urlscan.io logo urlscan.io
SecurityTrails logo

my.axa.lu Open in urlscan Pro
85.222.140.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://my.axa.lu/
Effective URL: https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Submission: On October 12 via manual from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 85.222.140.10, located in United States and belongs to SALESFORCE, US. The main domain is my.axa.lu.
TLS certificate: Issued by Thawte TLS RSA CA G1 on May 22nd 2023. Valid for: a year.
This is the only time my.axa.lu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 19 85.222.140.10 14340 (SALESFORCE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 4
Apex Domain
Subdomains		 Transfer
19 axa.lu
my.axa.lu
3 MB
1 gstatic.com
www.gstatic.com
187 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
0 googletagmanager.com Failed
www.googletagmanager.com Failed
19 4
Domain Requested by
19 my.axa.lu 3 redirects my.axa.lu
1 www.gstatic.com www.google.com
1 www.google.com my.axa.lu
0 www.googletagmanager.com Failed my.axa.lu
19 4

This site contains links to these domains. Also see Links.

Domain
axa.lu
Subject Issuer Validity Valid
www.my.axa.lu
Thawte TLS RSA CA G1		 2023-05-22 -
2024-05-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Frame ID: 075EDC521A77D0448A38252DF1BCA24B
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://my.axa.lu/ HTTP 301
    https://my.axa.lu/s/ Page URL
  2. https://my.axa.lu/s/login?ec=302&startURL=%2Fs%2F HTTP 302
    https://my.axa.lu/s/login/?ec=302&startURL=%2Fs%2F HTTP 301
    https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

19
Requests

95 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2816 kB
Transfer

7835 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://my.axa.lu/ HTTP 301
    https://my.axa.lu/s/ Page URL
  2. https://my.axa.lu/s/login?ec=302&startURL=%2Fs%2F HTTP 302
    https://my.axa.lu/s/login/?ec=302&startURL=%2Fs%2F HTTP 301
    https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://my.axa.lu/ HTTP 301
  • https://my.axa.lu/s/

