urlscan.io logo urlscan.io
SecurityTrails logo

www.axa.ch
194.40.0.53  Public Scan Open in urlscan Pro

Go To Rescan Add Verdict Report
Submitted URL: https://axa.ch/ 13yr old
Effective URL: https://www.axa.ch/de/privatkunden.html 13yr old
Submission: On April 18 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 14 domains to perform 84 HTTP transactions. The main IP is 194.40.0.53, located in Winterthur, Switzerland and belongs to PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US. The main domain is www.axa.ch. 13yr old
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 22nd 2025. Valid for: 1yr.
This is the only time www.axa.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 32 194.40.0.53 32787 (PROLEXIC-...)
4 2600:9000:208... 16509 (AMAZON-02)
1 63.140.62.236 16509 (AMAZON-02)
2 104.17.94.19 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a06:98c1:310... 13335 (CLOUDFLAR...)
8 2620:1ec:33:1... 8075 (MICROSOFT...)
1 104.18.27.50 13335 (CLOUDFLAR...)
1 142.251.20.156 15169 (GOOGLE)
3 2600:1900:40d... 396982 (GOOGLE-CL...)
1 2a02:26f0:170... 20940 (AKAMAI-AS...)
2 157.240.253.1 32934 (FACEBOOK)
3 142.251.152.119 15169 (GOOGLE)
1 2600:1901:0:4... 396982 (GOOGLE-CL...)
2 157.240.0.35 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 194.40.0.38 32787 (PROLEXIC-...)
4 4 142.251.127.148 15169 (GOOGLE)
2 4 142.250.154.148 15169 (GOOGLE)
2 142.251.13.157 15169 (GOOGLE)
2 34.120.156.210 396982 (GOOGLE-CL...)
84 25
32    194.40.0.53 (Winterthur, Switzerland)

ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US)
axa.ch 13yr old
www.axa.ch 13yr old
4    2600:9000:208a:a800:1b:6ae0:ebc0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
brandcenter.axa.ch 10yr old
1    63.140.62.236 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ip-63-140-62-236.data.adobedc.net
axatechnologyservice.tt.omtrdc.net 6yr old
2    104.17.94.19 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
load.trk.axa.ch 7mo old
1    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE - Google LLC, US)
analytics.google.com 8yr old
10    2606:4700::6812:572a (None, )

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.cookielaw.org 9yr old
1    2a06:98c1:310d::ac40:9b77 (None, )

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
geolocation.onetrust.com 8yr old
8    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com 56yr old
1    104.18.27.50 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.mouseflow.com 13yr old
1    142.251.20.156 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: bx-in-f156.1e100.net
www.googleadservices.com 56yr old
3    2600:1900:40d0:7c7:8000:: (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
trk.axa.ch 2yr old
1    2a02:26f0:1700:d::1737:6ec8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
snap.licdn.com 9yr old
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net 56yr old
3    142.251.152.119 (United States)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com 56yr old
1    2600:1901:0:48d4:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
eu01.rec.mouseflow.com 2yr old
2    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com 56yr old
1    2a00:1450:4001:c1f::61 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com 56yr old
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE - Google LLC, US)
region1.analytics.google.com 4yr old
1    2a00:1450:4001:c0f::5e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.ch 9yr old
1    2a00:1450:4001:c21::9b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net 56yr old
4    194.40.0.38 (Winterthur, Switzerland)

ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US)
www.acc.axa.ch 8yr old
4    142.251.127.148 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lcfrai-in-f148.1e100.net
ad.doubleclick.net 9yr old
4    142.250.154.148 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: bt-in-f148.1e100.net
8141516.fls.doubleclick.net 7yr old
2    142.251.13.157 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wt-in-f157.1e100.net
adservice.google.com 9yr old
2    34.120.156.210 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 210.156.120.34.bc.googleusercontent.com
eu01.rec.mouseflow.com 2yr old
Apex Domain
Subdomains		 Transfer
45 axa.ch
axa.ch — Cisco Umbrella Rank: 417997 13yr old
www.axa.ch 13yr old
brandcenter.axa.ch 10yr old
load.trk.axa.ch 7mo old
trk.axa.ch 2yr old
www.acc.axa.ch 8yr old
1 MB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 382 9yr old
171 KB
9 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 161 56yr old
ad.doubleclick.net — Cisco Umbrella Rank: 185 9yr old
8141516.fls.doubleclick.net 7yr old
4 KB
8 bing.com
bat.bing.com — Cisco Umbrella Rank: 357 56yr old
34 KB
7 google.com
analytics.google.com — Cisco Umbrella Rank: 152 8yr old
www.google.com — Cisco Umbrella Rank: 3 56yr old
region1.analytics.google.com — Cisco Umbrella Rank: 3979 4yr old
adservice.google.com — Cisco Umbrella Rank: 610 9yr old
766 B
4 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 8437 13yr old
eu01.rec.mouseflow.com — Cisco Umbrella Rank: 61542 2yr old
53 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119 56yr old
219 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 201 56yr old
135 KB
1 google.ch
www.google.ch — Cisco Umbrella Rank: 30567 9yr old
408 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 56yr old
131 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 830 9yr old
218 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 94 56yr old
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 670 8yr old
304 B
1 omtrdc.net
axatechnologyservice.tt.omtrdc.net 6yr old
2 KB
84 14
Domain Requested by
31 www.axa.ch 2 redirects www.axa.ch
10 cdn.cookielaw.org load.trk.axa.ch
cdn.cookielaw.org
8 bat.bing.com load.trk.axa.ch
bat.bing.com
4 8141516.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 ad.doubleclick.net 4 redirects
4 www.acc.axa.ch load.trk.axa.ch
4 brandcenter.axa.ch www.axa.ch
3 eu01.rec.mouseflow.com cdn.mouseflow.com
3 www.google.com load.trk.axa.ch
3 trk.axa.ch load.trk.axa.ch
trk.axa.ch
2 adservice.google.com 8141516.fls.doubleclick.net
2 www.facebook.com
2 connect.facebook.net www.axa.ch
connect.facebook.net
2 load.trk.axa.ch www.axa.ch
load.trk.axa.ch
1 stats.g.doubleclick.net
1 www.google.ch
1 region1.analytics.google.com
1 www.googletagmanager.com trk.axa.ch
1 snap.licdn.com load.trk.axa.ch
1 www.googleadservices.com load.trk.axa.ch
1 cdn.mouseflow.com load.trk.axa.ch
1 geolocation.onetrust.com cdn.cookielaw.org
1 analytics.google.com load.trk.axa.ch
1 axatechnologyservice.tt.omtrdc.net www.axa.ch
1 axa.ch 1 redirects
84 25
Subject Issuer Validity Valid
www.axa.ch
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-22 -
2026-04-29		 1yr crt.sh
brandcenter.axa.ch
Amazon RSA 2048 M01		 2025-10-14 -
2026-11-12		 1yr crt.sh
*.tt.omtrdc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2026-02-17 -
2027-03-20		 1yr crt.sh
load.trk.axa.ch
E8		 2026-04-11 -
2026-07-10		 3mo crt.sh
*.google.com
WR2		 2026-03-30 -
2026-06-22		 3mo crt.sh
cookielaw.org
WE1		 2026-03-26 -
2026-06-24		 3mo crt.sh
geolocation.onetrust.com
WE1		 2026-03-26 -
2026-06-24		 3mo crt.sh
www.bing.com
Microsoft TLS G2 RSA CA OCSP 04		 2026-02-02 -
2026-08-01		 6mo crt.sh
cdn.mouseflow.com
WE1		 2026-03-08 -
2026-06-06		 3mo crt.sh
*.googleadservices.com
WE2		 2026-03-30 -
2026-06-22		 3mo crt.sh
trk.axa.ch
R13		 2026-04-14 -
2026-07-13		 3mo crt.sh
*.licdn.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-14 -
2026-10-13		 1yr crt.sh
*.facebook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2026-01-25 -
2026-04-25		 3mo crt.sh
eu01.rec.mouseflow.com
R12		 2026-02-21 -
2026-05-22		 3mo crt.sh
*.google-analytics.com
WE2		 2026-03-30 -
2026-06-22		 3mo crt.sh
*.google.ch
WE2		 2026-03-30 -
2026-06-22		 3mo crt.sh
*.g.doubleclick.net
WE2		 2026-03-30 -
2026-06-22		 3mo crt.sh
www.acc.axa.ch
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-05-13 -
2026-05-29		 1yr crt.sh
*.doubleclick.net
WE2		 2026-03-30 -
2026-06-22		 3mo crt.sh

This page contains 5 frames:

Primary Page: https://www.axa.ch/de/privatkunden.html
Frame ID: F41F056B05A6DFF5B646F1C5027F16EB
Requests: 77 HTTP requests in this frame

Frame: https://eu01.rec.mouseflow.com/init?v=19.12&p=8ba03cd4-448e-4ed0-8fa6-9f1282cf5ee3&s=537436b03603883dfd6efea0b571cf8b&page=0418355598225b79a54ab41acf90d8d227d34c34&ret=0&u=619195daa62fa2748a03a011794d3b92&href=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html&url=%2Fde%2Fprivatkunden.html&ref=https%3A%2F%2Fwww.google.com&title=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz&res=1600x1200&tz=-60&to=0&dnt=0&ori=&dw=1600&dh=1200&time=1776509675955&pxr=1&gdpr=0&vars=page_name%3D%252Fprivatkunden%26language%3Dde%26platform%3DAXACH%26env_work%3Dprod%2520publish
Frame ID: 669CA9B7FE6423C4089E9FB5EE0B28CC
Requests: 3 HTTP requests in this frame

Frame: https://trk.axa.ch/_/service_worker/63b0/sw_iframe.html?origin=https%3A%2F%2Fwww.axa.ch&1p=1
Frame ID: 00591CD5A47C8B1F547FA54EE3DD6056
Requests: 1 HTTP requests in this frame

Frame: https://8141516.fls.doubleclick.net/activityi;dc_pre=CMn_0KGe95MDFQ39uwgdGN4JDQ;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html
Frame ID: A104832EF8B6494A91D5B9C68FBF7AFE
Requests: 2 HTTP requests in this frame

Frame: https://8141516.fls.doubleclick.net/activityi;dc_pre=CJjt0KGe95MDFaHDuwgdBnU8xA;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html
Frame ID: 3AADA5D1AEBF5AEA59DBFFC98FF64ACF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AXA – Versicherung & Vorsorge in der Schweiz

Page URL History Show full URLs

  1. https://axa.ch/ HTTP 301
    https://www.axa.ch/ HTTP 301
    https://www.axa.ch/de/privatkunden.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • \.doubleclick\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • \.googletagmanager\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • connect\.facebook\.\w+/.+/fbevents\.js
  • connect\.facebook.\w+/signals/config/\d+\?v=([\d\.]+)
Overall confidence: 100%
Detected patterns
  • bat\.bing\.com/bat\.js
  • \w+

Page Statistics

84
Requests

96 %
HTTPS

48 %
IPv6

14
Domains

25
Subdomains

25
IPs

5
Countries

1666 kB
Transfer

5018 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://axa.ch/ HTTP 301
    https://www.axa.ch/ HTTP 301
    https://www.axa.ch/de/privatkunden.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.axa.ch/favicon.ico HTTP 302
  • https://www.axa.ch/healthcheck/favicon.ico
Request Chain 71
  • https://ad.doubleclick.net/activity;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CMSNz6Ge95MDFZoQogMdeIk0wA;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html HTTP 302
  • https://www.google.com/gmp/conversion/_dc_unique_id=4690204330495367260;_dc_ptd=ChEI8NeMzwYQjau1ibSUhejtARIfAH80wkXScSXSum5dAH1ORAPPVDEQC7BU7A5W1oJSSg;_dc_time=1776509676;dc_pre=CMSNz6Ge95MDFZoQogMdeIk0wA;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html
Request Chain 72
  • https://8141516.fls.doubleclick.net/activityi;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html HTTP 302
  • https://8141516.fls.doubleclick.net/activityi;dc_pre=CMn_0KGe95MDFQ39uwgdGN4JDQ;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html
Request Chain 74
  • https://ad.doubleclick.net/activity;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CJ6Rz6Ge95MDFUELogMdGSIoHQ;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html HTTP 302
  • https://www.google.com/gmp/conversion/_dc_unique_id=18198703911119344670;_dc_ptd=ChEI8NeMzwYQjau1ibSUhejtARIfAH80wkV5_aAtN2KI76yOad8JuDqpFMauPfbFB4kt7g;_dc_time=1776509676;dc_pre=CJ6Rz6Ge95MDFUELogMdGSIoHQ;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html
Request Chain 75
  • https://8141516.fls.doubleclick.net/activityi;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html HTTP 302
  • https://8141516.fls.doubleclick.net/activityi;dc_pre=CJjt0KGe95MDFaHDuwgdBnU8xA;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request privatkunden.html
www.axa.ch/de/
Redirect Chain
  • https://axa.ch/
  • https://www.axa.ch/
  • https://www.axa.ch/de/privatkunden.html
214 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
3db0eff7dd4e6691e193a152b655fdc4d9efd8afb047a287a0dc57e31c639888
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Windows"

