urlscan.io logo urlscan.io
SecurityTrails logo

www.aia.com.my Open in urlscan Pro
125.56.219.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/t/t/hXdSx9JYZaNStUkEwBFTqXrSmZvjZheRvh9FtbUPvTYx/0IY0fREHzeves2LKoctEAjvpKwnykC3GhVPnuPMjZYAx
Effective URL: https://www.aia.com.my/en/aia-app.html
Submission: On June 21 via manual from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 125.56.219.3, located in and belongs to . The main domain is www.aia.com.my.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 10th 2024. Valid for: a year.
This is the only time www.aia.com.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 20.212.206.123 8075 (MICROSOFT...)
1 117.18.232.200 15133 (EDGECAST)
1 2 125.56.219.3 ()
10 4
Apex Domain
Subdomains		 Transfer
2 aia.com.my
www.aia.com.my Failed
240 B
2 dynamics.com
9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com
1 KB
1 azureedge.net
mktdplp102cdn.azureedge.net — Cisco Umbrella Rank: 30600
11 KB
0 adobedtm.com Failed
assets.adobedtm.com Failed
10 4
Domain Requested by
2 www.aia.com.my mktdplp102cdn.azureedge.net
www.aia.com.my
2 9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com mktdplp102cdn.azureedge.net
1 mktdplp102cdn.azureedge.net 9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com
0 assets.adobedtm.com Failed www.aia.com.my
10 4

This site contains no links.

Subject Issuer Validity Valid
*.svc.dynamics.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-21 -
2025-06-16		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
www.aia.com.my
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-10 -
2025-01-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.aia.com.my/en/aia-app.html
Frame ID: FEA20F9861A78EDD2689B5124A60FC46
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/t/t/hXdSx9JYZaNStUkEwBFTqXrSmZvjZheRvh9FtbUPvTYx/0IY0fREHzeves2LKoctEAjvpKwn... Page URL
  2. https://www.aia.com.my/en/myaia-app.html?destination=fhc HTTP 302
    http://www.aia.com.my/en/aia-app.html HTTP 307
    https://www.aia.com.my/en/aia-app.html Page URL

Page Statistics

10
Requests

40 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

12 kB
Transfer

40 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/t/t/hXdSx9JYZaNStUkEwBFTqXrSmZvjZheRvh9FtbUPvTYx/0IY0fREHzeves2LKoctEAjvpKwnykC3GhVPnuPMjZYAx Page URL
  2. https://www.aia.com.my/en/myaia-app.html?destination=fhc HTTP 302
    http://www.aia.com.my/en/aia-app.html HTTP 307
    https://www.aia.com.my/en/aia-app.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://myaiaapp.page.link/fhc HTTP 302
  • https://www.aia.com.my/en/myaia-app.html?destination=fhc

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0IY0fREHzeves2LKoctEAjvpKwnykC3GhVPnuPMjZYAx
9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/t/t/hXdSx9JYZaNStUkEwBFTqXrSmZvjZheRvh9FtbUPvTYx/ 		582 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/t/t/hXdSx9JYZaNStUkEwBFTqXrSmZvjZheRvh9FtbUPvTYx/0IY0fREHzeves2LKoctEAjvpKwnykC3GhVPnuPMjZYAx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.212.206.123 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2b0a733aaeae210d95790067e1bf315072b43b41a5c1caefb713e9519e3eedcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