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
my.axa.lu/s/
Redirect Chain
  • https://my.axa.lu/
  • https://my.axa.lu/s/
1 KB
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
must-revalidate,no-cache,no-store
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 12 Oct 2023 08:22:52 GMT
referrer-policy
origin-when-cross-origin
server
sfdcedge
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-sfdc-request-id
b32639fcb53f9bf347be611efc829ca1
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-length
0
content-security-policy
upgrade-insecure-requests
date
Thu, 12 Oct 2023 08:22:52 GMT
location
https://my.axa.lu/s/
referrer-policy
origin-when-cross-origin
server
sfdcedge
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-sfdc-request-id
733ced0f1ab258e03a8241e600f74d98
x-xss-protection
1; mode=block
Primary Request /
my.axa.lu/s/login/
Redirect Chain
  • https://my.axa.lu/s/login?ec=302&startURL=%2Fs%2F
  • https://my.axa.lu/s/login/?ec=302&startURL=%2Fs%2F
  • https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
203 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Requested by
Host: my.axa.lu
URL: https://my.axa.lu/s/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
0032719140de95c16b3527a5c7b97024bf88388548355ba48835f7a8ee6cefc2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.axa.lu/s/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-encoding
gzip
content-security-policy
upgrade-insecure-requests frame-ancestors 'self'
content-type
text/html;charset=UTF-8
date
Thu, 12 Oct 2023 08:22:53 GMT
expires
Wed, 12 Oct 2022 08:22:53 GMT
last-modified
Wed, 12 Oct 2022 08:22:53 GMT
link
</s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/app.js?2=>;rel=preload;as=script;nopush
referrer-policy
origin-when-cross-origin
server
sfdcedge
server-timing
Total;dur=251
strict-transport-security
max-age=63072000; includeSubDomains
timing-allow-origin
*
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sfdc-request-id
21d622fbe9435ab9f9d3e8609ad1f06b
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-security-policy
upgrade-insecure-requests
date
Thu, 12 Oct 2023 08:22:53 GMT
location
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
referrer-policy
origin-when-cross-origin
server
sfdcedge
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-sfdc-request-id
785f00b82bfd2bdd2fbcde2de9e678bd
x-xss-protection
1; mode=block
aura_prod.js
my.axa.lu/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/ 		834 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
41ffc9bd80bc2fd05acc4a7f5244eb8638b493da3f8f8c103ace06e3a608407e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:22:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server-timing
Total;dur=72
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Wed, 11 Oct 2023 08:22:53 GMT
server
sfdcedge
x-sfdc-request-id
a97043e8338d0738e346dd9a0ac9b5d6
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
app.js
my.axa.lu/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22AP... 		2 MB
503 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/app.js?2=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
de6dd2a5a2e28e5c3c6b5f0a7eedce5174d45823973807914942ba5f747cde71
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:22:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 11 Oct 2023 08:22:53 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
9a98925a9e3ff64a4800b85616d25605
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: my.axa.lu
URL: https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
790fbfefda609afb7a8018b8236dfb5647cf26320186bf3c98ff1daff951ff2e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.axa.lu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:22:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 08:22:53 GMT
fonts.css
my.axa.lu/s/sfsites/runtimedownload/ 		36 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/sfsites/runtimedownload/fonts.css?lastMod=1687973121000&brandSet=6da4d444-b0ec-4cc0-82d2-7f8494a72e1c
Requested by
Host: my.axa.lu
URL: https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
8f4c9cc8fb2b652abd512dbcf104312910555e03e85ab6133d06431a430ff1c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:22:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 28 Jun 2023 17:25:21 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
ea9985bc85558de137bf64d44c7a3c69
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public,max-age=31536000
x-xss-protection
1; mode=block
expires
Fri, 11 Oct 2024 08:22:53 GMT
resources.js
my.axa.lu/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ%22%2C%2... 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDA0MzJlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/resources.js?pv=16970415780001106271274&rv=1697041769000
Requested by
Host: my.axa.lu
URL: https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
11c05e878e1d99dc7a6069977242d43a996d3d42ef4aa5119ed7a3dbe584a200
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:22:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 11 Oct 2023 08:22:53 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
e2760494c433209e15ba4a222de83870
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=31536000,immutable
x-xss-protection
1; mode=block
bootstrap.js
my.axa.lu/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ%22%2C%2... 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDA0MzJlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/bootstrap.js?aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%226da4d444-b0ec-4cc0-82d2-7f8494a72e1c%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%22e08a7f8c-440f-4932-b466-72f4511c556a%22%2C%22publishedChangelistNum%22%3A%2266%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Login%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: my.axa.lu
URL: https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
33aabcf2e7e61ed8993f5dc46f8f2f113b5a5cb66e6a9ff6f8bb8ba9803751dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:22:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 08:22:53 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
166d38950759e926b720446c467d6c47
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-xss-protection
1; mode=block
expires
Wed, 12 Oct 2022 08:22:53 GMT
app.css
my.axa.lu/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%2... 		1 MB
128 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AnapiliAuraTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AneutralTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%5D%2C%22tuid%22%3A%22C4aztG-yb-MMBjI3nkAamw%22%2C%22cuid%22%3A955639432%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?2=&aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%226da4d444-b0ec-4cc0-82d2-7f8494a72e1c%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%22e08a7f8c-440f-4932-b466-72f4511c556a%22%2C%22publishedChangelistNum%22%3A%2266%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Login%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: my.axa.lu
