uxsingh.com
Open in
urlscan Pro
162.241.85.21
Malicious Activity!
Public Scan
Effective URL: https://uxsingh.com/wp-home.php
Submission: On February 14 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 19th 2021. Valid for: 3 months.
This is the only time uxsingh.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
14 | 152.199.23.37 152.199.23.37 | 15133 (EDGECAST) (EDGECAST) | |
3 | 40.126.31.6 40.126.31.6 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2a00:f940:2:2... 2a00:f940:2:2:1:1:0:57 | 197695 (AS-REG) (AS-REG) | |
1 3 | 162.241.85.21 162.241.85.21 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 143.204.98.21 143.204.98.21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 29 | 2620:1ec:46::44 2620:1ec:46::44 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
7 | 2606:4700::68... 2606:4700::6810:9440 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:e04e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:10:... 2606:4700:10::6814:b844 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
59 | 11 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-85-21.unifiedlayer.com
uxsingh.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-21.fra50.r.cloudfront.net
logo.clearbit.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
aon.com
1 redirects
www.aon.com — Cisco Umbrella Rank: 151119 |
936 KB |
14 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1245 |
287 KB |
7 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 443 |
164 KB |
3 |
uxsingh.com
1 redirects
uxsingh.com |
41 KB |
3 |
live.com
login.live.com — Cisco Umbrella Rank: 73 |
2 KB |
1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 709 |
458 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50 |
57 KB |
1 |
fonts.net
fast.fonts.net — Cisco Umbrella Rank: 2467 |
608 B |
1 |
clearbit.com
logo.clearbit.com — Cisco Umbrella Rank: 23307 |
3 KB |
1 |
danslemonde.ru
1 redirects
danslemonde.ru |
158 B |
1 |
web.app
adfs001.web.app |
9 KB |
1 |
atdmt.com
1 redirects
ad.atdmt.com — Cisco Umbrella Rank: 2666 |
958 B |
59 | 12 |
Domain | Requested by | |
---|---|---|
29 | www.aon.com |
1 redirects
uxsingh.com
www.aon.com |
14 | aadcdn.msftauth.net |
adfs001.web.app
uxsingh.com |
7 | cdn.cookielaw.org |
www.aon.com
www.googletagmanager.com cdn.cookielaw.org |
3 | uxsingh.com |
1 redirects
adfs001.web.app
uxsingh.com |
3 | login.live.com |
adfs001.web.app
uxsingh.com |
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | www.googletagmanager.com |
www.aon.com
|
1 | fast.fonts.net |
www.aon.com
|
1 | logo.clearbit.com |
uxsingh.com
|
1 | danslemonde.ru | 1 redirects |
1 | adfs001.web.app | |
1 | ad.atdmt.com | 1 redirects |
59 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
passwordreset.aon.com |
www.aon.com |
privacy.aon.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2022-01-31 - 2022-05-01 |
3 months | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2021-05-13 - 2022-05-13 |
a year | crt.sh |
graph.windows.net DigiCert SHA2 Secure Server CA |
2022-01-25 - 2023-01-25 |
a year | crt.sh |
uxsingh.com R3 |
2021-12-19 - 2022-03-19 |
3 months | crt.sh |
clearbit.com Amazon |
2021-04-22 - 2022-05-21 |
a year | crt.sh |
*.aon.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-04-21 - 2022-04-26 |
a year | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2021-06-01 - 2022-05-31 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-06 - 2022-07-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-01-17 - 2022-04-11 |
3 months | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2022-01-12 - 2023-01-12 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://uxsingh.com/wp-home.php
Frame ID: 854D143BE31744A3EFA2D76EEB540EAA
Requests: 20 HTTP requests in this frame
Frame:
https://login.live.com/Me.htm?v=3
Frame ID: 2856F8016290009ADFD072E1FAF57036
Requests: 1 HTTP requests in this frame
Frame:
https://www.aon.com/home/index
Frame ID: 58E997B3A00B3F22526D38992632831C
Requests: 39 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountPage URL History Show full URLs
-
https://ad.atdmt.com/s/go;adv=Rasa0918;c.a=18091;p.a=18209;a.a=Norkune2;qpb=1;cache=1181;?h=adfs0...