api-deprecated
False
content-length
582
content-type
text/html; charset=utf-8
date
Fri, 21 Jun 2024 08:28:23 GMT
server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000; includeSubDomains
x-activity-id
130d1839-2d6f-4b71-b3c6-b1e81a74a5a0
x-content-type-options
nosniff
x-ms-activity-id
130d1839-2d6f-4b71-b3c6-b1e81a74a5a0
x-servicefabricrequestid
557e9b8f-4276-45ae-b013-56759f693edb b1a88adc-53d3-4844-923f-463fa1ac0b6c
bot-detection.js
mktdplp102cdn.azureedge.net/public/latest/js/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mktdplp102cdn.azureedge.net/public/latest/js/bot-detection.js?v=1.84.2007
Requested by
Host: 9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com
URL: https://9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/t/t/hXdSx9JYZaNStUkEwBFTqXrSmZvjZheRvh9FtbUPvTYx/0IY0fREHzeves2LKoctEAjvpKwnykC3GhVPnuPMjZYAx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.200 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sgc/570A) /
Resource Hash
84eacf3f43bf7b9177fb78c533f34c3930cd517da0295bfd57bd5e01b2400ed8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 21 Jun 2024 08:28:25 GMT
content-encoding
gzip
content-md5
Yp+2mkXk4MNv10H73jLLCQ==
age
311680
x-cache
HIT
content-length
10471
x-ms-lease-status
unlocked
last-modified
Mon, 17 Jun 2024 17:52:06 GMT
server
ECAcc (sgc/570A)
etag
0x8DC8EF6343D0A67
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f9f9a470-401e-004f-5bdf-c05792000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
cp
9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/t/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/t/cp
Requested by
Host: mktdplp102cdn.azureedge.net
URL: https://mktdplp102cdn.azureedge.net/public/latest/js/bot-detection.js?v=1.84.2007
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.212.206.123 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/t/t/hXdSx9JYZaNStUkEwBFTqXrSmZvjZheRvh9FtbUPvTYx/0IY0fREHzeves2LKoctEAjvpKwnykC3GhVPnuPMjZYAx
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 21 Jun 2024 08:28:25 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-servicefabricrequestid
fa8aa3b9-1379-455c-8da8-4ad122dbbac7, c0ccf7e9-08e2-47d6-87e3-350389b27593
x-activity-id
23fc7c60-c861-43ca-97b8-e6175f0f1692
x-ms-activity-id
23fc7c60-c861-43ca-97b8-e6175f0f1692
content-length
0
api-deprecated
False
myaia-app.html
www.aia.com.my/en/
Redirect Chain
  • https://myaiaapp.page.link/fhc
  • https://www.aia.com.my/en/myaia-app.html?destination=fhc
0
0
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
Primary Request aia-app.html
www.aia.com.my/en/
Redirect Chain
  • https://www.aia.com.my/en/myaia-app.html?destination=fhc
  • http://www.aia.com.my/en/aia-app.html
  • https://www.aia.com.my/en/aia-app.html
3 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.aia.com.my/en/aia-app.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
125.56.219.3 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/t/t/hXdSx9JYZaNStUkEwBFTqXrSmZvjZheRvh9FtbUPvTYx/0IY0fREHzeves2LKoctEAjvpKwnykC3GhVPnuPMjZYAx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=43200, public
content-encoding
gzip
content-length
27864
content-type
text/html;charset=utf-8
date
Fri, 21 Jun 2024 08:28:30 GMT
etag
"47993-61a3bacaee56e-gzip"
last-modified
Thu, 06 Jun 2024 17:04:22 GMT
server
Apache
strict-transport-security
max-age=63072000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
x-dispatcher
dispatcher1southeastasia-b80
x-frame-options
SAMEORIGIN
x-vhost
publish

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.aia.com.my/en/aia-app.html#msdynttrid=TQzqDh_VGBwYkU4vpaqPCL3QQlJ6QgAjP25LBO5RWWU
Non-Authoritative-Reason
HSTS
contexthub.kernel.js
www.aia.com.my/etc/cloudsettings/conf/my-wise/settings/cloudsettings/default/ 		0
0
launch-0439fb447b64.min.js
assets.adobedtm.com/e17df9099c11/db2c4bb3ce31/ 		0
0
clientlib-base.min.fda3953e87f68af282a3769734f32336.css
www.aia.com.my/etc.clientlibs/my-wise/clientlibs/ 		0
0
clientlib-dependencies.min.d41d8cd98f00b204e9800998ecf8427e.css
www.aia.com.my/etc.clientlibs/my-wise/clientlibs/ 		0
0
clientlib-site.min.83a51ed1defd469c165459ed14b58346.css
www.aia.com.my/etc.clientlibs/my-wise/clientlibs/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.aia.com.my
URL
https://www.aia.com.my/en/myaia-app.html?destination=fhc
Domain
www.aia.com.my
URL
https://www.aia.com.my/etc/cloudsettings/conf/my-wise/settings/cloudsettings/default/contexthub.kernel.js
Domain
assets.adobedtm.com
URL
https://assets.adobedtm.com/e17df9099c11/db2c4bb3ce31/launch-0439fb447b64.min.js
Domain
www.aia.com.my
URL
https://www.aia.com.my/etc.clientlibs/my-wise/clientlibs/clientlib-base.min.fda3953e87f68af282a3769734f32336.css
Domain
www.aia.com.my
URL
https://www.aia.com.my/etc.clientlibs/my-wise/clientlibs/clientlib-dependencies.min.d41d8cd98f00b204e9800998ecf8427e.css
Domain
www.aia.com.my
URL
https://www.aia.com.my/etc.clientlibs/my-wise/clientlibs/clientlib-site.min.83a51ed1defd469c165459ed14b58346.css

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

2 Cookies

Domain/Path Name / Value
9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/ Name: 79f08280-5c63-4331-b04d-fb6f39afda51
Value: 0BRXIwoEYB3ycl0Rb7wQBenkLnP9kx10pxP-VxGSmYA
9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/ Name: 319af4c0-e197-4de9-8a9b-fe98c8a2ca04
Value: 0BRXIwoEYB3ycl0Rb7wQBenkLnP9kx10pxP-VxGSmYA

1 Console Messages

Source Level URL
Text
network error URL: https://mktdplp102cdn.azureedge.net/public/latest/js/bot-detection.js?v=1.84.2007(Line 4)
Message:
WebSocket connection to 'wss://9a58319fdb89454dbf7d57ec64124460.svc.dynamics.com/t/t/hXdSx9JYZaNStUkEwBFTqXrSmZvjZheRvh9FtbUPvTYx/test' failed: Error during WebSocket handshake: Unexpected response code: 302

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff