claims.mojainsurance.co.uk
Open in
urlscan Pro
85.159.155.43
Malicious Activity!
Public Scan
Effective URL: https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Submission: On December 07 via api from US — Scanned from US
Summary
TLS certificate: Issued by Thawte RSA CA 2018 on January 11th 2023. Valid for: a year.
This is the only time claims.mojainsurance.co.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Axa (Insurance)Domain & IP information
ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-218-120-75.deploy.static.akamaitechnologies.com
cdn3.optimizely.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-14-152-64.deploy.static.akamaitechnologies.com
a247752487.cdn.optimizely.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net | |
stats.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-81.yul62.r.cloudfront.net
cdn.decibelinsight.net |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
lantern.roeyecdn.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-98-94.compute-1.amazonaws.com
logx.optimizely.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-56-89.eu-west-1.compute.amazonaws.com
lantern.roeye.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
mojainsurance.co.uk
1 redirects
claims.mojainsurance.co.uk |
2 MB |
6 |
linkedin.com
4 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419 |
5 KB |
5 |
doubleclick.net
3 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 ad.doubleclick.net — Cisco Umbrella Rank: 139 |
3 KB |
5 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 152 adservice.google.com — Cisco Umbrella Rank: 93 |
1 KB |
4 |
optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 774 cdn3.optimizely.com — Cisco Umbrella Rank: 4821 a247752487.cdn.optimizely.com logx.optimizely.com — Cisco Umbrella Rank: 1439 |
110 KB |
3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 329 |
14 KB |
2 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 786 |
281 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168 |
93 KB |
2 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 763 |
13 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
193 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
1 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
185 B |
1 |
roeye.com
lantern.roeye.com — Cisco Umbrella Rank: 7156 |
128 B |
1 |
roeyecdn.com
lantern.roeyecdn.com — Cisco Umbrella Rank: 7355 |
2 KB |
1 |
axa.co.uk
sgtm.axa.co.uk — Cisco Umbrella Rank: 827777 |
3 KB |
1 |
decibelinsight.net
cdn.decibelinsight.net — Cisco Umbrella Rank: 7870 |
80 KB |
1 |
dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 3662 |
11 KB |
1 |
msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2370 |
22 KB |
45 | 18 |
Domain | Requested by | |
---|---|---|
13 | claims.mojainsurance.co.uk |
1 redirects
claims.mojainsurance.co.uk
|
4 | px.ads.linkedin.com |
3 redirects
az416426.vo.msecnd.net
|
3 | bat.bing.com |
www.googletagmanager.com
bat.bing.com claims.mojainsurance.co.uk |
2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
2 | adservice.google.com |
claims.mojainsurance.co.uk
|
2 | ad.doubleclick.net | 2 redirects |
2 | connect.facebook.net |
claims.mojainsurance.co.uk
connect.facebook.net |
2 | snap.licdn.com |
www.googletagmanager.com
snap.licdn.com |
2 | googleads.g.doubleclick.net |
1 redirects
claims.mojainsurance.co.uk
|
2 | www.google.com |
1 redirects
claims.mojainsurance.co.uk
|
2 | www.googletagmanager.com |
claims.mojainsurance.co.uk
www.googletagmanager.com |
2 | fonts.googleapis.com |
claims.mojainsurance.co.uk
|
1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
1 | analytics.google.com |
www.googletagmanager.com
|
1 | www.facebook.com |
claims.mojainsurance.co.uk
|
1 | lantern.roeye.com |
claims.mojainsurance.co.uk
|
1 | px4.ads.linkedin.com |
claims.mojainsurance.co.uk
|
1 | www.linkedin.com | 1 redirects |
1 | logx.optimizely.com |
az416426.vo.msecnd.net
|
1 | lantern.roeyecdn.com |
www.dwin1.com
|
1 | sgtm.axa.co.uk |
az416426.vo.msecnd.net
|
1 | cdn.decibelinsight.net |
claims.mojainsurance.co.uk
|
1 | www.dwin1.com |
www.googletagmanager.com
|
1 | a247752487.cdn.optimizely.com |
cdn.optimizely.com
|
1 | cdn3.optimizely.com |
cdn.optimizely.com
|
1 | az416426.vo.msecnd.net |
claims.mojainsurance.co.uk
|
1 | cdn.optimizely.com |
claims.mojainsurance.co.uk
|
45 | 27 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.axa.co.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
claims.mojainsurance.co.uk Thawte RSA CA 2018 |