HTTP 302
https://adfs001.web.app/rasaa7Xnr7Prkun9yWq0Har7Pna7XB8xr7Pm Page URL
-
https://danslemonde.ru/feb.php?url=https://adfs001.web.app/rasaa7Xnr7Prkun9yWq0Har7Pna7XB8xr7Pm
HTTP 302
https://uxsingh.com/wp-private.php?client-request-id=cmFzYS5ub3JrdW5lQGFvbi5jb20= HTTP 302
https://uxsingh.com/wp-home.php Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Forgotten my password
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ad.atdmt.com/s/go;adv=Rasa0918;c.a=18091;p.a=18209;a.a=Norkune2;qpb=1;cache=1181;?h=adfs001.web.app/rasaa7Xnr7Prkun9yWq0Har7Pna7XB8xr7Pm
HTTP 302
https://adfs001.web.app/rasaa7Xnr7Prkun9yWq0Har7Pna7XB8xr7Pm Page URL
-
https://danslemonde.ru/feb.php?url=https://adfs001.web.app/rasaa7Xnr7Prkun9yWq0Har7Pna7XB8xr7Pm
HTTP 302
https://uxsingh.com/wp-private.php?client-request-id=cmFzYS5ub3JrdW5lQGFvbi5jb20= HTTP 302
https://uxsingh.com/wp-home.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://ad.atdmt.com/s/go;adv=Rasa0918;c.a=18091;p.a=18209;a.a=Norkune2;qpb=1;cache=1181;?h=adfs001.web.app/rasaa7Xnr7Prkun9yWq0Har7Pna7XB8xr7Pm HTTP 302
- https://adfs001.web.app/rasaa7Xnr7Prkun9yWq0Har7Pna7XB8xr7Pm
- https://www.aon.com/ HTTP 302
- https://www.aon.com/home/index
59 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
rasaa7Xnr7Prkun9yWq0Har7Pna7XB8xr7Pm
adfs001.web.app/ Redirect Chain
|
29 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
108 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
459 KB 126 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
42 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneDs_472fa3a12b65cf387ccd.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
78 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 12 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ Frame 2856 |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
2 KB 837 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
wp-home.php
uxsingh.com/ Redirect Chain
|
31 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
108 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pidpdisambiguation_76e0875415977704da38.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_ppassword_6f5648a25cfbe86f348c.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
20 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aon.com
logo.clearbit.com/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 19 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 12 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index
www.aon.com/home/ Frame 58E9 Redirect Chain
|
44 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
);
uxsingh.com/ |
30 KB 30 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-min.aspx
www.aon.com/getmedia/ef7de5d3-3d6d-4ee6-ad57-66de983945dc/ Frame 58E9 |
124 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GetCSS.aspx
www.aon.com/CMSPages/ Frame 58E9 |
446 KB 88 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GetCSS.aspx
www.aon.com/CMSPages/ Frame 58E9 |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-iconic-bootstrap.aspx
www.aon.com/getmedia/34ddd031-9a65-4ef9-9ddc-22b83c46a343/ Frame 58E9 |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome-min.aspx
www.aon.com/getmedia/def1f488-d0f9-46cf-a4a4-b22a74b3dca7/ Frame 58E9 |
33 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.aspx
www.aon.com/getmedia/b6658e36-d06a-49d5-b671-52d43222123e/ Frame 58E9 |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OtAutoBlock.js
cdn.cookielaw.org/consent/00db5e7f-3e2d-4e3a-9090-c226ff90e4d1/ Frame 58E9 |
48 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebResource.axd
www.aon.com/ Frame 58E9 |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScriptResource.axd
www.aon.com/ Frame 58E9 |
100 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ScriptResource.axd
www.aon.com/ Frame 58E9 |
39 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-aon-logo.svg
www.aon.com/getmedia/b92e8b10-9efa-4a2e-a807-ac160deefdeb/ Frame 58E9 |
