urlscan.io logo urlscan.io
SecurityTrails logo

www.assurance-voyage.axa-assistance.fr Open in urlscan Pro
34.149.129.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wwwcpfcu.com/
Effective URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On September 07 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 33 HTTP transactions. The main IP is 34.149.129.12, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.assurance-voyage.axa-assistance.fr.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 11th 2023. Valid for: a year.
This is the only time www.assurance-voyage.axa-assistance.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.172.228.26 14061 (DIGITALOC...)
1 2 52.117.247.211 36351 (SOFTLAYER)
1 1 168.119.4.34 24940 (HETZNER-AS)
1 2 35.186.231.97 15169 (GOOGLE)
1 13.224.189.92 16509 (AMAZON-02)
1 1 108.128.125.55 16509 (AMAZON-02)
15 34.149.129.12 396982 (GOOGLE-CL...)
1 104.18.131.236 13335 (CLOUDFLAR...)
12 143.204.215.120 16509 (AMAZON-02)
33 7
1    167.172.228.26 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
wwwcpfcu.com
2    52.117.247.211 (United States)

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
myckdom.com
p374591.myckdom.com
1    168.119.4.34 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.34.4.119.168.clients.your-server.de
biddm.com
2    35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com
clk.tradedoubler.com
1    13.224.189.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-92.fra2.r.cloudfront.net
vht.tradedoubler.com
1    108.128.125.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-125-55.eu-west-1.compute.amazonaws.com
redirects.tradedoubler.com
15    34.149.129.12 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 12.129.149.34.bc.googleusercontent.com
www.assurance-voyage.axa-assistance.fr
1    104.18.131.236 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
12    143.204.215.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-120.fra53.r.cloudfront.net
sw-assets.ekomiapps.de
smart-widget-assets.ekomiapps.de
Apex Domain
Subdomains		 Transfer
15 axa-assistance.fr
www.assurance-voyage.axa-assistance.fr
423 KB
12 ekomiapps.de
sw-assets.ekomiapps.de — Cisco Umbrella Rank: 129381
smart-widget-assets.ekomiapps.de — Cisco Umbrella Rank: 143401
200 KB
4 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 94176
vht.tradedoubler.com — Cisco Umbrella Rank: 90323
redirects.tradedoubler.com — Cisco Umbrella Rank: 123597
6 KB
2 myckdom.com
myckdom.com — Cisco Umbrella Rank: 196792
p374591.myckdom.com
1 KB
1 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 377
2 KB
1 biddm.com
biddm.com
584 B
1 wwwcpfcu.com
wwwcpfcu.com
2 KB
0 lfr.cloud Failed
webserver-salesaxapartners-prd.lfr.cloud Failed
0 googletagmanager.com Failed
www.googletagmanager.com Failed
33 9
Domain Requested by
15 www.assurance-voyage.axa-assistance.fr www.assurance-voyage.axa-assistance.fr
8 sw-assets.ekomiapps.de www.assurance-voyage.axa-assistance.fr
smart-widget-assets.ekomiapps.de
sw-assets.ekomiapps.de
4 smart-widget-assets.ekomiapps.de sw-assets.ekomiapps.de
smart-widget-assets.ekomiapps.de
2 clk.tradedoubler.com 1 redirects p374591.myckdom.com
1 cdn.cookielaw.org www.assurance-voyage.axa-assistance.fr
1 redirects.tradedoubler.com 1 redirects
1 vht.tradedoubler.com clk.tradedoubler.com
1 biddm.com 1 redirects
1 p374591.myckdom.com
1 myckdom.com 1 redirects
1 wwwcpfcu.com 1 redirects
0 webserver-salesaxapartners-prd.lfr.cloud Failed
0 www.googletagmanager.com Failed www.assurance-voyage.axa-assistance.fr
33 13
Subject Issuer Validity Valid
*.myckdom.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-20 -
2024-03-20		 a year crt.sh
*.tradedoubler.com
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
sales-services.axapartners.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-07-10		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
ekomiapps.de
Amazon RSA 2048 M02		 2023-02-22 -
2023-12-13		 10 months crt.sh

This page contains 1 frames:

Primary Page: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Frame ID: 5B03C872FC0DCD7C964B05DE4E62D6F8
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Assurance Voyage à l'Étranger - dès 10,99 € - AXAarrowFull arrowChevronHealthkitPencalendardollareuropoundyencheckfilegearpinLocatorfamilydownload