2023-01-11 - 2024-01-10 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-09-01 - 2024-09-04 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2023-05-05 - 2024-04-28 |
a year | crt.sh |
*.optimizely.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-09-01 - 2024-09-04 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
*.cdn.optimizely.com GeoTrust RSA CA 2018 |
2023-02-26 - 2024-02-28 |
a year | crt.sh |
www.bing.com Microsoft Azure TLS Issuing CA 01 |
2023-10-24 - 2024-04-21 |
6 months | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2023-02-01 - 2024-01-31 |
a year | crt.sh |
*.dwin1.com Amazon RSA 2048 M03 |
2023-10-18 - 2024-11-15 |
a year | crt.sh |
*.decibelinsight.net Amazon RSA 2048 M01 |
2023-02-28 - 2024-02-12 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-09-15 - 2023-12-14 |
3 months | crt.sh |
sgtm.axa.co.uk GTS CA 1D4 |
2023-11-03 - 2024-02-01 |
3 months | crt.sh |
*.roeyecdn.com Amazon RSA 2048 M01 |
2023-10-04 - 2024-10-30 |
a year | crt.sh |
logx.optimizely.com Amazon RSA 2048 M01 |
2023-06-24 - 2024-07-22 |
a year | crt.sh |
*.roeye.com Amazon RSA 2048 M03 |
2023-11-26 - 2024-12-24 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
www.linkedin.com DigiCert SHA2 Secure Server CA |
2023-11-03 - 2024-05-03 |
6 months | crt.sh |
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 07 |
2023-09-03 - 2024-08-28 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://claims.mojainsurance.co.uk/Session/UnauthorisedUser
Frame ID: 35C94A99EB2425D47E6A339B6E82B3BA
Requests: 43 HTTP requests in this frame
Frame:
https://a247752487.cdn.optimizely.com/client_storage/a247752487.html
Frame ID: 108EFA679DD2B0280DCD2824DA4B01DA
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Unauthorised User | AXA UKPage URL History Show full URLs
-
https://claims.mojainsurance.co.uk/
HTTP 302
https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Page URL
Detected technologies
AWIN (Affiliate programs) ExpandDetected patterns
- dwin1\.com
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
Linkedin Insight Tag (Analytics) Expand
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Optimizely (Analytics) Expand
Detected patterns
- optimizely\.com.*\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Cookie policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Terms and conditions
Search URL Search Domain Scan URL
Title: Regulated
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://claims.mojainsurance.co.uk/
HTTP 302
https://claims.mojainsurance.co.uk/Session/UnauthorisedUser Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://www.google.com/pagead/landing?gcs=G111&gcd=11r1r1l1l5&rnd=1163753589.1701962706&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&dma=0>m=45He3bt0n71TS5W33v6772558&auid=891512194.1701962706 HTTP 302
- https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11r1r1l1l5&rnd=1163753589.1701962706&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&dma=0>m=45He3bt0n71TS5W33v6772558&auid=891512194.1701962706
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2764153%26time%3D1701962706550%26url%3Dhttps%253A%252F%252Fclaims.mojainsurance.co.uk%252FSession%252FUnauthorisedUser%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2764153&time=1701962706550&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&cookiesTest=true&liSync=true&e_ipv6=AQLETB1oumVZMAAAAYxE4e-ZIB7i2RNDWfg3-R9mKqGzSWdMrTQtZrpnQUaCst_VtVhWeg
- https://ad.doubleclick.net/activity;src=8312467;type=axa;cat=visits;ord=1;num=923546686;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=807982557.1701962706;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=1783336177.1701962707;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser HTTP 302
- https://adservice.google.com/ddm/fls/z/src=8312467;type=axa;cat=visits;ord=1;num=923546686;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=807982557.1701962706;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=*;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser
- https://ad.doubleclick.net/activity;src=8312467;type=axa;cat=viewpage;ord=868222349;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=807982557.1701962706;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=1783336177.1701962707;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser HTTP 302
