aon360.maptqksa.com Open in urlscan Pro
185.230.211.243 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://aon360.maptqksa.com/
Effective URL:
https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F
Submission: On December 26 via manual (December 26th 2022, 10:15:45 am UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 13 HTTP transactions. The main IP is 185.230.211.243, located in Saudi Arabia and belongs to CLOUDSIGMA-AS, CH. The main domain is aon360.maptqksa.com.
TLS certificate: Issued by Sectigo ECC Organization Validation S... on March 8th 2022. Valid for: a year.

This is the only time aon360.maptqksa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.230.210.17 185.230.210.17	50837 (CLOUDSIGM...) (CLOUDSIGMA-AS)
1 9	185.230.211.243 185.230.211.243	50837 (CLOUDSIGM...) (CLOUDSIGMA-AS)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:a00... 2a04:4e42:a00::282	54113 (FASTLY) (FASTLY)
1	2620:1ec:4e:1... 2620:1ec:4e:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.69.106.217 13.69.106.217	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	5

1 185.230.210.17 (Saudi Arabia) 1 redirects

ASN50837 (CLOUDSIGMA-AS, CH)

aon360.maptqksa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.230.211.243 (Saudi Arabia) 1 redirects

ASN50837 (CLOUDSIGMA-AS, CH)

aon360.maptqksa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	maptqksa.com 2 redirects aon360.maptqksa.com	613 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 827	304 B
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 2748	45 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1876	402 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 115	37 KB
13	5

	Domain	Requested by
10	aon360.maptqksa.com	2 redirects aon360.maptqksa.com
2	dc.services.visualstudio.com	js.monitor.azure.com
1	js.monitor.azure.com	aon360.maptqksa.com
1	polyfill.io	aon360.maptqksa.com
1	www.googletagmanager.com	aon360.maptqksa.com
13	5

This site contains no links.

Subject Issuer	Validity	Valid
*.maptqksa.com Sectigo ECC Organization Validation Secure Server CA	`2022-03-08` - `2023-03-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 05	`2022-12-23` - `2023-12-18`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 06	`2022-11-21` - `2023-11-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F
Frame ID: CAB07C803F2A93B8513A3389D5A8B917
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HRorganizer.com

Page URL History Show full URLs

http://aon360.maptqksa.com/ HTTP 301
https://aon360.maptqksa.com/ HTTP 302
https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

694 kB
Transfer

1953 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://aon360.maptqksa.com/ HTTP 301
https://aon360.maptqksa.com/ HTTP 302
https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Login Show response
aon360.maptqksa.com/Account/
Redirect Chain

http://aon360.maptqksa.com/
https://aon360.maptqksa.com/
https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F

9 KB
5 KB

113ms
113ms

Document
text/html

185.230.211.243
CLOUDSIGMA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.211.243 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),

Reverse DNS

Software

nginx /

Resource Hash

854dd862400b65450f2ad5940c052597a643f12ca64cfc398cc973c4daad9e70

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .service.signalr.net .visualstudio.com https: wss:; font-src ;img-src data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'self'; connect-src 'self' *.service.signalr.net *.visualstudio.com https: wss:; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Content-Type: text/html; charset=utf-8
Date: Mon, 26 Dec 2022 10:15:38 GMT
Permissions-Policy: fullscreen=*
Pragma: no-cache
Referrer-Policy: strict-origin
Request-Context: appId=cid-v1:fb187e35-2e43-4236-8b25-a46a8a832bf5
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'self'; connect-src 'self' *.service.signalr.net *.visualstudio.com https: wss:; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date: Mon, 26 Dec 2022 10:15:38 GMT
Location: https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F
Permissions-Policy: fullscreen=*
Referrer-Policy: strict-origin
Request-Context: appId=cid-v1:fb187e35-2e43-4236-8b25-a46a8a832bf5
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 84ms
32ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: aon360.maptqksa.com
URL: https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3dd2e71a1daff68e76468be3ddef0236b827576c9a1962c890d76b9621027b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://aon360.maptqksa.com/
Origin: https://aon360.maptqksa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 10:15:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37488
x-xss-protection: 0
last-modified: Mon, 26 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://aon360.maptqksa.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Dec 2022 10:15:38 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
402 B 86ms
37ms Script
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?version=3.52.1&features=AbortController%2Cfetch
Requested by: Host: aon360.maptqksa.com
URL: https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Request headers

