49b18055d0829287a83f408e5d54f49d70e35580a0b7f624
c8f09f40b6972cbe239f450cc733fb98bf50decc1dd0360ba4ae9b96578f23c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4618262c1c1338400e19d156d5a3604f4fc94290c3ce7dad2ee225e3b6c8127
ebcbb13721ea4f54e9c2ef47252b39affb87e57ed7b570eb65d1757a88ea8f85
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6ca424c9a6ed9fe88510a27d6de9abf03af3e7157246f5a7259873109a4cd56