615 B 860 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hp-hero-desktop-wcc-2021.aspx
www.aon.com/home/images/homepage/hero/ Frame 58E9 |
133 KB 133 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hp-hero-mobile-wcc-2021.aspx
www.aon.com/home/images/homepage/hero/ Frame 58E9 |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5050-q4-2021-earnings.aspx
www.aon.com/home/images/5050/ Frame 58E9 |
152 KB 153 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
card-rethink-access-capital.aspx
www.aon.com/home/images/cards/insights/ Frame 58E9 |
62 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
card-on-aon-talent-pool-podcast.aspx
www.aon.com/home/images/cards/insights/ Frame 58E9 |
37 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
card-path-through-pandemic.aspx
www.aon.com/home/images/cards/news/ Frame 58E9 |
45 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-min.aspx
www.aon.com/getmedia/9ec140ac-41d7-4ac9-8db5-af64a54fb589/ Frame 58E9 |
85 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rebranding.aspx
www.aon.com/getmedia/c154498e-d98a-4613-9727-0d7a671b24c2/ Frame 58E9 |
361 B 553 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.aon.com/CMSScripts/Custom/Aon/home/ Frame 58E9 |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.js
www.aon.com/CMSScripts/Custom/Aon/home/ Frame 58E9 |
196 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.css
fast.fonts.net/t/ Frame 58E9 |
0 608 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ Frame 58E9 |
165 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5eec4451-e90c-42e7-b4d8-9b8654a65568.aspx
www.aon.com/getmedia/2d81f9fa-5522-45a5-a30e-d8bfececc20f/ Frame 58E9 |
14 KB 14 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2a13627f-dba8-48e1-935c-a404f5293139.aspx
www.aon.com/getmedia/5380d449-0bbb-4782-b618-cb571b53a5ec/ Frame 58E9 |
14 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.aspx
www.aon.com/getmedia/7e17eb58-2b95-4e66-a6d0-b959adea056c/ Frame 58E9 |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
081486f6-ae1e-4fc6-8ab9-6a939e96bbdc.aspx
www.aon.com/getmedia/451f9973-d2bd-40ee-a61b-6496fb4322c9/ Frame 58E9 |
15 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
644d8155-d6f1-42bb-8c90-2c98b785b510.aspx
www.aon.com/getmedia/c39ba90a-ddda-42f4-8cb6-dbce50906aba/ Frame 58E9 |
14 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
effd846d-39d3-439a-a81b-14b26fd5fb7e.aspx
www.aon.com/getmedia/b57833d6-8f70-44b5-b10a-acb0de100799/ Frame 58E9 |
15 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc12c1b5-9f94-4151-86f1-774120c7e7cd.aspx
www.aon.com/getmedia/b338d839-c436-4ce3-85be-7ec7c2bd0506/ Frame 58E9 |
15 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ Frame 58E9 |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
00db5e7f-3e2d-4e3a-9090-c226ff90e4d1.json
cdn.cookielaw.org/consent/00db5e7f-3e2d-4e3a-9090-c226ff90e4d1/ Frame 58E9 |
7 KB 3 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 58E9 |
182 B 458 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.17.0/ Frame 58E9 |
377 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/00db5e7f-3e2d-4e3a-9090-c226ff90e4d1/4b458245-b5f7-4309-b53a-0cb8e14e83ef/ Frame 58E9 |
308 KB 46 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/6.17.0/assets/ Frame 58E9 |
12 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.17.0/assets/v2/ Frame 58E9 |
46 KB 12 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 58E9 |
817 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| structuredClone object| webpackJsonp boolean| __convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234 boolean| __convergedlogin_pidpdisambiguation_76e0875415977704da38 boolean| __convergedlogin_ppassword_6f5648a25cfbe86f348c5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
uxsingh.com/ | Name: PHPSESSID Value: 853a538631d4c3122010166fbee41827 |
|