Referer: https://aon360.maptqksa.com/
Origin: https://aon360.maptqksa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 10:15:38 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 07:30:38 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/108.0.0
server-timing: cache-hhn-etou8220073, PASS, fastly;desc="Edge time";dur=12
accept-ranges: bytes
content-length: 74

GET
H/1.1 200
OK hro.css
aon360.maptqksa.com/Content/bootstrap/ 304 KB
60 KB 208ms
208ms Stylesheet
text/css 185.230.211.243
CLOUDSIGMA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aon360.maptqksa.com/Content/bootstrap/hro.css

Requested by

Host: aon360.maptqksa.com
URL: https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.211.243 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),

Reverse DNS

Software

nginx /

Resource Hash

17bea934c7c5a0dce3ccf52006ad8994558c06d0ff78397648d72d796fc57fd0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .service.signalr.net .visualstudio.com https: wss:; font-src ;img-src data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aon360.maptqksa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 26 Dec 2022 10:15:38 GMT
Content-Security-Policy: default-src 'self'; connect-src 'self' *.service.signalr.net *.visualstudio.com https: wss:; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Fri, 23 Dec 2022 14:03:51 GMT
Server: nginx
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Etag: W/"1d916d7627c7ce6"
Transfer-Encoding: chunked
Content-Type: text/css
Permissions-Policy: fullscreen=*
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Request-Context: appId=cid-v1:fb187e35-2e43-4236-8b25-a46a8a832bf5

GET
H/1.1 200
OK bw
aon360.maptqksa.com/I/Logo/ 9 KB
10 KB 324ms
118ms Image
image/png 185.230.211.243
CLOUDSIGMA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aon360.maptqksa.com/I/Logo/bw?oid=Rg8UVUJYKEeXTguxBAQhSA

Requested by

Host: aon360.maptqksa.com
URL: https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.211.243 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),

Reverse DNS

Software

nginx /

Resource Hash

644b6607087f8794209ff4ee84084e2b09f33382df178f804eafcb7586e89159

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .service.signalr.net .visualstudio.com https: wss:; font-src ;img-src data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aon360.maptqksa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 26 Dec 2022 10:15:39 GMT
Content-Security-Policy: default-src 'self'; connect-src 'self' *.service.signalr.net *.visualstudio.com https: wss:; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Server: nginx
X-Content-Type-Options: nosniff
Content-Type: image/png
Permissions-Policy: fullscreen=*
Connection: keep-alive
Content-Length: 9676
X-Xss-Protection: 1; mode=block
Request-Context: appId=cid-v1:fb187e35-2e43-4236-8b25-a46a8a832bf5

GET
H/1.1 200
OK hro.js Show response
aon360.maptqksa.com/Scripts/ 1 MB
419 KB 417ms
210ms Script
application/javascript 185.230.211.243
CLOUDSIGMA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aon360.maptqksa.com/Scripts/hro.js?v=v20220215

Requested by

Host: aon360.maptqksa.com
URL: https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.211.243 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),

Reverse DNS

Software

nginx /

Resource Hash

c6fd5c7246e9e4b58c08b60efb55dbadf37498404649fd0a2727e23f1a1f34ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .service.signalr.net .visualstudio.com https: wss:; font-src ;img-src data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aon360.maptqksa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 26 Dec 2022 10:15:39 GMT
Content-Security-Policy: default-src 'self'; connect-src 'self' *.service.signalr.net *.visualstudio.com https: wss:; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Fri, 23 Dec 2022 14:03:51 GMT
Server: nginx
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Etag: W/"1d916d7626cd8b3"
Transfer-Encoding: chunked
Content-Type: application/javascript
Permissions-Policy: fullscreen=*
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Request-Context: appId=cid-v1:fb187e35-2e43-4236-8b25-a46a8a832bf5

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ 118 KB
45 KB 138ms
23ms Script
text/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: aon360.maptqksa.com
URL: https://aon360.maptqksa.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac4f3a99557d9c17b6ded0c6d4f0b267f4879cde9baec07a83910ab8c7059f77