Page URL History Show full URLs

  1. http://wwwcpfcu.com/ HTTP 302
    https://myckdom.com/aS/feedclick?s=FmF2hyxTopf0UvlLfHqu4yvYlb4oD4fZKx_EOOG6jvaabpdkJDqlujZTiQMvA... HTTP 302
    https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBgHPYePAwemZUfCZl9O_NDNJc-0LMrf-9... Page URL
  2. https://biddm.com/czszl0k.php?key=ihqcqg45vr7634mntn22&subid=90671650388&bid=0.0008&site=44776... HTTP 302
    https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=c5580scmy8ry9vrc2f Page URL
  3. https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=c5580scmy8ry9vrc2f HTTP 302
    http://redirects.tradedoubler.com/projectr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tra... HTTP 302
    https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

94 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

7
IPs

4
Countries

631 kB
Transfer

1225 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wwwcpfcu.com/ HTTP 302
    https://myckdom.com/aS/feedclick?s=FmF2hyxTopf0UvlLfHqu4yvYlb4oD4fZKx_EOOG6jvaabpdkJDqlujZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySs4_k_wpXh0MakMa_tKTK9AWv6tOH8lSlHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy9TLrKggI6g8KZHzIKXcEymKVIx5TDN2wyYG45H1AF_oNaFV2WKVkruu6oiK1oWo5SC3JVvMUn4xGSb6d0vckErF5mhAx9KWOo4gpjVlpnRgBvStvqS38vdw67b8hKHnSp5Pvhm4AP2Lr0lN-X0Co6-s8Q1ugluGdsETiq8MfAF6vWOZpVQLNMk1f6oOVfxJPZoRW2U1HUxNH2tzlZMw_7jrmTMHURjI972KZ7bVfhP_aOShXb4GN_AKuZxIAXHAJ49pQK-WK77CFtAmKRIZ-HimLA1ig9avZUVy2Hz2UEau7eX5V9NVpksJH8x8oL8KAd1-nqdCK1HhmaWAjDokqQw4Moehi4505U4ywEHEgeN1nmq9eym2b5rEUnlCE-MRcp4eW268rfQC_nQXQ_PsiTSysRfJyODOc_p1rZkWDDpzmU4w8DpaPkExZTKTxNoF04TZqqv5DVBQI1Pt51vND8ngREvdeZKl3mfVD2qpnr5WnNTRCLKqiXaqxbNQBaSTgSZ1rAvBPmrloJ9NVUpNJKAmuuqHt6TKUdyS8OW-uucrSry6PgRDHvaLRKyPtCyR40-SSP9-6f3euAvekFo9g_AuIJ2DKjkLggBwf1eNx878ToAXiBC6wNZF6a3deah6pfRLEZLMoUI1pXzzmP2V51Q37Y2kR1Y7tEhluDaQarRkYUX3DxO3PmuBlm8nugBpB6wEGexGLYw_r5Fj4g55KypAWILgZ_GghAa7hbh-KQc8WzQZKLly6neNSRFg5eFkOixoCuSUuCh_2BEKIUeSD6f1eQv7XI_KJGC-Jj7CFGzSms8LATB74En-k2zvr25vyQkD7V3CU3nEIF9NIoDhXFZJZpSbldabFQU1tpYnVQZLhaz7jHmCnQWdXeu2Clj-JJb0BI-sEx-0hs7ulaWXAZ1UZlfGCaFHcg3P5BTS1B7GNLWyNNIN2_GNOcEboouiHDKpXu0RNHtw_6jVreAeNlrUZVbKx5ZbArpzuiINOnENpA53L4q1tx375iqyReKZEIvuh6oSZAspur0hpjotjEhlYx0uFVn5vmhmq6QBtMGfe6KGTsi_XG52tYyIq3mcuBOz7KUuHHuSMplc6ZB7isT6PveFEqsink4W5vFKBt4gD4_n7xy5fqfgAjIQkU9J1eY7M4qRIFyS_CtWwoJlhuIy20I2LkoOFT5AdLCbUZP7EdRWAT5y5pgmCFHjp2USxHV4Ja67rjSss1NoIg4tz-g6PveFEqsinlXgeUv9xV8GMHb7GoR2Ht6DmPzB47ChNOYyj5NLj8YP3VMWGI-xeYLani7cSPLcIGfFGyMS0SR3zmMMKiT1gysAc9h48DB6ZklEzOD5GfDvphXp8gBWaLBAQCgbiPhPVVt51jBqPLKy6hEpuhu41NI4HJunKpK9iEy3FezKFWRhOAC65C0UOyRJg1v6JbB0DQ HTTP 302