- https://adservice.google.com/ddm/fls/z/src=8312467;type=axa;cat=viewpage;ord=868222349;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser;u8=807982557.1701962706;u12=true;u4=motor;u6=en;u9=desktop;dma=0;gcs=G111;gcd=11r1r1l1l5;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;auiddc=*;s3p=1;~oref=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1059897644/?random=1852637909&fst=1701962706833&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=45j91e3b82v883963684z86772558z9848097749&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&tiba=Unauthorised%20User%20%7C%20AXA%20UK&auid=1783336177.1701962707&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dma=0&gcs=G111&gcd=11r1r1l1l5 HTTP 302
- https://www.google.com/pagead/1p-user-list/1059897644/?random=1852637909&fst=1701961200000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200>m=45j91e3b82v883963684z86772558z9848097749&url=https%3A%2F%2Fclaims.mojainsurance.co.uk%2FSession%2FUnauthorisedUser&tiba=Unauthorised%20User%20%7C%20AXA%20UK&is_vtc=1&cid=CAQSKQDICaaNzcvJd-rZbID5CKiNoUCLlk7n3jUbszDUoSixzyuRuq-xsxZx&random=1919123847
45 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
UnauthorisedUser
claims.mojainsurance.co.uk/Session/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
569 B 775 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 670 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
247752487.js
cdn.optimizely.com/js/ |
384 KB 107 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VendorCssBundle
claims.mojainsurance.co.uk/ |
46 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.min.css
claims.mojainsurance.co.uk/Content/css/AXA/ |
220 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery
claims.mojainsurance.co.uk/bundles/ |
1 MB 387 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr
claims.mojainsurance.co.uk/bundles/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
venders
claims.mojainsurance.co.uk/bundles/ |
131 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
enolJsBundle
claims.mojainsurance.co.uk/bundles/ |
952 KB 292 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
claims.mojainsurance.co.uk/Content/images/AXA/svg/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo4.js
cdn3.optimizely.com/js/ |
309 B 823 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
406 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Regular.otf
claims.mojainsurance.co.uk/Content/fonts/SourceSansPro/ |
250 KB 251 KB |
Font
application/font-otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a247752487.html
a247752487.cdn.optimizely.com/client_storage/ Frame 108E |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background_error.jpg
claims.mojainsurance.co.uk/Content/images/AXA/jpg/ |
201 KB 202 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
publico.eot
claims.mojainsurance.co.uk/Content/fonts/Publico/ |
206 KB 206 KB |
Font
application/vnd.ms-fontobject |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
landing
googleads.g.doubleclick.net/pagead/ Redirect Chain
|
42 B 588 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
45 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
1 KB 805 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13529.js
www.dwin1.com/ |
40 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
di.js
cdn.decibelinsight.net/i/13049/54678/ |
205 KB 80 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
202 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
260 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
publico.ttf
claims.mojainsurance.co.uk/Content/fonts/Publico/ |
206 KB 206 KB |
Font
application/font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
sgtm.axa.co.uk/g/ |
2 KB 3 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.old.min.js
snap.licdn.com/li.lms-analytics/ |
31 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5321252.js
bat.bing.com/p/action/ |
0 117 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 359 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
731504514000972
connect.facebook.net/signals/config/ |
214 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lantern_global_13529.min.js
lantern.roeyecdn.com/ |
2 KB 2 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
logx.optimizely.com/v1/ |
0 670 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 487 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track.php
lantern.roeye.com/ |
0 128 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/s/ |
0 261 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 122 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
src=8312467;type=axa;cat=visits;ord=1;num=923546686;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsuranc...