Response headers

accept-ranges
bytes
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
content-type
text/html; charset=UTF-8
date
Sat, 18 Apr 2026 10:54:34 GMT
etag
"35789-64fae71471240-gzip"
last-modified
Fri, 17 Apr 2026 21:15:03 GMT
p3p
CP="AXA IS NOT USING P3P"
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

content-length
247
content-type
text/html; charset=iso-8859-1
date
Sat, 18 Apr 2026 10:54:34 GMT
location
https://www.axa.ch/de/privatkunden.html
p3p
CP="AXA IS NOT USING P3P"
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
v3.bb9449ba48497655c2bd792cc620c6ab.css
www.axa.ch/etc.clientlibs/axa/sites/components/pagestructure/globalstyles/clientlibs/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/pagestructure/globalstyles/clientlibs/v3.bb9449ba48497655c2bd792cc620c6ab.css
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
ac25e507a93143b2594644ee9476ef12ca5de2afda9864b4e97b971c9b9eaf70
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"58e4-64f93cba2e183-br"
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
text/css
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
server
Apache
v3.f9422aed0fdaff891c700efee7325df0.css
www.axa.ch/etc.clientlibs/axa/sites/axa-ch-core/clientlibs/ 		137 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/axa-ch-core/clientlibs/v3.f9422aed0fdaff891c700efee7325df0.css
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
56bca40377a36110726e72e5696928d331e4ba8d6b659628ef0facfc771106ce
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"22388-64f93cba2b2a3-br"
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
text/css
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
server
Apache
PublicoHeadline-Bold-Web.woff2
www.axa.ch/etc.clientlibs/axa/sites/components/pagestructure/globalstyles/clientlibs/v3/resources/ 		44 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/pagestructure/globalstyles/clientlibs/v3/resources/PublicoHeadline-Bold-Web.woff2
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
048f748d95d88246db51d42b024c726da3e0aeaf54a78b07b5a244a8d271a93d
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

etag
"b0c5-64fa7e98ed059"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Fri, 17 Apr 2026 13:27:36 GMT
vary
Accept-Encoding
content-type
application/font-woff2
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=604800
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
content-length
45253
server
Apache
source-sans-pro-v10-latin-regular.woff2
www.axa.ch/etc.clientlibs/axa/sites/components/pagestructure/globalstyles/clientlibs/v3/resources/ 		14 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/pagestructure/globalstyles/clientlibs/v3/resources/source-sans-pro-v10-latin-regular.woff2
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
a769166be88381ff553dd898537609ee8a973c37bd5ba3890d6ea0bb7fc2a41c
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

etag
"3920-64fa7e98ed059"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Fri, 17 Apr 2026 13:27:36 GMT
vary
Accept-Encoding
content-type
application/font-woff2
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=604800
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
content-length
14624
server
Apache
source-sans-pro-v10-latin-700.woff2
www.axa.ch/etc.clientlibs/axa/sites/components/pagestructure/globalstyles/clientlibs/v3/resources/ 		14 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/pagestructure/globalstyles/clientlibs/v3/resources/source-sans-pro-v10-latin-700.woff2
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
cfa9603baa93612a1b37809e9b2eba09a87ec42ad81ba6c532d2eac56cde5b85
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

etag
"3868-64fa7e98ed059"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Fri, 17 Apr 2026 13:27:36 GMT
vary
Accept-Encoding
content-type
application/font-woff2
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=604800
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
content-length
14440
server
Apache
source-sans-pro-v10-latin-600.woff2
www.axa.ch/etc.clientlibs/axa/sites/components/pagestructure/globalstyles/clientlibs/v3/resources/ 		14 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/pagestructure/globalstyles/clientlibs/v3/resources/source-sans-pro-v10-latin-600.woff2
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
e5b92dc7ae4c3419f3325261ca30d76dc163b5ea628196dc493ea4152fca379f
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

etag
"38ac-64fa7e98ed059"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Fri, 17 Apr 2026 13:27:36 GMT
vary
Accept-Encoding
content-type
application/font-woff2
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=604800
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
content-length
14508
server
Apache
v_2_10.at_2_10_0.js
www.axa.ch/etc.clientlibs/axa/sites/at/ 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/at/v_2_10.at_2_10_0.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
298588d5a6c992fdb18b010cbe816068ee9210132197f148b4ae1bed7a9ad9db
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"19e9b-64f93cba31063-br"
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
server
Apache
clientlib.691fede37617f758e52078906843dcee.js
www.axa.ch/etc.clientlibs/axa/hub/bifrost/ 		11 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/hub/bifrost/clientlib.691fede37617f758e52078906843dcee.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
9f5dac8090a51f42f035b70d5ad75d1322a4bee0fa5108c78cf792fb38143d93
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"2c78-64f93cba31c1b-br"
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
server
Apache
logo-AXA.svg
www.axa.ch/etc.clientlibs/axa/sites/core-assets/resources/images/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/core-assets/resources/images/logo-AXA.svg
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
c6295da73984e5377e1b48eaeec243003e60d5a8f25632c6e3fff6d1692e0509
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"656-64fa7e98f9f61-br"
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Fri, 17 Apr 2026 13:27:36 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=604800
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
server
Apache
WIDE_1920_480_WebP-frau_sonnenbaden_meer_ferien_reisen_blue_web.webp
brandcenter.axa.ch/m/5b85822f44258d6b/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandcenter.axa.ch/m/5b85822f44258d6b/WIDE_1920_480_WebP-frau_sonnenbaden_meer_ferien_reisen_blue_web.webp
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208a:a800:1b:6ae0:ebc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
2965ec6885f8e71714b97b3705e1d2fcc4c7b072c17064fd04d5f3e39d67944c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

age
50185
amzn-cache-tag
asset:fd67fe76-4792-48c1-8bce-767a3ab0f6ea
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
kiy9MQfaifTu8rrdj9KYwNx8TfHOMQEMkJR_OEXMW3maWvmgKBrtow==
date
Fri, 17 Apr 2026 20:58:10 GMT
content-type
image/webp
content-disposition
inline; filename="frau_sonnenbaden_meer_ferien_reisen_blue_web.webp"; filename*=UTF-8''frau_sonnenbaden_meer_ferien_reisen_blue_web.webp
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
eb41282d-db3b-f478-e821-1858b1bac4fc
cache-control
public, max-age=900, s-maxage=86400, stale-while-revalidate=600, stale-if-error=3600
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 ce289eaeb2a4749545ab8a920aa4fbee.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
content-length
28818
x-amz-cf-pop
FRA60-P13
server
nginx
review-seal-silver-de.png
www.axa.ch/etc.clientlibs/axa/sites/core-assets/resources/images/ 		50 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/core-assets/resources/images/review-seal-silver-de.png
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
53d7b4a19e87c986d89f8e4418ef1ab5bcf78e8cd08b46474fc6f20b77f0ee37
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

etag
"c97e-64fa7eb4eeaac"
x-content-type-options
nosniff
expires
Mon, 18 May 2026 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Fri, 17 Apr 2026 13:28:06 GMT
vary
Accept-Encoding
content-type
image/png
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=2592000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
content-length
51582
server
Apache
delivery
axatechnologyservice.tt.omtrdc.net/rest/v1/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://axatechnologyservice.tt.omtrdc.net/rest/v1/delivery?client=axatechnologyservice&sessionId=4bc7180b1e174777962e79532e07f005&version=2.10.0
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/sites/at/v_2_10.at_2_10_0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.236 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ip-63-140-62-236.data.adobedc.net
Software
jag /
Resource Hash
f11af62e51ca79eacfcfc9165c98e69f326f28d0cb06fe694f74378be2bd6922
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
Content-Type
text/plain
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
92b8b099-8da7-4fba-964c-08113392184f
cache-control
no-cache, no-store, max-age=0, no-transform, private
timing-allow-origin
*
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
access-control-allow-origin
https://www.axa.ch
date
Sat, 18 Apr 2026 10:54:35 GMT
x-xss-protection
1; mode=block
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
server
jag
bbxptalgfw.js
load.trk.axa.ch/ 		773 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.19 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d083b5aae7ae63dbb124221b5127a3d8f920a285e809de470fd3a9ff6e800df5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Sat, 18 Apr 2026 10:54:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 18 Apr 2026 09:00:00 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private, max-age=900
x-stape-version
1.2.0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
referrer-policy
same-origin
cf-ray
9ee321dddc6afcc9-ZRH
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
www.axa.ch/etc.clientlibs/axa/components/core/axa-script/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
beab0925411db8011ffdccfd62b56128a4955bf79f880fc4e06cf8a2167a70b6
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"c6e-64f93cba3f6db-br"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
server
Apache
icons-v2.svg
www.axa.ch/etc.clientlibs/axa/sites/sightlytemplates/icon/clientlibs/v3/resources/ 		132 KB
53 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/sightlytemplates/icon/clientlibs/v3/resources/icons-v2.svg
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
82141fb03c9d113e4c6d056c541f815ba55f4d6834dd503db3eec1a2849d67b4
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"20eae-64fa7e98fb6d1-br"
x-content-type-options
nosniff
expires
Sat, 25 Apr 2026 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Fri, 17 Apr 2026 13:27:36 GMT
vary
Accept-Encoding
content-type
image/svg+xml
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=604800
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
server
Apache
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f8eaed0f87bf9d7103b1b433290301d63b6547685e63820b8c9f5830743cced

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
SQUARE_368_368_WebP-junges_paar_dachterrasse_sommer_gluecklich_web.webp
brandcenter.axa.ch/m/42e9fd5764dc9ecd/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandcenter.axa.ch/m/42e9fd5764dc9ecd/SQUARE_368_368_WebP-junges_paar_dachterrasse_sommer_gluecklich_web.webp
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208a:a800:1b:6ae0:ebc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
cfe7ef632a30bf34f20b8ba9fd1aebb08c921876595c5f834d3e65b944707dfc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

age
15878
amzn-cache-tag
asset:16d9f55e-7c19-4037-88da-1f374a3cf652
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
gCqB_9ZRZVEJctKm45MQrPGRSjGbfvjQp--IVHOZi-MkT9tsqcR_fA==
date
Sat, 18 Apr 2026 06:29:57 GMT
content-type
image/webp
content-disposition
inline; filename="junges_paar_dachterrasse_sommer_gluecklich_web.webp"; filename*=UTF-8''junges_paar_dachterrasse_sommer_gluecklich_web.webp
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
388f0dde-1c44-4e72-fc35-5d0390c2eaee
cache-control
public, max-age=900, s-maxage=86400, stale-while-revalidate=600, stale-if-error=3600
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 ce289eaeb2a4749545ab8a920aa4fbee.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
content-length
56076
x-amz-cf-pop
FRA60-P13
server
nginx
zwei_freundinnen_lachen-vertraut_web.webp
brandcenter.axa.ch/asset/242de0cf-7313-477c-86a7-bf0396891168/HIGH_360_480_WebP/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandcenter.axa.ch/asset/242de0cf-7313-477c-86a7-bf0396891168/HIGH_360_480_WebP/zwei_freundinnen_lachen-vertraut_web.webp
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208a:a800:1b:6ae0:ebc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
65f90d33ccc60083274fb894dd7ec9b2b8232e30fd35574fc4ffe6d7540c6035
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