Request headers

Referer: https://aon360.maptqksa.com/
Origin: https://aon360.maptqksa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 10:15:38 GMT
content-encoding: br
x-azure-ref-originshield: 03nKpYwAAAAD8q8jSY31YSK5y5Oh8e8l7RlJBMjMxMDUwNDE4MDMxAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5: 9j1it/ejcfI34cTV1VuCzA==
x-cache: TCP_HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.9.min.js
last-modified: Mon, 31 Oct 2022 18:35:27 GMT
x-ms-meta-aijssdkver: 2.8.9
etag: 0x8DABB6EAE654DEC
x-azure-ref: 0SnSpYwAAAAAT/ZPrEBfvRK83Ff31oTw6RlJBMzFFREdFMDkwOQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 930329b5-501e-0003-480f-19e58d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H/1.1 200
OK login_background.png
aon360.maptqksa.com/Content/ 43 KB
43 KB 203ms
203ms Image
image/png 185.230.211.243
CLOUDSIGMA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aon360.maptqksa.com/Content/login_background.png

Requested by

Host: aon360.maptqksa.com
URL: https://aon360.maptqksa.com/Content/bootstrap/hro.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.211.243 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),

Reverse DNS

Software

nginx /

Resource Hash

fc4f34d14f9e0895bd773921957e1c1aa3b00df429584954954d34dfaa3108fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .service.signalr.net .visualstudio.com https: wss:; font-src ;img-src data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aon360.maptqksa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 26 Dec 2022 10:15:39 GMT
Content-Security-Policy: default-src 'self'; connect-src 'self' *.service.signalr.net *.visualstudio.com https: wss:; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Fri, 23 Dec 2022 14:02:22 GMT
Server: nginx
X-Content-Type-Options: nosniff
Etag: "1d916d72d6cc1c7"
Content-Type: image/png
Permissions-Policy: fullscreen=*
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43719
X-Xss-Protection: 1; mode=block
Request-Context: appId=cid-v1:fb187e35-2e43-4236-8b25-a46a8a832bf5

GET
H/1.1 200
OK OpenSans-Semibold-webfont.woff
aon360.maptqksa.com/Content/fonts/ 22 KB
23 KB 204ms
203ms Font
application/font-woff 185.230.211.243
CLOUDSIGMA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aon360.maptqksa.com/Content/fonts/OpenSans-Semibold-webfont.woff

Requested by

Host: aon360.maptqksa.com
URL: https://aon360.maptqksa.com/Content/bootstrap/hro.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.211.243 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),

Reverse DNS

Software

nginx /

Resource Hash

26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .service.signalr.net .visualstudio.com https: wss:; font-src ;img-src data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aon360.maptqksa.com/
Origin: https://aon360.maptqksa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 26 Dec 2022 10:15:39 GMT
Content-Security-Policy: default-src 'self'; connect-src 'self' *.service.signalr.net *.visualstudio.com https: wss:; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Fri, 23 Dec 2022 14:02:22 GMT
Server: nginx
X-Content-Type-Options: nosniff
Etag: "1d916d72d6c327c"
Content-Type: application/font-woff
Permissions-Policy: fullscreen=*
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22908
X-Xss-Protection: 1; mode=block
Request-Context: appId=cid-v1:fb187e35-2e43-4236-8b25-a46a8a832bf5

GET
H/1.1 200
OK OpenSans-Regular-webfont.woff
aon360.maptqksa.com/Content/fonts/ 22 KB
23 KB 408ms
205ms Font
application/font-woff 185.230.211.243
CLOUDSIGMA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aon360.maptqksa.com/Content/fonts/OpenSans-Regular-webfont.woff

Requested by

Host: aon360.maptqksa.com
URL: https://aon360.maptqksa.com/Content/bootstrap/hro.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.211.243 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),

Reverse DNS

Software

nginx /

Resource Hash

22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .service.signalr.net .visualstudio.com https: wss:; font-src ;img-src data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aon360.maptqksa.com/
Origin: https://aon360.maptqksa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 26 Dec 2022 10:15:39 GMT
Content-Security-Policy: default-src 'self'; connect-src 'self' *.service.signalr.net *.visualstudio.com https: wss:; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Fri, 23 Dec 2022 14:02:22 GMT
Server: nginx
X-Content-Type-Options: nosniff
Etag: "1d916d72d6c3384"
Content-Type: application/font-woff
Permissions-Policy: fullscreen=*
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22660
X-Xss-Protection: 1; mode=block
Request-Context: appId=cid-v1:fb187e35-2e43-4236-8b25-a46a8a832bf5

GET
H/1.1 200
OK hro-icons.ttf
aon360.maptqksa.com/Content/fonts/ 27 KB
28 KB 407ms
203ms Font
application/x-font-ttf 185.230.211.243
CLOUDSIGMA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aon360.maptqksa.com/Content/fonts/hro-icons.ttf?h1rn0c