adservice.google.com/ddm/fls/z/ Redirect Chain
|
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
src=8312467;type=axa;cat=viewpage;ord=868222349;gtm=45j91e3b82v883963684z86772558z9848097749;dc_pre=1;u1=prod;u2=personal%20insurance;u3=Unauthorised%20User;u5=https%3A%2F%2Fclaims.mojainsurance.co...
adservice.google.com/ddm/fls/z/ Redirect Chain
|
42 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1059897644/ Redirect Chain
|
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
px.ads.linkedin.com/wa/ |
0 202 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
dcfde9a4-27f9-422a-9b1c-f4244f87f951
https://claims.mojainsurance.co.uk/ |
15 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 281 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Axa (Insurance)162 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| appInsights object| dataLayer undefined| _ object| optimizely number| startTime number| duration object| uiAjax object| JQuery function| $ function| jQuery object| jsBezier object| Biltong function| Mottle function| Katavorio object| jsPlumbUtil object| jsPlumbAdapter function| jsPlumbUIComponent function| OverlayCapableJsPlumbUIComponent function| jsPlumbInstance object| jsPlumb function| SvgEndpoint function| VmlEndpoint object| html5 object| Modernizr function| moment function| closeAllSelect function| isSmallOrMediumScreen function| preventDefault function| theMouseWheel function| disable_scroll function| enable_scroll function| showModal function| disablePrintLinkIfUnsupported function| registerGlobalEvents function| clientValidationShouldSkipFor function| validateTwoDateInput function| validateThreeDateInput function| removeThreeDateInputValidationFeedbackFrom function| turnOffAutoComplete function| setupContactPreferences function| setupContextualHelp function| setupContextualHelpForControl function| showContextualHelp function| hideContextualHelp function| setupErrorMessaging function| openSlider function| resizeSliderFrame function| hasAndroidViewportChanged function| setupHealixSlider function| setupNonHealixSlider function| openAlert function| blockElementUntilContentLoaded function| unblockElementAfterContentHasLoaded function| closeSlider function| closeAlert function| setValidationSummaryBarVisibility function| showContent function| isOverlay function| isBackOffice function| isFrontOffice function| openThawte function| pageShouldFadeRightHandSideContent function| setupTooltips function| setupVehicleDamageTooltips function| isTouch function| isTablet function| isDesktop function| isMobile function| suppressKeyInputOverMaxLength function| makeButtonsNotEditable function| initNumberInputMaxLengths function| clickEventForDatePickers function| openAlertResponsive function| resizeAlertHeight function| UnbindRefreshPopup object| WhatSelectData object| WhereSelectData object| WithSelectData object| BestDescribesData object| DriverLicenceType object| DriverResidency object| DriverOccupation object| ClaimType object| ConvictionType object| HomeClaimDescription object| CategorySelectData object| ItemSelectData object| DamageTypeData object| RoomData object| DamageSeverityData object| RepairedReplacedData object| SvgIcons object| EnolDynamicViews object| EnolSavedClaims number| currentWindowHeight function| showErrorCountInValidationSummaryBar string| newwindow number| windowHeight function| isSpecialCharacter object| setupHtmlInputControls