age
27083
amzn-cache-tag
asset:242de0cf-7313-477c-86a7-bf0396891168
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
6iDAop0WTThJeTa-lh9GajMDshq-ZCxlbBo8_hD9nZv9b_k9oyWVWw==
date
Sat, 18 Apr 2026 03:23:12 GMT
content-type
image/webp
content-disposition
inline; filename="zwei_freundinnen_lachen-vertraut_web.webp"; filename*=UTF-8''zwei_freundinnen_lachen-vertraut_web.webp
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
8efe1c59-4c5d-b373-9e52-68892ae83c60
cache-control
public, max-age=900, s-maxage=86400, stale-while-revalidate=600, stale-if-error=3600
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 ce289eaeb2a4749545ab8a920aa4fbee.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
content-length
48210
x-amz-cf-pop
FRA60-P13
server
nginx
frau_gebrochenes_bein_unfall_gipsbein_web.webp
brandcenter.axa.ch/asset/957e3a85-b9b7-4d7b-895d-3d0edb980fd5/HIGH_360_480_WebP/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brandcenter.axa.ch/asset/957e3a85-b9b7-4d7b-895d-3d0edb980fd5/HIGH_360_480_WebP/frau_gebrochenes_bein_unfall_gipsbein_web.webp
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208a:a800:1b:6ae0:ebc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b3ea662dcc887e48c953228d2fac74e5eb89936d4f3ae1b6ba832748c762d6ee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

age
20175
amzn-cache-tag
asset:957e3a85-b9b7-4d7b-895d-3d0edb980fd5
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
743h-JJQDyPrwYVjaWBGTtXtnpBNuPC7yYtqhe3-GJcATe_oGaBXdQ==
date
Sat, 18 Apr 2026 05:18:20 GMT
content-type
image/webp
content-disposition
inline; filename="frau_gebrochenes_bein_unfall_gipsbein_web.webp"; filename*=UTF-8''frau_gebrochenes_bein_unfall_gipsbein_web.webp
strict-transport-security
max-age=63072000; includeSubdomains
x-api-correlation-id
ec6649a8-debc-2e9a-800e-418b76f54c2a
cache-control
public, max-age=900, s-maxage=86400, stale-while-revalidate=600, stale-if-error=3600
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 ce289eaeb2a4749545ab8a920aa4fbee.cloudfront.net (CloudFront)
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
content-length
31014
x-amz-cf-pop
FRA60-P13
server
nginx
clientlibs.09c0d102a87f557d6700cf581df5fa6a.js
www.axa.ch/etc.clientlibs/axa/components/core/webhub-pod/ 		7 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/components/core/webhub-pod/clientlibs.09c0d102a87f557d6700cf581df5fa6a.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
5df0c28d36c50afa0bdb0d7295a9e2954cb87d1be52ba5f0411b80ad45190cf4
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"1b45-64f93cba49703-br"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
server
Apache
v3.e89f0c88747e90a0b1065cc4c354d397.js
www.axa.ch/etc.clientlibs/axa/sites/components/pagestructure/standardheader/clientlibs/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/pagestructure/standardheader/clientlibs/v3.e89f0c88747e90a0b1065cc4c354d397.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
7059b230892d61e2896dd84912299fd1761173e4fde7bf63a57e3236d39fc2ab
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"b95-64f93cba4b643-br"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
server
Apache
clientlib.4fec014c8b0c31fbf2411845d55f6c16.js
www.axa.ch/etc.clientlibs/axa/hub/podwebhubmessenger/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/hub/podwebhubmessenger/clientlib.4fec014c8b0c31fbf2411845d55f6c16.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
685fd29bb97149119459a65d5ed73dff53bda2ff780e39a420cf9dc848055d81
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"ac66-64f93cba4a6a3-br"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
server
Apache
v3.29c1fc83688fef06b9284058a1d53a6f.css
www.axa.ch/etc.clientlibs/axa/sites/components/general/infobox/clientlibs/ 		1 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/general/infobox/clientlibs/v3.29c1fc83688fef06b9284058a1d53a6f.css
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
e1cfa0d0866ae51327ceaf094bd64b9d944b85aa26722655a732e17dc3559d53
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"4b3-64f93cb7f8e96-br"
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:33 GMT
vary
Accept-Encoding
content-type
text/css
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
server
Apache
v3.3e5af5d9a43a91a3fc3df4887b02d5c1.css
www.axa.ch/etc.clientlibs/axa/sites/components/general/text/clientlibs/ 		6 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/general/text/clientlibs/v3.3e5af5d9a43a91a3fc3df4887b02d5c1.css
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
f56d444f1b834795144ea476dc03945ce2affd436b59e7a98ddd6ab1d3a1bd2a
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"160b-64f93cba4aa8b-br"
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
text/css
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
server
Apache
v3.5814f76ebb4bd0423b32afe36ee3e5ed.css
www.axa.ch/etc.clientlibs/axa/sites/components/container/extendedteasercontainer/clientlibs/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/container/extendedteasercontainer/clientlibs/v3.5814f76ebb4bd0423b32afe36ee3e5ed.css
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
045ec2cc763f3a604e054a86681a7e76b2ad9e1c91d9fb65032bdb44543851a5
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"d5e-64f93cc2b04ea-br"
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:44 GMT
vary
Accept-Encoding
content-type
text/css
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
server
Apache
v3.c2e958ba267da5638b3b944d4595b657.css
www.axa.ch/etc.clientlibs/axa/sites/components/review/reviewTeaser/clientlibs/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/review/reviewTeaser/clientlibs/v3.c2e958ba267da5638b3b944d4595b657.css
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
67c07513ee3ba04563d745b390905c556d69ed9443cd2a938f9684780af975f2
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"cd8-64f93cc2af932-br"
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:44 GMT
vary
Accept-Encoding
content-type
text/css
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
server
Apache
v3.d0c9c3a4b91ff8285acf0a64fedfd8a9.css
www.axa.ch/etc.clientlibs/axa/sites/components/container/relatedcontentcontainer/clientlibs/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/container/relatedcontentcontainer/clientlibs/v3.d0c9c3a4b91ff8285acf0a64fedfd8a9.css
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
dbe6be0e073ef8f6c2d571bac537e4c9b6584f10f778291dd32367b58d0ab6f5
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"a15-64f93cc2af932-br"
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:44 GMT
vary
Accept-Encoding
content-type
text/css
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
server
Apache
v3.a7b305407232a91c19b40e90dfd7a8fb.css
www.axa.ch/etc.clientlibs/axa/sites/components/container/teasercontainer/clientlibs/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/container/teasercontainer/clientlibs/v3.a7b305407232a91c19b40e90dfd7a8fb.css
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
9b12a2939da000634985732eec2f41bebba06896115da8223156d61e32a1acb6
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/de/privatkunden.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"1139-64f93cc2b37b2-br"
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:44 GMT
vary
Accept-Encoding
content-type
text/css
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
server
Apache
v3.083a712cda859e4a90821ba73810986e.js
www.axa.ch/etc.clientlibs/axa/sites/components/container/teasercontainer/clientlibs/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/components/container/teasercontainer/clientlibs/v3.083a712cda859e4a90821ba73810986e.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
dfe0c5eac826bfe86c25808d4495110dabe4cda68efa77fe5d418891618be387
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"52b-64f93cc2b5ada-br"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:44 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
server
Apache
clientlib.0dbd73991ffa1249fbf17df6acad6aac.js
www.axa.ch/etc.clientlibs/axa/hub/podtbcrmbehi/ 		307 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/hub/podtbcrmbehi/clientlib.0dbd73991ffa1249fbf17df6acad6aac.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
06161761a8554080c9420770f3e0f905391d70a106d0ab1ba8ced2390ff08630
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"4cdc5-64f93cbe4ff37-br"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:39 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
server
Apache
clientlib.6d7f03672603da91309f7546985580cf.js
www.axa.ch/etc.clientlibs/axa/hub/podmenumanager/ 		122 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/hub/podmenumanager/clientlib.6d7f03672603da91309f7546985580cf.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
8825657afdcd7955b2766e202d7cd03abde70a880ab88762ac17611f15b86fde
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"1e6e2-64f93cba4a2bb-br"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
server
Apache
clientlib.7cb9f7b9e0bb2a5cfc69ac2947ef6bf9.js
www.axa.ch/etc.clientlibs/axa/hub/podaccessmanager/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/hub/podaccessmanager/clientlib.7cb9f7b9e0bb2a5cfc69ac2947ef6bf9.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
60622ff81e41efcf603fea2b68a90ab6b7b40249e75cc9202267be01e1f4eb37
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"16fe0-64f93cba4b25b-br"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
server
Apache
v3.9c46ea951eca33b6cc21f3e1f0e022ee.js
www.axa.ch/etc.clientlibs/axa/sites/axa-ch-core/clientlibs/ 		182 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/sites/axa-ch-core/clientlibs/v3.9c46ea951eca33b6cc21f3e1f0e022ee.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
430f30216b9b95c84006bb43c4ddebb1b953484d40474ad36d29fc18b9892664
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"2d818-64f93cba4ae73-br"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:35 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
server
Apache
favicon.ico
www.axa.ch/healthcheck/
Redirect Chain
  • https://www.axa.ch/favicon.ico
  • https://www.axa.ch/healthcheck/favicon.ico
3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/healthcheck/favicon.ico
Protocol
H2
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
e78f84966ee86dea35eda9fc910456f2c7428bb8dbea9d1cab33d1118ddf043e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.axa.ch/de/privatkunden.html

Response headers

accept-ranges
bytes
content-length
3262
etag
"cbe-64cfd92b4d3e4"
date
Sat, 18 Apr 2026 10:54:35 GMT
last-modified
Sat, 14 Mar 2026 15:23:52 GMT
content-type
image/x-icon
server
Apache