Requested by

Host: aon360.maptqksa.com
URL: https://aon360.maptqksa.com/Content/bootstrap/hro.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.230.211.243 , Saudi Arabia, ASN50837 (CLOUDSIGMA-AS, CH),

Reverse DNS

Software

nginx /

Resource Hash

8e1637ae05e06c7020943da66838c0a10d7033e2da9364f23c23d34e1b1cc82e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .service.signalr.net .visualstudio.com https: wss:; font-src ;img-src data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aon360.maptqksa.com/
Origin: https://aon360.maptqksa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 26 Dec 2022 10:15:39 GMT
Content-Security-Policy: default-src 'self'; connect-src 'self' *.service.signalr.net *.visualstudio.com https: wss:; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Fri, 23 Dec 2022 14:02:22 GMT
Server: nginx
X-Content-Type-Options: nosniff
Etag: "1d916d72d6c0638"
Content-Type: application/x-font-ttf
Permissions-Policy: fullscreen=*
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27960
X-Xss-Protection: 1; mode=block
Request-Context: appId=cid-v1:fb187e35-2e43-4236-8b25-a46a8a832bf5

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
304 B 485ms
484ms XHR
application/json 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

61031a6a35e1de93efe2ba353ace846f614e421d23b667f4e3ae8f6d4ccfa87a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://aon360.maptqksa.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: AE01CD2C-B0C3-446F-9D30-E8181A45330D
strict-transport-security: max-age=31536000
date: Mon, 26 Dec 2022 10:15:41 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ 0
0 243ms
28ms Preflight 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://aon360.maptqksa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Mon, 26 Dec 2022 10:15:40 GMT
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
aon360.maptqksa.com/	1969-12-31 23:59:59	Name: StickyCookie_kamino Value: http://172.21.0.6:5000
aon360.maptqksa.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.9TtSrW0hzOs Value: CfDJ8GiHDfictLpJlwVIOuZiwlCBhsQA7sKaq7TNSSRHiYRfR9IWIyXMqA9P6ujqoAoLKkaVATMHg3bci2WRlCTe-RwDs_qHWRdf3RY8PX0w-hpJlqwZ7oeWoi9NK1Mh6My9PQFbHCe036Qj60IHwqq9_wQ
aon360.maptqksa.com/	1970-01-20 17:13:05	Name: ai_user Value: eziCtkVfy9zX9lr3L9Y2KE\|2022-12-26T10:15:38.904Z
aon360.maptqksa.com/	1970-01-20 08:27:31	Name: ai_session Value: qe0lLFde6nTweT6HHQa2bi\|1672049741207\|1672049741207

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .service.signalr.net .visualstudio.com https: wss:; font-src ;img-src data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aon360.maptqksa.com
dc.services.visualstudio.com
js.monitor.azure.com
polyfill.io
www.googletagmanager.com
13.69.106.217
185.230.210.17
185.230.211.243
2620:1ec:4e:1::44
2a00:1450:4001:801::2008
2a04:4e42:a00::282
17bea934c7c5a0dce3ccf52006ad8994558c06d0ff78397648d72d796fc57fd0
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
3dd2e71a1daff68e76468be3ddef0236b827576c9a1962c890d76b9621027b96
61031a6a35e1de93efe2ba353ace846f614e421d23b667f4e3ae8f6d4ccfa87a
644b6607087f8794209ff4ee84084e2b09f33382df178f804eafcb7586e89159
854dd862400b65450f2ad5940c052597a643f12ca64cfc398cc973c4daad9e70
8e1637ae05e06c7020943da66838c0a10d7033e2da9364f23c23d34e1b1cc82e
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ac4f3a99557d9c17b6ded0c6d4f0b267f4879cde9baec07a83910ab8c7059f77
c6fd5c7246e9e4b58c08b60efb55dbadf37498404649fd0a2727e23f1a1f34ae
fc4f34d14f9e0895bd773921957e1c1aa3b00df429584954954d34dfaa3108fd

aon360.maptqksa.com Open in urlscan Pro 185.230.211.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

50 %IPv6

5 Domains

5 Subdomains

5 IPs

4 Countries

694 kBTransfer

1953 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

aon360.maptqksa.com Open in urlscan Pro
185.230.211.243 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

694 kB
Transfer

1953 kB
Size

4
Cookies

13 HTTP transactions
0 data transactions