URL: https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
61e473db50c50130cd74a1ff0c6c22fc5f404d40412ec7d6425e7fb643e74784
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:22:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 11 Oct 2023 08:22:53 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
25e590d4c186070bea13ef15a8ebb5f2
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-xss-protection
1; mode=block
recaptcha__de.js
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ 		466 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://my.axa.lu/
Origin
https://my.axa.lu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:04:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190978
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 04:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Oct 2024 08:04:21 GMT
aura
my.axa.lu/s/sfsites/ 		119 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%229f68aba9-c08e-4ac4-a7b0-2ce05b2a543e%22%2C%22routeType%22%3A%22login-home%22%2C%22themeLayoutType%22%3A%22Login%22%2C%22params%22%3A%7B%22language%22%3A%22%22%2C%22ec%22%3A%22%22%2C%22startURL%22%3A%22%22%2C%22viewid%22%3A%22342f4def-c446-4118-a7b7-b49586ce29a5%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%7D%2C%22publishedChangelistNum%22%3A66%2C%22brandingSetId%22%3A%226da4d444-b0ec-4cc0-82d2-7f8494a72e1c%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDA0MzJlbl9VUw%22%2C%22uad%22%3Afalse%7D&aura.isAction=true
Requested by
Host: my.axa.lu
URL: https://my.axa.lu/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
10604684841c85742cd71e0652aa7e9959ad084d53f4539a7924f62c7527de91
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
db94ff8d-cd71-4529-9d4b-4bb6f0b0c590
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:22:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 11 Oct 2023 08:22:54 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
814a8fe6fcc470a9e953cd5250a6fbb0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=1800
x-xss-protection
1; mode=block
expires
Wed, 12 Oct 2022 08:22:54 GMT
js
www.googletagmanager.com/gtag/ 		0
0
mockuplogin3
my.axa.lu/file-asset/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.axa.lu/file-asset/mockuplogin3?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
0593e69ed56bd73895124256bfd867d42ef24be38f763849a38b93d81d628d92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:22:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="CUR OTR STA"
content-disposition
attachment; filename="mockuplogin3.jpg"; filename*=utf-8''mockuplogin3.jpg
content-length
1299431
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 12 Jun 2023 23:01:14 GMT
server
sfdcedge
x-sfdc-request-id
52ecf22dfdf46cba11939b095367e1cb
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private,max-age=3888000
expires
Sun, 26 Nov 2023 08:22:54 GMT
aura
my.axa.lu/s/sfsites/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/sfsites/aura?r=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1
Requested by
Host: my.axa.lu
URL: https://my.axa.lu/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
910e0472032ef65762437144c770802583a0f4b7e3cd3fcbcf3f178eefd57b0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
db94ff8d-cd71-4529-9d4b-4bb6f0b0c590
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 12 Oct 2023 08:22:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 08:22:54 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
cfde17a29dd29def039bd1dc88717143
vary
Origin, Accept-Encoding
content-type
application/json
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
server-timing
Total;dur=24
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 12 Oct 2022 08:22:54 GMT
aura
my.axa.lu/s/sfsites/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableAttributeLoaderController%2FACTION%24getComponentAttributes%22%2C%22callingDescriptor%22%3A%22markup%3A%2F%2Fsiteforce%3ApageLoader%22%2C%22params%22%3A%7B%22viewOrThemeLayoutId%22%3A%220be98860-9c47-4f18-8c3d-0072c2cf27a2%22%2C%22publishedChangelistNum%22%3A66%2C%22audienceKey%22%3A%22rcvzPnVZ8Anb9xTnbtO_Pw%22%7D%2C%22version%22%3A%2258.0%22%2C%22storable%22%3Atrue%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDA0MzJlbl9VUw%22%2C%22uad%22%3Afalse%7D&aura.isAction=true
Requested by
Host: my.axa.lu
URL: https://my.axa.lu/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
7463db12a2d55aab0f08def725ae9ff8e8da23e157807066b82d0011f40f5b9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
db94ff8d-cd71-4529-9d4b-4bb6f0b0c590
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:22:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 11 Oct 2023 08:22:54 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
43b4a8301b0b4fffa4d6a5e7b6be28bc
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=604800
x-xss-protection
1; mode=block
expires
Wed, 12 Oct 2022 08:22:54 GMT
aura
my.axa.lu/s/sfsites/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/sfsites/aura?r=3&applauncher.CommunityLogo.getCommunityName=1&applauncher.CommunityLogo.getLogoURL=1&applauncher.LoginForm.getForgotPasswordUrl=1&applauncher.LoginForm.getSelfRegistrationUrl=1&applauncher.LoginForm.getUsernamePasswordSelfRegEnabled=1&ui-communities-components-aura-components-forceCommunity-languagePicker.LanguagePicker.getInitData=1&ui-communities-components-aura-components-forceCommunity-richText.RichText.getParsedRichTextValue=3
Requested by
Host: my.axa.lu
URL: https://my.axa.lu/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
4b0e8bfc671c30c6dd4a43fc62ab3a0eb6665b010ade06a3154a3f47cd71579f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
db94ff8d-cd71-4529-9d4b-4bb6f0b0c590
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 12 Oct 2023 08:22:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 08:22:54 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
86241b6d9ce0cec6a9f9ffdd64121be9
vary
Origin, Accept-Encoding
content-type
application/json
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
server-timing
Total;dur=142
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 12 Oct 2022 08:22:54 GMT
aura
my.axa.lu/s/sfsites/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/sfsites/aura?r=4&applauncher.LoginForm.getLoginRightFrameUrl=1
Requested by
Host: my.axa.lu
URL: https://my.axa.lu/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
4fde4d74c1e270727c2a316ce60e1bb863c4012008a7e88ec91285f18942541a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
db94ff8d-cd71-4529-9d4b-4bb6f0b0c590
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 12 Oct 2023 08:22:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 08:22:54 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
4440ca7797bed55fcd961ae628d01442
vary
Origin, Accept-Encoding
content-type
application/json
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
server-timing
Total;dur=38
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 12 Oct 2022 08:22:54 GMT
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13ae7e5a59de6cef3c3cedeaa348b17157b3cbc2b1bc9607c6d84ced4d137269