Redirect headers

location
https://www.axa.ch/healthcheck/favicon.ico
content-length
266
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?a=adblocker_check
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsggc:196:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:196:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:196:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:196:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
text/plain
server
Golfe2
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=79389d5e-6af5-4a08-9454-78e93df40786&data-document-language=true
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0dc0f2c2b6053e08bcaf54fed36660cd737ea710d9200b7bc95e365a537fb63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-md5
ZbblqHgYfYwE/+Lbw8uZdA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DE93850741EAB5
x-ms-lease-status
unlocked
age
84360
cf-cache-status
HIT
x-content-type-options
nosniff
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/javascript
last-modified
Mon, 06 Apr 2026 02:34:29 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
344c978a-101e-007e-2cb8-c50c45000000
cf-ray
9ee321e038e2b571-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
8705
x-ms-blob-type
BlockBlob
server
cloudflare
gtm.js
load.trk.axa.ch/ 		216 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://load.trk.axa.ch/gtm.js?id=GTM-547WVPP&gtg_health=1
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.94.19 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c24c8a68f1ffcf9b37963dfdf26c4874c307feceac1245180f85db1da436416a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
cf-cache-status
HIT
age
23
x-content-type-options
nosniff
expires
Sat, 18 Apr 2026 10:54:11 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 18 Apr 2026 10:54:12 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private, max-age=900
x-stape-version
1.2.0
cross-origin-resource-policy
cross-origin
referrer-policy
same-origin
cf-ray
9ee321e00ff6fcc9-ZRH
x-xss-protection
1; mode=block
server
cloudflare
79389d5e-6af5-4a08-9454-78e93df40786.json
cdn.cookielaw.org/consent/79389d5e-6af5-4a08-9454-78e93df40786/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/79389d5e-6af5-4a08-9454-78e93df40786/79389d5e-6af5-4a08-9454-78e93df40786.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=79389d5e-6af5-4a08-9454-78e93df40786&data-document-language=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
590e38aae6503702005712170890304e4572b4e69c4570db6ad3fc8df83a2eed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-md5
mD43oHkMbGCkgxCkezBlXQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding, X-OneTrust-IsBot
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCB082F4875A30
age
28750
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sun, 19 Apr 2026 10:54:35 GMT
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/json
last-modified
Tue, 30 Jul 2024 10:32:47 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-onetrust-isbot
true
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
c2d62f1a-301e-0100-2e4c-26d5df000000
cf-ray
9ee321e0ae5b29a7-ZRH
accept-ranges
bytes
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		67 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=79389d5e-6af5-4a08-9454-78e93df40786&data-document-language=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:310d::ac40:9b77 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e91e62490f19fae2907ddbfae2a95990ca18631d5386fa9de60311dd777ae4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
accept
application/json
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
9ee321e13a23265f-ZRH
access-control-allow-origin
*
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202407.1.0/ 		451 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202407.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=79389d5e-6af5-4a08-9454-78e93df40786&data-document-language=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c8dc48fb49d5df075bf32d6655815cce9440a80bef0458f72a5bb85fa96d4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-md5
OB5ZPaM1F+xqSvW4fnjknQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCAB84B4C53B13
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
20745
x-content-type-options
nosniff
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/javascript
last-modified
Wed, 24 Jul 2024 02:02:43 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
c64c3357-a01e-00ab-3fb4-ef4498000000
cf-ray
9ee321e17b33b571-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
112090
x-ms-blob-type
BlockBlob
server
cloudflare
de.json
cdn.cookielaw.org/consent/79389d5e-6af5-4a08-9454-78e93df40786/09be28ab-926a-481b-9810-d1304d20458a/ 		89 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/79389d5e-6af5-4a08-9454-78e93df40786/09be28ab-926a-481b-9810-d1304d20458a/de.json
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4061480e7f8a1524a25df6dbd817ba28fbdb10c45c8fc72d35c084d08475536
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-md5
PeHY5npX2mYezAQ7Gbc58Q==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding, X-OneTrust-IsBot
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCB082F54B7EC6
age
74275
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sun, 19 Apr 2026 10:54:35 GMT
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/json
last-modified
Tue, 30 Jul 2024 10:32:48 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-onetrust-isbot
true
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
b7f894bd-101e-0013-618d-38a66b000000
cf-ray
9ee321e1d87429a7-ZRH
accept-ranges
bytes
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
bat.js
bat.bing.com/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
855230e1321917153b6859521e1ccfab0dce7497f88645e73d7e6db9c4bbe3b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"808fed96cbddc1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 585C77C39172459DAEF385DCE9DF7613 Ref B: ZRHEDGE1712 Ref C: 2026-04-18T10:54:35Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
15402
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/javascript
last-modified
Thu, 26 Mar 2026 22:06:51 GMT
vary
Accept-Encoding
otFlat.json
cdn.cookielaw.org/scripttemplates/202407.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202407.1.0/assets/otFlat.json
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-md5
Jby9k1ulZUoqHRoLPkzJJA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCAB84B133BB3A
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
15463
x-content-type-options
nosniff
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/json
last-modified
Wed, 24 Jul 2024 02:02:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
13cc0cb6-a01e-00c6-0488-a2eeb6000000
cf-ray
9ee321e2390429a7-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
3003
x-ms-blob-type
BlockBlob
server
cloudflare
otPcTab.json
cdn.cookielaw.org/scripttemplates/202407.1.0/assets/v2/ 		64 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202407.1.0/assets/v2/otPcTab.json
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b0dc3066786d9507f347b076d34abc4c6f92f32ba5ff9d61d109c6b2b9b2d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-md5
+z0Wst4HOc7DAF08nB2Quw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCAB84B2B354D2
x-ms-lease-status
unlocked
age
8656
cf-cache-status
HIT
x-content-type-options
nosniff
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/json
last-modified
Wed, 24 Jul 2024 02:02:40 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
bc2b02bb-f01e-005d-4c68-39638e000000
cf-ray
9ee321e2390629a7-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
13789
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202407.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202407.1.0/assets/otCommonStyles.css
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-md5
HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
cf-cache-status
HIT
x-ms-lease-status
unlocked
age
20743
x-content-type-options
nosniff
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
text/css
last-modified
Wed, 24 Jul 2024 02:02:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
b1435618-c01e-00f4-5006-f3b666000000
cf-ray
9ee321e2390829a7-ZRH
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
8ba03cd4-448e-4ed0-8fa6-9f1282cf5ee3.js
cdn.mouseflow.com/projects/ 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/8ba03cd4-448e-4ed0-8fa6-9f1282cf5ee3.js
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.50 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72cf8bc16ae7e076019208d00588b8c7ecb8aebb0d830acd10811b2eb98e8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
x-goog-hash
crc32c=6fUTxw==, md5=ZYkHqndKxy3FgpYSlj3Eaw==
x-mf-country
CH
cf-cache-status
HIT
age
361979
etag
W/"658907aa774ac72dc5829612963dc46b"
content-encoding
br
x-content-type-options
nosniff
x-goog-stored-content-encoding
identity
expires
Sun, 19 Apr 2026 10:54:35 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
172817
server-timing
cfExtPri
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/javascript
last-modified
Fri, 10 Apr 2026 07:08:06 GMT
priority
u=3,i=?0
x-guploader-uploadid
AMNfjG3TGunnZXoGNXzRKNmIjUazZMc_5bSWYXhWg5u_9V_FNoLuAeWOxPLDVnc2Mciyww
x-mf-continent
EU
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=86400
x-goog-storage-class
STANDARD
cf-ray
9ee321e26dd3c126-ZRH
access-control-allow-origin
*
x-goog-generation
1775804886615291
x-mf-script-region
enforced-privacy
server
cloudflare
set_partitioned_cookie
www.googleadservices.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/set_partitioned_cookie?rcb=7&frm=0&apvc=1&ae=g&en=page_view&ref=www.google.com&url=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html&lps=1&rnd=1393621167.1776509676&dt=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz&auid=507894098.1776509676&navt=n&npa=0&ep.ads_data_redaction=0&gdid=dYWJhMj&gtm=45Fe64f1v78084449za200zd78084449xea&gcs=G111&gcd=13v3v3v3v5l1&dma=0&tag_exp=0~115616985~115938466~115938468~117266400&tft=1776509675876&tfd=1044&apve=1&apvf=f&gap.gtb=2
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.20.156 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bx-in-f156.1e100.net
Software
/
Resource Hash

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers
3070
trk.axa.ch/bbxptalgfw/ 		500 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.axa.ch/bbxptalgfw/3070?891b1620=L2d0YWcvanM%2FaWQ9Ry1QQ1k4Sk5TNDhDJmN4PWMmZ3RtPTRlNjRmMQ%3D%3D
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1900:40d0:7c7:8000:: Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
a8337fa9e385a2062bd55212a3e8b90638f04cbe00c7b82afabcc6666767c4ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex
cache-control
private, max-age=900
content-encoding
br
trace-id
61846138-d5f5-4f22-b48c-f8387e566f91
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 18 Apr 2026 10:54:35 GMT
access-control-allow-origin
*
date
Sat, 18 Apr 2026 10:54:35 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
server
nginx
access-control-allow-headers
Cache-Control
insight.min.js
snap.licdn.com/li.lms-analytics/ 		30 B
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
4c9636d4d8db3e7f014a2fa1318d62a8b6a5cca7e0f7123c281d446f06fe717c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
max-age=0
x-cdn-proto
HTTP2
x-cdn
AKAM
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600
access-control-allow-origin
*
content-length
30
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/javascript;charset=utf-8
fbevents.js
connect.facebook.net/en_US/ 		366 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/de/privatkunden.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
9b318389f48d9265ad3633a60eff337cae5daebf4801bf24a748448dc3bf1e81
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net blob: 'self' 'nonce-nlumxnmQ';style-src 'self' data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com blob: 'self' data: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net;font-src 'self' data: blob:;img-src 'self' data: blob:;media-src 'self' data: blob:;child-src 'self' data: blob:;frame-src 'self' data: blob:;manifest-src 'self' data: blob:;object-src 'self' data: blob:;worker-src 'self' data: blob:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net blob: 'self' 'nonce-nlumxnmQ';style-src 'self' data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com blob: 'self' data: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net;font-src 'self' data: blob:;img-src 'self' data: blob:;media-src 'self' data: blob:;child-src 'self' data: blob:;frame-src 'self' data: blob:;manifest-src 'self' data: blob:;object-src 'self' data: blob:;worker-src 'self' data: blob:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4994, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
ptTi2Zm3CTcEGGY44lvOURak/ugSsMsBPECOiU3mFCDmvcPrfGzzeMS9zavXiq7X7hx7bVz37f7CDyXZncsiJw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
content-length
98727
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?rcb=7&frm=0&ae=g&en=page_view&dr=www.google.com&dl=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html&lps=1&rnd=1393621167.1776509676&dt=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz&auid=507894098.1776509676&navt=n&npa=0&ep.ads_data_redaction=0&gdid=dYWJhMj&gtm=45Fe64f1v78084449za200zd78084449xea&gcs=G111&gcd=13v3v3v3v5l1&dma=0&tag_exp=0~115616985~115938466~115938468~117266400&apve=1&apvf=f&gap.gtb=2&apvc=1&tft=1776509675896&tfd=1064
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.152.119 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
703 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
cf-cache-status
HIT
x-ms-lease-status
unlocked
age
5154
x-content-type-options
nosniff
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
image/svg+xml
last-modified
Mon, 06 Apr 2026 02:34:35 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
6e5c4902-101e-00fd-51a7-c5ace8000000
cf-ray
9ee321e2797029a7-ZRH
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
logo.png
cdn.cookielaw.org/logos/64e4939b-1469-406f-833f-8ed53e561482/8b741dd8-5aa3-4f9a-ba9e-a681e1979b92/cdf3fa2e-d532-4a6f-b90c-0d9d597e5cba/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/64e4939b-1469-406f-833f-8ed53e561482/8b741dd8-5aa3-4f9a-ba9e-a681e1979b92/cdf3fa2e-d532-4a6f-b90c-0d9d597e5cba/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d70c26845a28f260270a5833b1eca560ff6611eb468e724797e11cbea98437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-md5
iEbQL/slbIVMVOHT93h5Zw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8D80EA15FDF6D4F
age
427
cf-cache-status
HIT
x-content-type-options
nosniff
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
image/png
last-modified
Fri, 12 Jun 2020 07:22:33 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
7d714701-001e-006a-2385-3ccf21000000
cf-ray
9ee321e28d76b571-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
4348
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cddd450a33be5e50d6f27aea78d2e278beae2762678b22fc2dcee8de29cbc0be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-md5
yMeilKp6reuDTG1eNiffRg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
cf-cache-status
HIT
x-ms-lease-status
unlocked
age
83471
x-content-type-options
nosniff
expires
Wed, 15 Apr 2026 08:14:30 GMT
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
image/svg+xml
last-modified
Mon, 06 Apr 2026 02:34:36 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
a2d46c1a-301e-0100-442a-c6d5df000000
cf-ray
9ee321e28d7ab571-ZRH
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
init
eu01.rec.mouseflow.com/ Frame 669C 		13 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu01.rec.mouseflow.com/init?v=19.12&p=8ba03cd4-448e-4ed0-8fa6-9f1282cf5ee3&s=537436b03603883dfd6efea0b571cf8b&page=0418355598225b79a54ab41acf90d8d227d34c34&ret=0&u=619195daa62fa2748a03a011794d3b92&href=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html&url=%2Fde%2Fprivatkunden.html&ref=https%3A%2F%2Fwww.google.com&title=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz&res=1600x1200&tz=-60&to=0&dnt=0&ori=&dw=1600&dh=1200&time=1776509675955&pxr=1&gdpr=0&vars=page_name%3D%252Fprivatkunden%26language%3Dde%26platform%3DAXACH%26env_work%3Dprod%2520publish
Requested by
Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/8ba03cd4-448e-4ed0-8fa6-9f1282cf5ee3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:48d4:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
53db1f4d6216aacd78982eb511f3c9f566215fa61bb8bd0386996e8555669e31
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua-platform
"Windows"
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
Content-Type
application/x-www-form-urlencoded
sec-ch-ua-mobile
?0