function| getWindowHeight function| dialogBeforeCloseResponsive function| dialogCreate function| dialogOpen function| dialogBeforeClose boolean| isDialogOpen number| scrollPosition object| ko object| jQuery11130984057622201508 function| openLocationMoja object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data undefined| date object| ddMmYyyy object| YyyyMmDd string| _linkedin_data_partner_id object| _da_ string| DecibelInsight function| decibelInsight function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_d126a5787d object| uetq object| _di_max_id object| _da_crcTable object| AWIN function| AwinCustomEvent object| process function| lintrk boolean| _already_called_lintrk object| lanternTracker object| lantern object| ORIBILI undefined| brand undefined| product string| pageURL string| website object| newMotorRenewal object| motorRenewal object| homeRenewal object| axaWebsites object| scWebsites object| weekendEndTime object| weekendStartTime object| weekdayEndTime object| sundayStartTime object| sundayEndTime boolean| decibelInsight_initiated object| di_events28 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.decibelinsight.net/i/13049/ | Name: da_lid Value: -0B6435ED9A7CEA129D2BBB99FA10D3EDF6|0|0|0 |
|
.decibelinsight.net/i/13049/ | Name: da_sid Value: 385706DE8E3CAE89087AAA13B81299E645|3|0|0 |
|
claims.mojainsurance.co.uk/Session | Name: cookieConsent Value: all |
|
claims.mojainsurance.co.uk/ | Name: f5avraaaaaaaaaaaaaaaa_session_ Value: JGFFFAJGNINMIDHJOPCOMLOHNDFPCEANOFMMEIHJJAAGGMJCOMACCIBLGACDNPFPBAGDLPEILDFFGPIGGFGAAMPOHOJFGAHOAFPFNHOGHOMNKGGHLBKNJMIAMKDJKJHN |
|
claims.mojainsurance.co.uk/ | Name: ASP.NET_SessionId Value: qqzln04wwgnrgz2o3xblbi1v |
|
.mojainsurance.co.uk/ | Name: optimizelyEndUserId Value: oeu1701962705221r0.5072702296094884 |
|
claims.mojainsurance.co.uk/ | Name: ai_user Value: 5/J0i|2023-12-07T15:25:05.495Z |
|
claims.mojainsurance.co.uk/ | Name: _gtm_userSampleGroup Value: 0.49 |
|
.mojainsurance.co.uk/ | Name: _gtm_decibelEnabled Value: true |
|
.mojainsurance.co.uk/ | Name: _gcl_au Value: 1.1.891512194.1701962706 |
|
.mojainsurance.co.uk/ | Name: _ga_RE55ZQSXB7 Value: GS1.1.1701962706.1.0.1701962706.0.0.0 |
|
.mojainsurance.co.uk/ | Name: _ga Value: GA1.1.807982557.1701962706 |
|
.mojainsurance.co.uk/ | Name: _uetsid Value: cca98a50951411ee87b097c36b9bb401 |
|
.mojainsurance.co.uk/ | Name: _uetvid Value: cca9d7a0951411ee97981bde34a760a5 |
|
.bing.com/ | Name: MUID Value: 2E0B9AF0A29C6AFF36468910A3136BAC |
|
.bat.bing.com/ | Name: MR Value: 0 |
|
.mojainsurance.co.uk/ | Name: _fbp Value: fb.2.1701962706569.1711781632 |
|
claims.mojainsurance.co.uk/ | Name: ai_session Value: P3xdf|1701962706592.3|1701962706592.3 |
|
.linkedin.com/ | Name: li_sugr Value: d9a78ee4-edbc-4a1a-9f1a-bc88cf03af10 |
|
.linkedin.com/ | Name: bcookie Value: "v=2&b83c34ba-4c06-425d-8767-0950a0ebceeb" |
|
.linkedin.com/ | Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3069:u=1:x=1:i=1701962706:t=1702049106:v=2:sig=AQFo8Fp09yOgjvbMhNSdtndiYQz4D1ZG" |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQISyieZaEODXAAAAYxE4e8k3xTXgQF1iciGR7Xx8UOWnIfRVF0WS50DR4q-ce7u2O2VHOeQsK7FhQ |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQJUx61x743XhAAAAYxE4e8k42pmyGKXvAG4XbApdsMKNHVEhVrzoipHNBeJIA1s_hZYTjEFh-s2C7TOKqZcyw |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&20231207152506dc637db7-2c28-4f5b-89d9-5b5a77b1b2baAQGiotyIj-uwjaBzhoN42ffQ2xMqhRg1" |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUltZMFPjqxvizcdA4f0USBZIZyjk9HwdomJZjjvOApOALTaMY_0cowFiI4H_c8 |