Request headers

Referer
https://my.axa.lu/
Origin
https://my.axa.lu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
application/x-font-woff
aura
my.axa.lu/s/sfsites/ 		1 MB
312 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.axa.lu/s/sfsites/aura?r=5&aura.Component.getComponentDef=1
Requested by
Host: my.axa.lu
URL: https://my.axa.lu/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
0e0f5e5a16eb06769e25744c243b8df5401fe58a3d9e594d4f8d9a09eacfa123
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
db94ff8d-cd71-4529-9d4b-4bb6f0b0c590
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 12 Oct 2023 08:22:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 08:22:54 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
05b7af86b323b3f253d66e714d6f449f
vary
Origin, Accept-Encoding
content-type
application/json
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-xss-protection
1; mode=block
expires
Wed, 12 Oct 2022 08:22:54 GMT
servlet.ImageServer
my.axa.lu/servlet/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.axa.lu/servlet/servlet.ImageServer?id=0157T000000xrAw&oid=00D2X000001e8Eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.10 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge2-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
8cabb7dd679bf69178e893e6af5ec99750f5585867b567c6f96f80a318da2858
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.axa.lu/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 08:22:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 7 Sep 2023 08:05:44 GMT
referrer-policy
origin-when-cross-origin
server
sfdcedge
x-sfdc-request-id
b86c2568437d1411752d2cfe27c794e7
content-security-policy-report-only
default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob: file:; frame-ancestors 'self' *.salesforce.com *.force.com *.visualforce.com *.documentforce.com; font-src https: data: blob: file:; connect-src 'self' https:; report-uri https://csp-report.force.com/_/ContentDomainCSPNoAuth?type=communities
content-type
image/png
cache-control
public,max-age=900
x-xss-protection
1; mode=block
expires
Thu, 12 Oct 2023 08:37:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=265385622

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| verifyCallback function| expireCallback function| errorCallback object| picassoSPA string| comm__attrVariationKey number| pageStartTime object| Aura object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify object| recaptcha function| Router object| dataLayer function| gtag

4 Cookies

Domain/Path Name / Value
my.axa.lu/s Name: renderCtx
Value: %7B%22pageId%22%3A%22e08a7f8c-440f-4932-b466-72f4511c556a%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%226da4d444-b0ec-4cc0-82d2-7f8494a72e1c%22%2C%22audienceIds%22%3A%226Au7R000000TO8r%2C6Au7R000000TO8w%2C6Au7R000000TO8i%22%7D
my.axa.lu/ Name: CookieConsentPolicy
Value: 0:1
my.axa.lu/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
my.axa.lu/ Name: sfdc-stream
Value: !+kA9zYy0kNl9TWyqk5M6p1cSZk14XomskjO+BxmgTJWcPp/0izOj5jnXv6ZhBTbO7rQvtah7OitJTw==

1 Console Messages

Source Level URL
Text
security error URL: https://my.axa.lu/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js(Line 12)
Message:
Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=265385622' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/ https://payments.salesforce.com/ https://js.stripe.com/ import: blob: https://uip.canary.lwc.dev https://www.google.com https://gstatic.com https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__fr.js https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__fr.js https://www.gstatic.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

my.axa.lu
www.google.com
www.googletagmanager.com
www.gstatic.com
www.googletagmanager.com
2a00:1450:4001:800::2003
2a00:1450:4001:813::2004
85.222.140.10
0032719140de95c16b3527a5c7b97024bf88388548355ba48835f7a8ee6cefc2
0593e69ed56bd73895124256bfd867d42ef24be38f763849a38b93d81d628d92
0e0f5e5a16eb06769e25744c243b8df5401fe58a3d9e594d4f8d9a09eacfa123
10604684841c85742cd71e0652aa7e9959ad084d53f4539a7924f62c7527de91
11c05e878e1d99dc7a6069977242d43a996d3d42ef4aa5119ed7a3dbe584a200
13ae7e5a59de6cef3c3cedeaa348b17157b3cbc2b1bc9607c6d84ced4d137269
33aabcf2e7e61ed8993f5dc46f8f2f113b5a5cb66e6a9ff6f8bb8ba9803751dd
41ffc9bd80bc2fd05acc4a7f5244eb8638b493da3f8f8c103ace06e3a608407e
4b0e8bfc671c30c6dd4a43fc62ab3a0eb6665b010ade06a3154a3f47cd71579f
4fde4d74c1e270727c2a316ce60e1bb863c4012008a7e88ec91285f18942541a
61e473db50c50130cd74a1ff0c6c22fc5f404d40412ec7d6425e7fb643e74784
7463db12a2d55aab0f08def725ae9ff8e8da23e157807066b82d0011f40f5b9c
790fbfefda609afb7a8018b8236dfb5647cf26320186bf3c98ff1daff951ff2e
8cabb7dd679bf69178e893e6af5ec99750f5585867b567c6f96f80a318da2858
8f4c9cc8fb2b652abd512dbcf104312910555e03e85ab6133d06431a430ff1c8
910e0472032ef65762437144c770802583a0f4b7e3cd3fcbcf3f178eefd57b0a
de6dd2a5a2e28e5c3c6b5f0a7eedce5174d45823973807914942ba5f747cde71
e57ecbca07885a20fc56dbae51642fe0e95b58c96dba6ea1c5cbb15417b9a0df