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.axa.ch
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13
date
Sat, 18 Apr 2026 10:54:36 GMT
x-cloud-trace-context
65cade42c5620c6c46500dd3c1028244
content-type
text/plain
vary
Origin
server
nginx
x-frame-options
SAMEORIGIN
5562228.js
bat.bing.com/p/action/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5562228.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
bcba42fb1a111f32f153985fb9431ca029328f90bca6e88a174ba67750f8ba45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6764848B445D41BB9410A5C67CDE1213 Ref B: ZRHEDGE1712 Ref C: 2026-04-18T10:54:35Z
x-cache
CONFIG_NOCACHE
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
1631528177084053
connect.facebook.net/signals/config/ 		168 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1631528177084053?v=2.9.300&r=stable&domain=www.axa.ch&hme=c048e760b3fdc0fbdc117d7607b2c36e13eff2660c515ac72e86dac5ba060bb9&ex_m=104%2C205%2C154%2C22%2C72%2C73%2C145%2C68%2C67%2C11%2C162%2C90%2C16%2C138%2C127%2C39%2C75%2C78%2C134%2C159%2C164%2C8%2C4%2C5%2C7%2C6%2C3%2C91%2C101%2C165%2C170%2C219%2C62%2C186%2C187%2C55%2C277%2C30%2C74%2C231%2C230%2C229%2C23%2C33%2C103%2C61%2C10%2C63%2C97%2C98%2C99%2C105%2C130%2C31%2C29%2C132%2C133%2C129%2C128%2C155%2C76%2C158%2C156%2C157%2C50%2C60%2C123%2C15%2C161%2C45%2C264%2C265%2C263%2C26%2C27%2C28%2C48%2C146%2C77%2C112%2C18%2C20%2C44%2C40%2C42%2C41%2C83%2C92%2C96%2C110%2C144%2C147%2C46%2C111%2C24%2C21%2C119%2C69%2C36%2C149%2C148%2C150%2C141%2C139%2C25%2C35%2C59%2C109%2C160%2C70%2C17%2C152%2C114%2C81%2C66%2C19%2C85%2C86%2C116%2C84%2C136%2C135%2C34%2C279%2C294%2C212%2C201%2C202%2C200%2C297%2C289%2C52%2C213%2C107%2C131%2C80%2C121%2C54%2C47%2C49%2C113%2C120%2C126%2C58%2C64%2C151%2C115%2C37%2C32%2C53%2C56%2C100%2C163%2C1%2C124%2C14%2C122%2C12%2C2%2C57%2C93%2C65%2C118%2C89%2C88%2C166%2C167%2C94%2C95%2C9%2C125%2C102%2C51%2C142%2C87%2C79%2C71%2C117%2C106%2C43%2C143%2C0%2C82%2C137%2C140%2C153%2C38%2C108%2C13%2C168
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
2640dd61e8384851c8e4897f1f1581cc4348f893e682790d17f0bc0f83aba8b8
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net blob: 'self' 'nonce-3GzdIxwn';style-src 'self' data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com blob: 'self' data: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net;font-src 'self' data: blob:;img-src 'self' data: blob:;media-src 'self' data: blob:;child-src 'self' data: blob:;frame-src 'self' data: blob:;manifest-src 'self' data: blob:;object-src 'self' data: blob:;worker-src 'self' data: blob:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 18 Apr 2026 10:54:36 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net blob: 'self' 'nonce-3GzdIxwn';style-src 'self' data: blob: 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com *.cdninstagram.com blob: 'self' data: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net;font-src 'self' data: blob:;img-src 'self' data: blob:;media-src 'self' data: blob:;child-src 'self' data: blob:;frame-src 'self' data: blob:;manifest-src 'self' data: blob:;object-src 'self' data: blob:;worker-src 'self' data: blob:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=101, mss=1232, tbw=108546, tp=97, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
jaaMRsURg9xsizXYMurujYxcstLIDhYHNGg0be1spryCUyewvSqXWMoIhhIoIt8SpD5YfxRV9hFmuZGvsJJXGw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
content-length
39573
x-xss-protection
0
origin-agent-cluster
?1
5562228
bat.bing.com/p/insights/t/ 		766 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/insights/t/5562228
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5562228.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
8b41724559bbaec81ed26ff1c25a2278c460d5f60d5e504fbe8d4bd63917c003
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
no-cache, no-store
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F21CE120B0534C7EB50E3AB116A52DEB Ref B: ZRHEDGE1712 Ref C: 2026-04-18T10:54:36Z
request-context
appId=cid-v1:a894a21c-0197-44e5-b203-3cbc01252c82
expires
-1
x-cache
CONFIG_NOCACHE
content-length
766
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/x-javascript
0
bat.bing.com/actionp/ 		0
286 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/actionp/0?ti=5562228&tm=gtm002&Ver=2&mid=886b64cc-1b32-416e-a3ab-75f7dc0516a0&bo=1&evt=consent&src=update&cdb=AQET&asc=G
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 00A4C2B14B714AE7AC12A4988EF167E5 Ref B: ZRHEDGE1712 Ref C: 2026-04-18T10:54:36Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 18 Apr 2026 10:54:35 GMT
0
bat.bing.com/actionp/ 		0
230 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/actionp/0?ti=5562228&tm=gtm002&Ver=2&mid=886b64cc-1b32-416e-a3ab-75f7dc0516a0&bo=2&evt=consent&src=default&cdb=AQET&asc=G
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 757C68BA3ECE4E14B73EE889DB0C7565 Ref B: ZRHEDGE1712 Ref C: 2026-04-18T10:54:36Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 18 Apr 2026 10:54:35 GMT
0
bat.bing.com/action/ 		0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5562228&tm=gtm002&Ver=2&mid=886b64cc-1b32-416e-a3ab-75f7dc0516a0&bo=3&sid=fd4ddc203b1411f19492e5b1189f47e1&vid=fd4ded103b1411f19b8acf65c21644b3&vids=1&msclkid=N&uach=pv%3D19.0.0&pi=918639831&lg=de-CH&sw=1600&sh=1200&sc=24&tl=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz&p=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html&r=https%3A%2F%2Fwww.google.com%2F&lt=526&evt=pageLoad&sv=2&asc=G&cdb=AQET&rn=89268
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D6F510BC90B24105AD4A1F4C738F9B51 Ref B: ZRHEDGE1712 Ref C: 2026-04-18T10:54:36Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 18 Apr 2026 10:54:35 GMT
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1631528177084053&ev=PageView&dl=https%3A%2F%2Fwww.axa.ch&rl=https%3A%2F%2Fwww.google.com&if=false&ts=1776509676056&sw=1600&sh=1200&v=2.9.300&r=stable&ec=0&o=4124&fbp=fb.1.1776509676054.345233917266514794&pm=1&hrl=8cbe80&ler=other&cdl=API_unavailable&plt=306.3999996185303&ups[pv]=%7B%7D&ups[rpv]=%7B%7D&it=1776509676011&coo=false&cs_cc=1&ccs=969784948302780&cas=8880943995296984%2C8641105555944827%2C7692100737537608%2C9698952936845312%2C7446009712153989%2C26019129894352883%2C6007261542645899%2C5249264648450526%2C2716405065073896&pm_metadata=%7B%22cd%22%3Atrue%7D&dlc=1&rlc=1&expv2[0]=pl0&expv2[1]=el3&expv2[2]=bc1&expv2[3]=ra0&expv2[4]=rp0&expv2[5]=ct3&expv2[6]=hf0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4767, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 18 Apr 2026 10:54:36 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=1,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1631528177084053&ev=PageView&dl=https%3A%2F%2Fwww.axa.ch&rl=https%3A%2F%2Fwww.google.com&if=false&ts=1776509676056&sw=1600&sh=1200&v=2.9.300&r=stable&ec=0&o=4124&fbp=fb.1.1776509676054.345233917266514794&pm=1&hrl=8cbe80&ler=other&cdl=API_unavailable&plt=306.3999996185303&ups[pv]=%7B%7D&ups[rpv]=%7B%7D&it=1776509676011&coo=false&cs_cc=1&ccs=969784948302780&cas=8880943995296984%2C8641105555944827%2C7692100737537608%2C9698952936845312%2C7446009712153989%2C26019129894352883%2C6007261542645899%2C5249264648450526%2C2716405065073896&pm_metadata=%7B%22cd%22%3Atrue%7D&dlc=1&rlc=1&expv2[0]=pl0&expv2[1]=el3&expv2[2]=bc1&expv2[3]=ra0&expv2[4]=rp0&expv2[5]=ct3&expv2[6]=hf0&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net *.whatsapp.com *.whatsapp.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-2R3eXdOB' blob: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *.instagram.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7630050960751784252&cpp=C3&cv=1037639827&st=1776509676151"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[],"aggregatable_values":{},"aggregatable_source_registration_time":"exclude","filters":{"3":["9209281882436666"]},"debug_reporting":true,"debug_key":"360979222845766613"}
date
Sat, 18 Apr 2026 10:54:36 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
9twVHPEzEYIKhxKqktr/BvtsTsM0e6cvxQ7RjCIu0k9ej+0tCepB/vYWbe5lPAwkcJk51Z+gMnLDQgQo0BeI3w==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7630050960751784252&cpp=C3&cv=1037639827&st=1776509676151", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net *.whatsapp.com *.whatsapp.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-2R3eXdOB' blob: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *.instagram.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=24, mss=1232, tbw=5407, tp=13, tpl=0, uplat=187, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self "https://www.fbsbx.com"), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
x-xss-protection
0
origin-agent-cluster
?1
0.8.59
bat.bing.com/p/insights/s/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/insights/s/0.8.59
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/5562228
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
70cef68a14dc6fea5efb0ec90f7b25a6db1a3d8e78f0bebfd1ed2fff944fa8ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
x-ms-version
2018-03-28
etag
W/"0x8DE8F624B6B41F2"
x-fd-int-roxy-purgeid
1
x-cache
CONFIG_NOCACHE
date
Sat, 18 Apr 2026 10:54:35 GMT
content-type
application/javascript;charset=utf-8
last-modified
Tue, 31 Mar 2026 20:15:46 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=86400
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0F8520AED9334646BCE3CD84EA0C5CFF Ref B: ZRHEDGE1712 Ref C: 2026-04-18T10:54:36Z
x-ms-request-id
b58e4261-601e-0050-2d82-cdec8b000000
access-control-allow-origin
*
x-azure-ref
20260418T105436Z-164cbd9b5b7q6hckhC1DUB9zcn0000000mdg000000000y9e
destination
www.googletagmanager.com/gtag/ 		363 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-8141516&cx=c&gtm=4e64f1
Requested by
Host: trk.axa.ch
URL: https://trk.axa.ch/bbxptalgfw/3070?891b1620=L2d0YWcvanM%2FaWQ9Ry1QQ1k4Sk5TNDhDJmN4PWMmZ3RtPTRlNjRmMQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:c1f::61 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86405ad7e9e2318805c094312122d66e4db3bb979b9bbc374034686809d7e602
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
zstd
report-to
{"group":"ascgsrsghrgc:70:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:70:0"}],}
expires
Sat, 18 Apr 2026 10:54:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Apr 2026 10:54:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 18 Apr 2026 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:70:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgsrsghrgc:70:0
content-length
132910
x-xss-protection
0
server
Google Tag Manager
bbxptalgfw
trk.axa.ch/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trk.axa.ch/bbxptalgfw?891b1620=L2cvY29sbGVjdD92PTImdGlkPUctUENZOEpOUzQ4QyZndG09NDVoZTY0ZjF2ODk2MTI1NTc1ejg3ODA4NDQ0OXphMjBremI3ODA4NDQ0OXpkNzgwODQ0NDkmX3A9MTc3NjUwOTY3NTExNyZnY3M9RzExMSZnY2Q9MTN2M3YzdjN2NWwxJm5wYT0wJmRtYT0wJmdkaWQ9ZFlXSmhNaiZlY2lkPTIwNDM3MTM0MDEmX2V1PUFBQUFBR0EmX2ZwbGM9MCZhcmU9MSZjaWQ9MTI1MDU3MTQ4OS4xNzc2NTA5Njc2JmZybT0wJmxwcz0xJnBzY2RsPW5vYXBpJnJjYj0xOSZzcj0xNjAweDEyMDAmdHQ9ZXh0ZXJuYWwmdWFhPXg4NiZ1YWI9NjQmdWFmdmw9Q2hyb21pdW0lM0IxNDMuMC4wLjAlN0NHb29nbGUlMjUyMENocm9tZSUzQjE0My4wLjAuMCU3Q05vdC1BLkJyYW5kJTNCMjQuMC4wLjAmdWFtPSZ1YW1iPTAmdWFwPVdpbmRvd3MmdWFwdj0xOS4wLjAmdWF3PTAmdWw9ZGUtY2gmdXI9Q0gmc3N0LnJuZD0xMzkzNjIxMTY3LjE3NzY1MDk2NzYmc3N0LmV0bGQ9Z29vZ2xlLmNoJnNzdC5nY3N1Yj1yZWdpb24xJnNzdC50ZnQ9MTc3NjUwOTY3NTExNyZzc3QubHBjPTExMjU4NTMwMCZzc3QubmF2dD1uJnNzdC51ZGU9MCZzc3Quc3dfZXhwPTEmX3M9MSZ0YWdfZXhwPTB%2BMTE1OTM4NDY2fjExNTkzODQ2OH4xMTcyNjY0MDF%2BMTE3OTcxMTczJnNpZD0xNzc2NTA5Njc2JnNjdD0xJnNlZz0wJmRsPWh0dHBzJTNBJTJGJTJGd3d3LmF4YS5jaCUyRmRlJTJGcHJpdmF0a3VuZGVuLmh0bWwmZHI9aHR0cHMlM0ElMkYlMkZ3d3cuZ29vZ2xlLmNvbSUyRiZkdD1BWEElMjAlRTIlODAlOTMlMjBWZXJzaWNoZXJ1bmclMjAlMjYlMjBWb3Jzb3JnZSUyMGluJTIwZGVyJTIwU2Nod2VpeiZfdHU9QkEmZW49cGFnZV92aWV3Jl9mdj0xJl9uc2k9MSZfc3M9MSZnYXAuZ3RiPTImZXAuZXZlbnRfaWQ9MTc3NjUxMDA5NTE2NF8xNzc2NTEwMjA2NDA0NTYmZXBuLmV2ZW50X3RpbWVzdGFtcD0xNzc2NTA5Njc1ODg3JmVwbi5jb252ZXJzaW9uX2hhcHBlbmVkX2F0PTE3NzY1MDk2NzU4ODcmZXAuZXZlbnRfZGF0ZV90aW1lPTIwMjYtMDQtMThUMTIlM0E1NCUzQTM1Ljg4NyUyQjAyJTNBMDAmZXAuZWxlbWVudF9pbnRlcmFjdGlvbj1hdC1yZXF1ZXN0LXN1Y2NlZWRlZCZlcC51c2VyX3Zpc2l0b3JMb2dpblN0YXRlPWZhbHNlJmVwLnByb2R1Y3RfdGFyZ2V0R3JvdXA9cCZlcC5wYWdlX3VybF9mdWxsPWh0dHBzJTNBJTJGJTJGd3d3LmF4YS5jaCUyRmRlJTJGcHJpdmF0a3VuZGVuLmh0bWwmZXAucGFnZV9uYW1lPSUyRnByaXZhdGt1bmRlbiZlcC5wYWdlX2xhbmd1YWdlPWRlJmVwLnBhZ2VfZW52aXJvbm1lbnQ9cHJvZCUyMHB1Ymxpc2gmZXAucGxhdGZvcm09QVhBQ0gmZXAuaGl0X3NvdXJjZT1zZXJ2ZXItc2lkZS1ndG0mZXAuY29udGV4dD1pbi13ZWJodWImZXAuYWRvYmVfaWRfc2Vzc2lvbj00YmM3MTgwYjFlMTc0Nzc3OTYyZTc5NTMyZTA3ZjAwNSZlcC5lbGVtZW50X3ZhcmlhbnQ9RXhwZXJpZW5jZSUyMEMlMjAlMjAtJTIwJTIwU29jaWFsJTIwUHJvb2YmZXAuZWxlbWVudF92YXJpYW50X2lkPTMmZXAuZWxlbWVudF9uYW1lPTI2NF9heGFjaF9teUFYQS1BcHBfV2VpY2hlbnNlaXRlLVNjaGFkZW5zZWl0ZSZlcC5lbGVtZW50X2lkPTEyNDkxOTAmZXAuZWxlbWVudF9yZXNwb25zZT1zdWNjZXNzJmVwLmVsZW1lbnRfbG9jYXRpb249aGVhZGVyLXRlYXNlciZlcC5jb250ZW50X2dyb3VwPSU3QyU3QyZlcC5lbGVtZW50X3RpdGxlPVdvaGluJTIwZ2VodCUyMElocmUlMjBuJUMzJUE0Y2hzdGUlMjBSZWlzZSUzRiZlcC5oaXRfdHlwZT1pbml0aWFsLXBhZ2V2aWV3JnVwLnVzZXJfaW50ZXJuYWw9ZmFsc2UmdXAuYWRvYmVfaWRfcHJvZmlsZV90bnQ9NGJjNzE4MGIxZTE3NDc3Nzk2MmU3OTUzMmUwN2YwMDUmdXAuYWRvYmVfaWRfZGV2aWNlPTRiYzcxODBiMWUxNzQ3Nzc5NjJlNzk1MzJlMDdmMDA1LjM3XzAmdGZkPTEzNTQmcmljaHNzdHNzZQ%3D%3D
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1900:40d0:7c7:8000:: Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
1d862a318cf73775f2b74b0853ff888cda2c544fa4231a817dfbe75e812d1d86
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