.login.live.com/ | Name: uaid Value: a721e7b861d94540b5787d24f7155414 |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1644823706&co=2 |
|
www.aon.com/ | Name: ASLBSACORS Value: 03336252801639b0231d0fcfda0b5bea6d0139179f95a896f989f22ffa1509ff%2c5d698bdcce7789abf648caa66e217ecb01bf934f6de651ee2d386817cb5e7219 |
|
.fonts.net/ | Name: __cf_bm Value: 2PJBFV0DX64.OJBO_bVUd6uL4ne1rN7b_4YD2YYAzlw-1644823707-0-AWXxf9toHJ47fFumpuvXT2ToMLOq+Hq7eQXzO5X7gOq7KvT2xXXHZWvjgZcjnMCmmh4mGjddUUCMRzJbhcJFQjs= |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
ad.atdmt.com
adfs001.web.app
cdn.cookielaw.org
danslemonde.ru
fast.fonts.net
geolocation.onetrust.com
login.live.com
logo.clearbit.com
uxsingh.com
www.aon.com
www.googletagmanager.com
143.204.98.21
152.199.23.37
162.241.85.21
2606:4700:10::6814:b844
2606:4700::6810:9440
2606:4700::6811:e04e
2620:0:890::100
2620:1ec:46::44
2a00:1450:4001:811::2008
2a00:f940:2:2:1:1:0:57
2a03:2880:f02d:5:face:b00c:0:8c
40.126.31.6
0140da8c4170309baa728814f96185de2c71bb6a9101d51cb040ece949aa3128
07570b7e946b6eff7b8ed5e9c8877e68f7205718d5468780a3683f0171a7aefc
0c9466230b4ff0b9e612b10c2bdfb621fe7830a2c141b5a0a78e4459299aef60
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
101080402afd2b729bd51834d6c3e86696ccc9fa0e4c0a34c3a7292cf34de7ef
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
1cb32ff397de074d000db3797ec23c2848787eacbb47f1415ee82fd6606c8814
235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6
24e1f0d933275857d86df80e4a7a8dbe5339d8d02cd05fd34882bc3affe91693
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b3df4d53882fba74216d365e7344c782145f2faf8e08a2d69c548f5fbc7fbf5
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
414caa66bb79bc88c1ba6a2a415d2333c0a01aab1c15f74684dfa7542a97d2f7
4a22b966156e858d2f84c0c8a9c3bf9aafde9e76eedd156cbd5046536d875917
4e8913fdae4ebceeb64cecf094d76baa80ca1a2aeb4ef78f50d52773d9f16e90
53b0ae91cd6fa77022b5330b84de2d0ae00969fd8fcea505b389e0b4767e450a
58726c2eadf8b3d06037a7e504b6897507d8eb897920a68ca5868a851d96ff93
6096561fd50148e59d187ad818f4cf898a88c3a2fe6bd3c7cc45891cf5179ada
65865ddbfb29a964515aa720c811e7753fd6d0a66e0eaf7866f3f430682fff13
65f3429e77489962ee72bd6d65eb31089edaa8a3f213de3cc78826b15048543f
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6b3296b8f62984d8efd85f393d7d25d30354ff04fef96e854e0c7e66cf2d703b
6cdaa98c737ffe4ca4a819c79390f457a29cf35a6aa134af11b8824f04ce2fd7
6eac595261ba0ab7cc40556fdd3d6d41c76307b4e0e8959ca09848561b4410c0
73a1ed2872970f77d33eaa73a020818ac0179bb2c8ed52cb2f5f466d2655fbd9
76cbd2194d268a5fc6ea7495337eca5626c26f5d2be8ea6a003d3841eb571ac5
7bbeb2b6d0ea9e84b86233f36d1d64443c37bdd941dfd4313ff16a2a32c93157
7cb7621f3eb49c78b89d119106cf42981a3075da154dc96af6ca24f8f68c6f53
7ec2bae63da6ae44125cfbfe410387e7d4b113b35673b50daa06683bf3a2fbe7
8026995bb4b27783b141116ff20cfbe07f394172631eb38209a3e75328bf7d76
85189c3a0ebc37dda89a5ef811071b5d4aeb7df093afbbe9ae58e81d96e22398
8642e9bedbf7ad7bf3e7556f6f78cda4330ef3694074b415d1f38b0b6d139b8b
8906475d5fd81f2033bc67154cd0726713c0c51243f1238a3f53d523fd64c292
8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11
a423ac7e2310bc44a1defeb1f6df180cab8a59442e7f41d093f21649fcc86e69
b81c1f47e03e0a156f65c9e42746723e7b5292c9a91ac114ed32547a7641c119
b95e58d60aa7355b8103f3e0b37d871a5e57610a7bc434ea4ab157792978b081
b9e417471cdb15809e9f25fdcf5b28aa301f1eb6ad130255e6925c579fdb8641
c7b5111d7e389160866ea120f6eedf7c1f9c80e8008ae250b9b0a13677305c0e
ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d
d74f28fb86a2c6b23768643b586373013902e9efdde6e551e85c489e5a0e7e11
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db483229674b2f6aa90373117a5d2a79cc147fa08fbc3a122af0d382577611a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b270d2a6af5d01dd798963a97d66ce020da7501b55c0239c0b5d7c1d5d2375
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
f41f0a998ea5c6050811e28be336e386d73dc1d187fcdffb5a763b6d72998dbb
fcc30a3390590bd8570b52d8cf9ce8833b7626cbcd7c041a3ab00c8c0b6e8ad6
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f