|
.mojainsurance.co.uk/ | Name: da_sid Value: 385706DE8E3CAE89087AAA13B81299E645|3|0|3 |
|
.mojainsurance.co.uk/ | Name: da_lid Value: 0B6435ED9A7CEA129D2BBB99FA10D3EDF6|0|0|0 |
|
.mojainsurance.co.uk/ | Name: da_intState Value: |
24 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a247752487.cdn.optimizely.com
ad.doubleclick.net
adservice.google.com
analytics.google.com
az416426.vo.msecnd.net
bat.bing.com
cdn.decibelinsight.net
cdn.optimizely.com
cdn3.optimizely.com
claims.mojainsurance.co.uk
connect.facebook.net
dc.services.visualstudio.com
fonts.googleapis.com
googleads.g.doubleclick.net
lantern.roeye.com
lantern.roeyecdn.com
logx.optimizely.com
px.ads.linkedin.com
px4.ads.linkedin.com
sgtm.axa.co.uk
snap.licdn.com
stats.g.doubleclick.net
www.dwin1.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
172.253.63.148
2001:4860:4802:32::181
23.14.152.64
23.218.120.75
2600:1408:5400:1c::173d:b2d
2600:1408:ec00:28f::13b8
2600:1901:0:35e6::
2600:9000:2508:a000:1f:af3f:8a40:93a1
2600:9000:26a0:2200:f:8ce2:fb80:93a1
2606:2800:11f:17a5:191a:18d5:537:22f9
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c08::93
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::61
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f171:81:face:b00c:0:25de
34.195.98.94
40.71.13.170
52.18.56.89
54.192.51.81
85.159.155.43
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
316a0856b18d457d073ff70d1af7fed884bc29a5fc612bf94f3ed2dbf52d109c
3ac1c44ce3bbb2f796adeb4360c6dfb9c72a48384691e70d4fee706caa640571
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
407f5113d9e2b4d44e17cefbf45d040bd4b3bc3fd5952a43cffbeaa28ce3cc00
4bf4e880e330e856dfe2790bbd616dc2e93d928850462e045e9ab78e2c63bf2f
4f15551e8df16365a4eba91f078b16e4dc40959a98f6f8e1de8b2ad895ccc705
5049e4b073b6bcf3cc82c27210dd5019a3781c66d15f497c72ddeddf4a666c74
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53833899a58acb068f61c479b1cc969be64fd4bde1f53adc85716bb124948bd3
56267def56891a5f362d39c74bf78dd1cfe953bc2115f0a6cef8dfacfef7cf02
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
739201e205fb348ae399397d341aef7402902fb388084998955a0ad4e69ec677
7fbc6610f9daeb3abe9863316dfd50369d3e173fc7be8baefc334468e8a19888
8eb0ee259863bc0abfb4ebf2d5138c3931fdd2dc3e4a920ee139064df8632c06
99111c2c9d2617b28a94231c0309cbbd7b1073695bcab726da58364525eb0329
a03ed09f342b44819675f6768bb308af53d64056e7869991b1b311ed68148f05
a9afd5863382a64fbff5a548b2d31d74c7adfe004317dac48a81504842e847a8
baa97cb056524ee6f783090f83aa1f885c94b2b04316c0c79106d39648fa2a24
bcde0644cf35f62b49b18055d0829287a83f408e5d54f49d70e35580a0b7f624
c8f09f40b6972cbe239f450cc733fb98bf50decc1dd0360ba4ae9b96578f23c8
d5ae0cd2ba265fbb529d8df684e76b6ba0f5809e20578de8c5cabbbf12411623
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4618262c1c1338400e19d156d5a3604f4fc94290c3ce7dad2ee225e3b6c8127
ebcbb13721ea4f54e9c2ef47252b39affb87e57ed7b570eb65d1757a88ea8f85
ecf9967a9685eff0fdc0555125aeb40dc81a85c8de18c48c2a705132ef6129bd
ed1f3bbbfa2c968f963ec702aa90109f78a2d26d2653211f6349d72f0dea2121
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e2117af2658167b3378a19786aeb99c9b0759739a2e84b91b3d5ab146c5f06
f51f6718c64925153c7db7a22736f6c08fce3299828376f59663e05e8b84b825
f6ca424c9a6ed9fe88510a27d6de9abf03af3e7157246f5a7259873109a4cd56