x-robots-tag
noindex, nofollow
cache-control
no-cache
x-accel-buffering
no
trace-id
29ea3fef-9f33-47c6-b047-ddf545c8d227
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.axa.ch
date
Sat, 18 Apr 2026 10:54:36 GMT
content-type
text/plain
sw_iframe.html
trk.axa.ch/_/service_worker/63b0/ Frame 0059 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk.axa.ch/_/service_worker/63b0/sw_iframe.html?origin=https%3A%2F%2Fwww.axa.ch&1p=1
Requested by
Host: trk.axa.ch
URL: https://trk.axa.ch/bbxptalgfw/3070?891b1620=L2d0YWcvanM%2FaWQ9Ry1QQ1k4Sk5TNDhDJmN4PWMmZ3RtPTRlNjRmMQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1900:40d0:7c7:8000:: Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
51bdb0632b8a25a9f75b91ae374875b50831e57fefaed95d7c889b2715a6ae77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Windows"

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
date
Sat, 18 Apr 2026 10:54:36 GMT
expires
Sun, 18 Apr 2027 10:54:36 GMT
last-modified
Wed, 11 Mar 2026 09:08:00 GMT
trace-id
a7efbcdc-66b9-403c-ae89-f552db09bc55
vary
accept-encoding
x-robots-tag
noindex, nofollow
collect
region1.analytics.google.com/g/s/ 		0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://region1.analytics.google.com/g/s/collect?dma=0&npa=0&gcs=G111&gcd=13v3v3v3v5l1&gtm=45h91e64f0v896125575z878084449z99231497292za20kzb78084449zd78084449&tag_exp=0~115938466~115938468~117266401~117401772~117549813~117884345~117971173&_is_sw=f15s0t2&_tu=BA&gap.gtb=2&_gsid=PCY8JNS48CyUligL0UqBnhP5RqNcfoUw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsggc:326:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:326:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:326:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:326:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Apr 2026 10:54:36 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=0&npa=0&gcs=G111&gcd=13v3v3v3v5l1&tid=G-PCY8JNS48C&cid=1250571489.1776509676&gtm=45h91e64f0v896125575z878084449z99231497292za20kzb78084449zd78084449&tag_exp=0~115938466~115938468~117266401~117401772~117549813~117884345~117971173&_is_sw=f15s0t2&_tu=BA&gap.gtb=2&aip=1&z=2035567598
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:c0f::5e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 18 Apr 2026 10:54:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
stats.g.doubleclick.net/g/ 		0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&dma=0&npa=0&gcs=G111&gcd=13v3v3v3v5l1&tid=G-PCY8JNS48C&cid=1250571489.1776509676&gtm=45h91e64f0v896125575z878084449z99231497292za20kzb78084449zd78084449&tag_exp=0~115938466~115938468~117266401~117401772~117549813~117884345~117971173&_is_sw=f15s0t2&_tu=BA&gap.gtb=2&aip=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:c21::9b Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsggc:164:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:164:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:164:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:164:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Apr 2026 10:54:36 GMT
content-type
text/plain
server
Golfe2
csp-reports.csp
www.acc.axa.ch/servlets/external/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.acc.axa.ch/servlets/external/csp-reports.csp
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.38 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
Content-Type
application/csp-report
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-robots-tag
noindex,nofollow
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
no-cache
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://www.axa.ch
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:36 GMT
server
Apache
x-frame-options
DENY
_dc_unique_id=4690204330495367260;_dc_ptd=ChEI8NeMzwYQjau1ibSUhejtARIfAH80wkXScSXSum5dAH1ORAPPVDEQC7BU7A5W1oJSSg;_dc_time=1776509676;dc_pre=CMSNz6Ge95MDFZoQogMdeIk0wA;src=8141516;type=all_user;cat=...
www.google.com/gmp/conversion/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%2...
  • https://ad.doubleclick.net/activity;dc_pre=CMSNz6Ge95MDFZoQogMdeIk0wA;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=A...
  • https://www.google.com/gmp/conversion/_dc_unique_id=4690204330495367260;_dc_ptd=ChEI8NeMzwYQjau1ibSUhejtARIfAH80wkXScSXSum5dAH1ORAPPVDEQC7BU7A5W1oJSSg;_dc_time=1776509676;dc_pre=CMSNz6Ge95MDFZoQogM...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gmp/conversion/_dc_unique_id=4690204330495367260;_dc_ptd=ChEI8NeMzwYQjau1ibSUhejtARIfAH80wkXScSXSum5dAH1ORAPPVDEQC7BU7A5W1oJSSg;_dc_time=1776509676;dc_pre=CMSNz6Ge95MDFZoQogMdeIk0wA;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?
Protocol
H3
Server
142.251.152.119 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.axa.ch/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 18 Apr 2026 10:54:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/gmp/conversion/_dc_unique_id=4690204330495367260;_dc_ptd=ChEI8NeMzwYQjau1ibSUhejtARIfAH80wkXScSXSum5dAH1ORAPPVDEQC7BU7A5W1oJSSg;_dc_time=1776509676;dc_pre=CMSNz6Ge95MDFZoQogMdeIk0wA;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 18 Apr 2026 10:54:36 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
activityi;dc_pre=CMn_0KGe95MDFQ39uwgdGN4JDQ;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicher...
8141516.fls.doubleclick.net/ Frame A104
Redirect Chain
  • https://8141516.fls.doubleclick.net/activityi;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versich...
  • https://8141516.fls.doubleclick.net/activityi;dc_pre=CMn_0KGe95MDFQ39uwgdGN4JDQ;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=...
1 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8141516.fls.doubleclick.net/activityi;dc_pre=CMn_0KGe95MDFQ39uwgdGN4JDQ;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-8141516&cx=c&gtm=4e64f1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.154.148 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bt-in-f148.1e100.net
Software
cafe /
Resource Hash
9d3c3fc8d20bffc7f73c6e6911b069f5ac8699dbed72cc16d32867f53299cf1e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.axa.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Windows"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
612
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Apr 2026 10:54:36 GMT
expires
Sat, 18 Apr 2026 10:54:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Apr 2026 10:54:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8141516.fls.doubleclick.net/activityi;dc_pre=CMn_0KGe95MDFQ39uwgdGN4JDQ;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csp-reports.csp
www.acc.axa.ch/servlets/external/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.acc.axa.ch/servlets/external/csp-reports.csp
Requested by
Host: load.trk.axa.ch
URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.38 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
Content-Type
application/csp-report
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-robots-tag
noindex,nofollow
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
no-cache
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://www.axa.ch
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:36 GMT
server
Apache
x-frame-options
DENY
_dc_unique_id=18198703911119344670;_dc_ptd=ChEI8NeMzwYQjau1ibSUhejtARIfAH80wkV5_aAtN2KI76yOad8JuDqpFMauPfbFB4kt7g;_dc_time=1776509676;dc_pre=CJ6Rz6Ge95MDFUELogMdGSIoHQ;src=8141516;type=all_user;cat...
www.google.com/gmp/conversion/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicheru...
  • https://ad.doubleclick.net/activity;dc_pre=CJ6Rz6Ge95MDFUELogMdGSIoHQ;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXA...
  • https://www.google.com/gmp/conversion/_dc_unique_id=18198703911119344670;_dc_ptd=ChEI8NeMzwYQjau1ibSUhejtARIfAH80wkV5_aAtN2KI76yOad8JuDqpFMauPfbFB4kt7g;_dc_time=1776509676;dc_pre=CJ6Rz6Ge95MDFUELog...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gmp/conversion/_dc_unique_id=18198703911119344670;_dc_ptd=ChEI8NeMzwYQjau1ibSUhejtARIfAH80wkV5_aAtN2KI76yOad8JuDqpFMauPfbFB4kt7g;_dc_time=1776509676;dc_pre=CJ6Rz6Ge95MDFUELogMdGSIoHQ;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?
Protocol
H3
Server
142.251.152.119 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.axa.ch/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 18 Apr 2026 10:54:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://www.google.com/gmp/conversion/_dc_unique_id=18198703911119344670;_dc_ptd=ChEI8NeMzwYQjau1ibSUhejtARIfAH80wkV5_aAtN2KI76yOad8JuDqpFMauPfbFB4kt7g;_dc_time=1776509676;dc_pre=CJ6Rz6Ge95MDFUELogMdGSIoHQ;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 18 Apr 2026 10:54:36 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
activityi;dc_pre=CJjt0KGe95MDFaHDuwgdBnU8xA;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Ve...
8141516.fls.doubleclick.net/ Frame 3AAD
Redirect Chain
  • https://8141516.fls.doubleclick.net/activityi;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20...
  • https://8141516.fls.doubleclick.net/activityi;dc_pre=CJjt0KGe95MDFaHDuwgdBnU8xA;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publ...
1 KB
790 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8141516.fls.doubleclick.net/activityi;dc_pre=CJjt0KGe95MDFaHDuwgdBnU8xA;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-8141516&cx=c&gtm=4e64f1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.154.148 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
bt-in-f148.1e100.net
Software
cafe /
Resource Hash
40400e03686cbe2b4d0f2813bcddf5165f622c834b4e7e1d8a4d1b080700fdbb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.axa.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Windows"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Apr 2026 10:54:36 GMT
expires
Sat, 18 Apr 2026 10:54:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Apr 2026 10:54:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8141516.fls.doubleclick.net/activityi;dc_pre=CJjt0KGe95MDFaHDuwgdBnU8xA;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
l
bat.bing.com/p/insights/c/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/insights/c/l
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.8.59
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Accept
application/x-webinsights-gzip
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F15D48CA34F24C1EB133390CAFB903B3 Ref B: ZRHEDGE1712 Ref C: 2026-04-18T10:54:36Z
access-control-allow-credentials
true
request-context
appId=cid-v1:a449a586-8786-487f-a449-dc1b282a2628
access-control-allow-origin
https://www.axa.ch
x-cache
CONFIG_NOCACHE
date
Sat, 18 Apr 2026 10:54:35 GMT
vary
Origin
dc_pre=CMn_0KGe95MDFQ39uwgdGN4JDQ;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=*;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20d...
adservice.google.com/ddm/fls/z/ Frame A104 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMn_0KGe95MDFQ39uwgdGN4JDQ;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=*;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html
Requested by
Host: 8141516.fls.doubleclick.net
URL: https://8141516.fls.doubleclick.net/activityi;dc_pre=CMn_0KGe95MDFQ39uwgdGN4JDQ;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.13.157 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wt-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://8141516.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 18 Apr 2026 10:54:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
dc_pre=CJjt0KGe95MDFaHDuwgdBnU8xA;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=*;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%2...
adservice.google.com/ddm/fls/z/ Frame 3AAD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJjt0KGe95MDFaHDuwgdBnU8xA;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=*;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html
Requested by
Host: 8141516.fls.doubleclick.net
URL: https://8141516.fls.doubleclick.net/activityi;dc_pre=CJjt0KGe95MDFaHDuwgdBnU8xA;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=2;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;_dc_test=1;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.13.157 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wt-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://8141516.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 18 Apr 2026 10:54:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
clientlib.054de52f84ae7c8424a9f85164b1f885.js
www.axa.ch/etc.clientlibs/axa/hub/podaempatternslibrary/ 		174 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.axa.ch/etc.clientlibs/axa/hub/podaempatternslibrary/clientlib.054de52f84ae7c8424a9f85164b1f885.js
Requested by
Host: www.axa.ch
URL: https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.53 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
77d9e4c1c3770601bfc1229b854a8a43742acefe640aed0286fbd5a25b507c29
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.axa.ch
sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/etc.clientlibs/axa/components/core/axa-script/clientlibs.cd5b7665fc6fc53361b2b5d4ffb5159f.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
etag
"2b89f-64f93cb9c849d-br"
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
expires
Sun, 18 Apr 2027 10:54:37 GMT
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:36 GMT
last-modified
Thu, 16 Apr 2026 13:27:35 GMT
vary
Accept-Encoding
content-type
application/javascript
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
max-age=31536000
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
accept-ranges
bytes
access-control-allow-origin
https://www.axa.ch
server
Apache
csp-reports.csp
www.acc.axa.ch/servlets/external/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.acc.axa.ch/servlets/external/csp-reports.csp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.38 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
Content-Type
application/csp-report
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-robots-tag
noindex,nofollow
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
no-cache
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://www.axa.ch
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:36 GMT
server
Apache
x-frame-options
DENY
csp-reports.csp
www.acc.axa.ch/servlets/external/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.acc.axa.ch/servlets/external/csp-reports.csp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.40.0.38 Winterthur, Switzerland, ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK - Akamai Technologies, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua-platform
"Windows"
Referer
https://www.axa.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
Content-Type
application/csp-report
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-robots-tag
noindex,nofollow
content-security-policy
default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
cache-control
no-cache
content-security-policy-report-only
default-src https://*.axa.ch blob: data: https://*.axa.ch; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.axa.ch https://www.googletagmanager.com https://cdn.cookielaw.org https://cdn.mouseflow.com https://maps.google.com https://maps.googleapis.com https://connect.facebook.net https://axa-winterthur.dimelochat.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://recaptcha.net https://www.google.com https://www.gstatic.com/recaptcha/ https://bat.bing.com https://snap.licdn.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.awin1.com https://lantern.roeyecdn.com https://www.google-analytics.com https://www.googleadservices.com https://*.doubleclick.net https://*.adobe.com https://*.adobe.io https://*.microsoft.com https://*.fusedeck.com https://*.onetrust.com https://*.whatsapp.com https://*.cookielaw.org https://slsnlytcs.com; style-src 'self' 'unsafe-inline' https://*.axa.ch https://fonts.googleapis.com https://www.googletagmanager.com https://*.survalyzer.swiss https://*.visualwebsiteoptimizer.com https://app.vwo.com https://s3.amazonaws.com https://*.adobe.com https://*.microsoft.com; img-src 'self' data: blob: https://chart.googleapis.com https://*.axa.ch https://*.google.com https://*.google.ch https://maps.gstatic.com https://cdn.cookielaw.org https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://ad.doubleclick.net https://www.facebook.com https://www.googletagmanager.com https://i.ytimg.com https://px.ads.linkedin.com https://bat.bing.com https://d5cplpsrt2s33.cloudfront.net https://bat.bing.net https://maps.googleapis.com https://region1.google-analytics.com https://*.googlesyndication.com https://connect.facebook.net https://flagcdn.com https://px.ads.linkedin.com https://www.googleadservices.com https://www.gstatic.com https://*.teads.tv https://*.survalyzer.swiss https://www.google.ch https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com; font-src 'self' data: https://*.axa.ch https://fonts.gstatic.com https://cdn.mouseflow.com https://assets.merci-app.com; connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com; frame-src https://*.axa.ch https://td.doubleclick.net https://8141516.fls.doubleclick.net https://www.youtube.com https://pay.sandbox.datatrans.com https://pay.datatrans.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://recaptcha.net https://www.googletagmanager.com https://*.survalyzer.swiss https://www.axa.ch https://trk.axa.ch https://sgtm.axa.ch https://*.mouseflow.com https://exactag.axa.ch https://*.fusedeck.net https://*.dimelochat.com https://*.doubleclick.net https://www.google.com https://*.teads.tv https://*.onetrust.com https://*.whatsapp.com; frame-ancestors 'self'; block-all-mixed-content ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
access-control-allow-methods
GET,POST,OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://www.axa.ch
p3p
CP="AXA IS NOT USING P3P"
date
Sat, 18 Apr 2026 10:54:36 GMT
server
Apache
x-frame-options
DENY
html
eu01.rec.mouseflow.com/ Frame 669C 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu01.rec.mouseflow.com/html?website=8ba03cd4-448e-4ed0-8fa6-9f1282cf5ee3&session=537436b03603883dfd6efea0b571cf8b&page=0418355598225b79a54ab41acf90d8d227d34c34&gz=1
Requested by
Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/8ba03cd4-448e-4ed0-8fa6-9f1282cf5ee3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.156.210 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
210.156.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua-platform
"Windows"
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
Content-Type
application/x-www-form-urlencoded
sec-ch-ua-mobile
?0

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.axa.ch
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 18 Apr 2026 10:54:37 GMT
x-cloud-trace-context
078fd33bcb9e1b5e353b7b630f5fef99
content-type
text/plain
vary
Origin
server
nginx
x-frame-options
SAMEORIGIN
dom
eu01.rec.mouseflow.com/ Frame 669C 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu01.rec.mouseflow.com/dom?gz=1
Requested by
Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/8ba03cd4-448e-4ed0-8fa6-9f1282cf5ee3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.156.210 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
210.156.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua-platform
"Windows"
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="143", "Google Chrome";v="143", "Not-A.Brand";v="24"
Content-Type
application/x-www-form-urlencoded
sec-ch-ua-mobile
?0

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://www.axa.ch
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 18 Apr 2026 10:54:38 GMT
x-cloud-trace-context
57476122bac03ed1353b7b630f5feece
content-type
text/plain
vary
Origin
server
nginx
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

62 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| adobe object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| ch_axa_webhub_bifrost object| dataLayer string| version string| stage object| reactiveElementVersions object| litHtmlVersions object| litElementVersions boolean| xptalgfwh object| _xsd function| _xgwxptalgfw object| google_tag_manager object| google_tag_data object| otEventListeners function| onYouTubeIframeAPIReady function| iFrameResize function| JSCompiler_renameProperty object| OtTrustedType string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust object| uetq string| cookieName string| cookieValue number| expirationTime string| date number| dateTimeNow object| mf_custom_vars object| _mfq number| gtmBrowserId number| gtmPageLoadId object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| fbq function| _fbq function| callOpiApi function| setWithExpiry function| getWithExpiry object| now boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow function| lintrk function| UET function| UET_init function| UET_push object| ueto_9ea683cb61 function| webinsights object| insightsuetq object| gaGlobal

21 Cookies

Domain/Path Name / Value
www.axa.ch/ Name: AXA_SID-S
Value: AaASjY7eYrXPPr37rOBdDocvBMn04CtQWqQZgNIDjkybB!3lWkthIqHINHVtkhaXA4NM
.axa.ch/ Name: at_check
Value: true
.axa.ch/ Name: mboxEdgeCluster
Value: 37
.load.trk.axa.ch/ Name: __cf_bm
Value: BFq3XqKFYWP.r03_Ck2GLnvWGclOj_qvq8xQ.5.2HPA-1776509675.1787543-1.0.1.1-5CrtggVcZN87is70ISb5IUfWe21pF_jkaQrituuQ4syLTCSVH7vlX.ZnnJC4CtGTGTV_13ML4UWGJuJQk9LwZZUaGDVURpWzQzf7T9SvOeYN7Irn_enGVjfsaH9u5P0r
.axa.ch/ Name: user_consent
Value: ,C0001,C0002,C0003,C0004,C0005,
.axa.ch/ Name: _gcl_au
Value: 1.1.507894098.1776509676
.axa.ch/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sat+Apr+18+2026+12%3A54%3A35+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202407.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=5dc67e9b-7cee-4962-b68b-b05451055628&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1%2CC0005%3A1
.axa.ch/ Name: mf_user
Value: 619195daa62fa2748a03a011794d3b92|
.axa.ch/ Name: _fbp
Value: fb.1.1776509676054.345233917266514794
.bing.com/ Name: MUID
Value: 27EBF3A7E33B66F026E5E498E28167B1
.axa.ch/ Name: _ga_PCY8JNS48C
Value: GS2.1.s1776509676$o1$g0$t1776509676$j60$l0$h2043713401
.axa.ch/ Name: _ga
Value: GA1.1.1250571489.1776509676
.axa.ch/ Name: FPID
Value: FPID2.2.l06wAmNlyRX3hj%2F3phijHMRI9lCFoGV8xLRHu5Kndyo%3D.1776509676
.axa.ch/ Name: FPLC
Value: DcbXDKfpqbeMjhqsyoej5Oz1VdwkTk2vD2QEeRDNss9gdFthbq5EYSVneYO3ZCQY%2BrT4AoB5W%2BBJzCqYSTiaZgqdrGUCWBuzWeG7FlSZeIIsfCReERYO%2BSM%2B2MnCvA%3D%3D
.axa.ch/ Name: FPAU
Value: 1.1.507894098.1776509676
.axa.ch/ Name: FPGSID
Value: 1.1776509676.1776509676.G-PCY8JNS48C.yUligL0UqBnhP5RqNcfoUw
.axa.ch/ Name: _uetsid
Value: fd4ddc203b1411f19492e5b1189f47e1|ci2flp|2|g5b|1|2299
.axa.ch/ Name: _uetvid
Value: fd4ded103b1411f19b8acf65c21644b3|jzivtk|1776509676479|1|1|bat.bing.com/p/insights/c/l
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.axa.ch/ Name: mf_8ba03cd4-448e-4ed0-8fa6-9f1282cf5ee3
Value: 537436b03603883dfd6efea0b571cf8b|0418355598225b79a54ab41acf90d8d227d34c34.1589253487.1776509675964|1776509675955|883692091_-4007109478.-1613589672_3201.1874684019_62715087.-2053995741_-2411621050|0||||0|19.12|0.80966|0|
.axa.ch/ Name: mbox
Value: session#4bc7180b1e174777962e79532e07f005#1776511541|PC#4bc7180b1e174777962e79532e07f005.37_0#1839754476

8 Console Messages

Source Level URL
Text
rendering warning URL: https://www.axa.ch/de/privatkunden.html(Line 261)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:1C1C0B9AF0A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
other error URL: https://www.axa.ch/de/privatkunden.html
Message:
Attestation check for Attribution Reporting on https://www.facebook.com failed.
security info URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Message:
Connecting to 'https://ad.doubleclick.net/activity;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?' violates the following Content Security Policy directive: "connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com". The policy is report-only, so the violation has been logged but no further action has been taken.
security info URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Message:
Connecting to 'https://ad.doubleclick.net/activity;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?' violates the following Content Security Policy directive: "connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com". The policy is report-only, so the violation has been logged but no further action has been taken.
security info URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Message:
Connecting to 'https://ad.doubleclick.net/activity;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?' violates the following Content Security Policy directive: "connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com". The policy is report-only, so the violation has been logged but no further action has been taken.
security info URL: https://load.trk.axa.ch/bbxptalgfw.js?1z6=HgJaKzU5XU1DUTA6MSRWDkpUSV1HEB5FFh4GQgIc
Message:
Connecting to 'https://ad.doubleclick.net/activity;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?' violates the following Content Security Policy directive: "connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com". The policy is report-only, so the violation has been logged but no further action has been taken.
security info URL: https://www.axa.ch/de/privatkunden.html
Message:
Connecting to 'https://ad.doubleclick.net/activity;dc_pre=CJ6Rz6Ge95MDFUELogMdGSIoHQ;src=8141516;type=all_user;cat=all_u00;rcb=12;ord=1;num=2973021446112;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=KJA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_M2H4GooMUN-EsndobAiMqll7Z2UGwFW2xA;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?' violates the following Content Security Policy directive: "connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com". The policy is report-only, so the violation has been logged but no further action has been taken.
security info URL: https://www.axa.ch/de/privatkunden.html
Message:
Connecting to 'https://ad.doubleclick.net/activity;dc_pre=CMSNz6Ge95MDFZoQogMdeIk0wA;src=8141516;type=all_user;cat=all_u0;rcb=12;ord=2068122664208;npa=0;auiddc=507894098.1776509676;u1=prod%20publish;u2=AXACH;u3=AXA%20%E2%80%93%20Versicherung%20%26%20Vorsorge%20in%20der%20Schweiz;u4=%2Fprivatkunden;u6=de;u7=;u8=false;u10=undefined;u11=undefined;u13=undefined;u15=undefined;u16=undefined;u28=www.axa.ch;u9=d;gdid=dYWJhMj;uaa=x86;uab=64;uafvl=Chromium%3B143.0.0.0%7CGoogle%2520Chrome%3B143.0.0.0%7CNot-A.Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=19.0.0;uaw=0;pscdl=noapi;frm=0;_tu=LFA;gtm=45fe64f1v9181626344z878084449za20gzb78084449zd78084449xea;gcs=G111;gcd=13v3v3v3v5l1;dma=0;dc_fmt=3;tag_exp=0~115938466~115938468~117266400~117884344;epver=2;dc_random=1776509676_1wlUx0jCe8uUlhejz7ZcYWcnA7HTQGBNYg;~oref=https%3A%2F%2Fwww.axa.ch%2Fde%2Fprivatkunden.html?' violates the following Content Security Policy directive: "connect-src 'self' https://*.axa.ch https://gtm.axa.ch https://sgtm.axa.ch https://region1.analytics.google.com https://www.google.com https://*.tt.omtrdc.net https://europe.directline.botframework.com https://digitalassistantbot-acc.azurewebsites.net https://cdn.cookielaw.org wss://europe.directline.botframework.com https://googleads.g.doubleclick.net https://maps.googleapis.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://o2.mouseflow.com https://www.google.ch https://selfadvisory-acc.azurewebsites.net https://*.onetrust.com https://bat.bing.com https://bat.bing.net https://px.ads.linkedin.com https://*.service.signalr.net https://pagead2.googlesyndication.com https://*.in.applicationinsights.azure.com https://www.googleadservices.com https://www.google-analytics.com wss://*.service.signalr.net https://*.mouseflow.com https://api.trongrid.io https://digitalassistantbot.azurewebsites.net https://www.facebook.com https://*.teads.tv https://snap.licdn.com https://*.survalyzer.swiss https://*.googlesyndication.com https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://www.googletagmanager.com https://fonts.googleapis.com". The policy is report-only, so the violation has been logged but no further action has been taken.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' blob:; frame-ancestors 'self'; upgrade-insecure-requests ; report-uri https://www.acc.axa.ch/servlets/external/csp-reports.csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8141516.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
analytics.google.com
axa.ch
axatechnologyservice.tt.omtrdc.net
bat.bing.com
brandcenter.axa.ch
cdn.cookielaw.org
cdn.mouseflow.com
connect.facebook.net
eu01.rec.mouseflow.com
geolocation.onetrust.com
load.trk.axa.ch
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
trk.axa.ch
www.acc.axa.ch
www.axa.ch
www.facebook.com
www.google.ch
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.17.94.19
104.18.27.50
142.250.154.148
142.251.127.148
142.251.13.157
142.251.152.119
142.251.20.156
157.240.0.35
157.240.253.1
194.40.0.38
194.40.0.53
2001:4860:4802:32::36
2001:4860:4802:36::181
2600:1900:40d0:7c7:8000::
2600:1901:0:48d4::
2600:9000:208a:a800:1b:6ae0:ebc0:93a1
2606:4700::6812:572a
2620:1ec:33:1::10
2a00:1450:4001:c0f::5e
2a00:1450:4001:c1f::61
2a00:1450:4001:c21::9b
2a02:26f0:1700:d::1737:6ec8
2a06:98c1:310d::ac40:9b77
34.120.156.210
63.140.62.236
045ec2cc763f3a604e054a86681a7e76b2ad9e1c91d9fb65032bdb44543851a5
048f748d95d88246db51d42b024c726da3e0aeaf54a78b07b5a244a8d271a93d
06161761a8554080c9420770f3e0f905391d70a106d0ab1ba8ced2390ff08630
1d862a318cf73775f2b74b0853ff888cda2c544fa4231a817dfbe75e812d1d86
1e91e62490f19fae2907ddbfae2a95990ca18631d5386fa9de60311dd777ae4e
2640dd61e8384851c8e4897f1f1581cc4348f893e682790d17f0bc0f83aba8b8
2965ec6885f8e71714b97b3705e1d2fcc4c7b072c17064fd04d5f3e39d67944c
298588d5a6c992fdb18b010cbe816068ee9210132197f148b4ae1bed7a9ad9db
3db0eff7dd4e6691e193a152b655fdc4d9efd8afb047a287a0dc57e31c639888
3f8eaed0f87bf9d7103b1b433290301d63b6547685e63820b8c9f5830743cced
40400e03686cbe2b4d0f2813bcddf5165f622c834b4e7e1d8a4d1b080700fdbb
430f30216b9b95c84006bb43c4ddebb1b953484d40474ad36d29fc18b9892664
46b0dc3066786d9507f347b076d34abc4c6f92f32ba5ff9d61d109c6b2b9b2d2
4c9636d4d8db3e7f014a2fa1318d62a8b6a5cca7e0f7123c281d446f06fe717c
51bdb0632b8a25a9f75b91ae374875b50831e57fefaed95d7c889b2715a6ae77
51c8dc48fb49d5df075bf32d6655815cce9440a80bef0458f72a5bb85fa96d4f
53d7b4a19e87c986d89f8e4418ef1ab5bcf78e8cd08b46474fc6f20b77f0ee37
53db1f4d6216aacd78982eb511f3c9f566215fa61bb8bd0386996e8555669e31
56bca40377a36110726e72e5696928d331e4ba8d6b659628ef0facfc771106ce
590e38aae6503702005712170890304e4572b4e69c4570db6ad3fc8df83a2eed
5df0c28d36c50afa0bdb0d7295a9e2954cb87d1be52ba5f0411b80ad45190cf4
60622ff81e41efcf603fea2b68a90ab6b7b40249e75cc9202267be01e1f4eb37
65f90d33ccc60083274fb894dd7ec9b2b8232e30fd35574fc4ffe6d7540c6035
67c07513ee3ba04563d745b390905c556d69ed9443cd2a938f9684780af975f2
685fd29bb97149119459a65d5ed73dff53bda2ff780e39a420cf9dc848055d81
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
7059b230892d61e2896dd84912299fd1761173e4fde7bf63a57e3236d39fc2ab
70cef68a14dc6fea5efb0ec90f7b25a6db1a3d8e78f0bebfd1ed2fff944fa8ef
77d9e4c1c3770601bfc1229b854a8a43742acefe640aed0286fbd5a25b507c29
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
82141fb03c9d113e4c6d056c541f815ba55f4d6834dd503db3eec1a2849d67b4
855230e1321917153b6859521e1ccfab0dce7497f88645e73d7e6db9c4bbe3b1
86405ad7e9e2318805c094312122d66e4db3bb979b9bbc374034686809d7e602
8825657afdcd7955b2766e202d7cd03abde70a880ab88762ac17611f15b86fde
8b41724559bbaec81ed26ff1c25a2278c460d5f60d5e504fbe8d4bd63917c003
9b12a2939da000634985732eec2f41bebba06896115da8223156d61e32a1acb6
9b318389f48d9265ad3633a60eff337cae5daebf4801bf24a748448dc3bf1e81
9d3c3fc8d20bffc7f73c6e6911b069f5ac8699dbed72cc16d32867f53299cf1e
9f5dac8090a51f42f035b70d5ad75d1322a4bee0fa5108c78cf792fb38143d93
a769166be88381ff553dd898537609ee8a973c37bd5ba3890d6ea0bb7fc2a41c
a8337fa9e385a2062bd55212a3e8b90638f04cbe00c7b82afabcc6666767c4ac
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac25e507a93143b2594644ee9476ef12ca5de2afda9864b4e97b971c9b9eaf70
b3ea662dcc887e48c953228d2fac74e5eb89936d4f3ae1b6ba832748c762d6ee
b6d70c26845a28f260270a5833b1eca560ff6611eb468e724797e11cbea98437
bcba42fb1a111f32f153985fb9431ca029328f90bca6e88a174ba67750f8ba45
beab0925411db8011ffdccfd62b56128a4955bf79f880fc4e06cf8a2167a70b6
c24c8a68f1ffcf9b37963dfdf26c4874c307feceac1245180f85db1da436416a
c6295da73984e5377e1b48eaeec243003e60d5a8f25632c6e3fff6d1692e0509
cddd450a33be5e50d6f27aea78d2e278beae2762678b22fc2dcee8de29cbc0be
cfa9603baa93612a1b37809e9b2eba09a87ec42ad81ba6c532d2eac56cde5b85
cfe7ef632a30bf34f20b8ba9fd1aebb08c921876595c5f834d3e65b944707dfc
d083b5aae7ae63dbb124221b5127a3d8f920a285e809de470fd3a9ff6e800df5
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
dbe6be0e073ef8f6c2d571bac537e4c9b6584f10f778291dd32367b58d0ab6f5
dfe0c5eac826bfe86c25808d4495110dabe4cda68efa77fe5d418891618be387
e0dc0f2c2b6053e08bcaf54fed36660cd737ea710d9200b7bc95e365a537fb63
e1cfa0d0866ae51327ceaf094bd64b9d944b85aa26722655a732e17dc3559d53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b92dc7ae4c3419f3325261ca30d76dc163b5ea628196dc493ea4152fca379f
e78f84966ee86dea35eda9fc910456f2c7428bb8dbea9d1cab33d1118ddf043e
eb72cf8bc16ae7e076019208d00588b8c7ecb8aebb0d830acd10811b2eb98e8a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11af62e51ca79eacfcfc9165c98e69f326f28d0cb06fe694f74378be2bd6922
f4061480e7f8a1524a25df6dbd817ba28fbdb10c45c8fc72d35c084d08475536
f56d444f1b834795144ea476dc03945ce2affd436b59e7a98ddd6ab1d3a1bd2a