    https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBgHPYePAwemZUfCZl9O_NDNJc-0LMrf-9ffaeV5GG9s7x_DjOBQJt_Qbo17k37XGemU6ogLLsDye9DAKS8HJHrdU2YN1h0sSZnV3rtgpY_iSW9ASPrBMftIFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgZ9Q28zIGxrc6PveFEqsinllPiCT55VdXwlt7BALO2dZ_IOo_CvZ6uBs1qgfzF7mPKwWcH55acyZPAFY476kfm8Soh19S_gLkhVZML07xUedx5dHD-ND2PrTrgoNXtpAE3TORAlHhCyX5EJo2RPerI6fAz2xm0jbSTdCSSk0HQobo4hmEPlRnzNQSkPP_zslyIGn2fbA7x7dBcvS231v-nbhaDpz3wbaeJ4pMRA851oFFtGHlaE3QDF6P_CYCJRt6hYEa7djHvbYDJr5MdVv7Xl1Nxo7QkWj239LxYgWPuLOAybR1bmtoJo&ui=FmF2hyxTopf0UvlLfHqu442feeUEaJ2oIaIc3yOo5HJbWdKHdzPQN7CwoBm-kLNbn006L_ZdT5EF4X0uhvIt3uZYuL-KuYTc-vayGxRUOauuzQECcY8zAw&si=1&oref=a4e5ddd3fa71890442e0bb3261eca518&optunit=Kl1lJQDc7RqtK6Mz5FaVqw&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0 Page URL
  2. https://biddm.com/czszl0k.php?key=ihqcqg45vr7634mntn22&subid=90671650388&bid=0.0008&site=447767331&os=Windows+10&browser=Chrome+116&carrier=UNKNOWN&device=Desktop&geo=FR&language=@@LANGUAGE@@&keyword=wwwcpfcu.com+RO+checking+account+Finance+commercial+bank+ebanking&campaign_name=TD13+-+AXA+Assistance+FR++Win HTTP 302
    https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=c5580scmy8ry9vrc2f Page URL
  3. https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=c5580scmy8ry9vrc2f HTTP 302
    http://redirects.tradedoubler.com/projectr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr&_td_deeplink=https://www.assurance-voyage.axa-assistance.fr/ HTTP 302
    https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wwwcpfcu.com/ HTTP 302
  • https://myckdom.com/aS/feedclick?s=FmF2hyxTopf0UvlLfHqu4yvYlb4oD4fZKx_EOOG6jvaabpdkJDqlujZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySs4_k_wpXh0MakMa_tKTK9AWv6tOH8lSlHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy9TLrKggI6g8KZHzIKXcEymKVIx5TDN2wyYG45H1AF_oNaFV2WKVkruu6oiK1oWo5SC3JVvMUn4xGSb6d0vckErF5mhAx9KWOo4gpjVlpnRgBvStvqS38vdw67b8hKHnSp5Pvhm4AP2Lr0lN-X0Co6-s8Q1ugluGdsETiq8MfAF6vWOZpVQLNMk1f6oOVfxJPZoRW2U1HUxNH2tzlZMw_7jrmTMHURjI972KZ7bVfhP_aOShXb4GN_AKuZxIAXHAJ49pQK-WK77CFtAmKRIZ-HimLA1ig9avZUVy2Hz2UEau7eX5V9NVpksJH8x8oL8KAd1-nqdCK1HhmaWAjDokqQw4Moehi4505U4ywEHEgeN1nmq9eym2b5rEUnlCE-MRcp4eW268rfQC_nQXQ_PsiTSysRfJyODOc_p1rZkWDDpzmU4w8DpaPkExZTKTxNoF04TZqqv5DVBQI1Pt51vND8ngREvdeZKl3mfVD2qpnr5WnNTRCLKqiXaqxbNQBaSTgSZ1rAvBPmrloJ9NVUpNJKAmuuqHt6TKUdyS8OW-uucrSry6PgRDHvaLRKyPtCyR40-SSP9-6f3euAvekFo9g_AuIJ2DKjkLggBwf1eNx878ToAXiBC6wNZF6a3deah6pfRLEZLMoUI1pXzzmP2V51Q37Y2kR1Y7tEhluDaQarRkYUX3DxO3PmuBlm8nugBpB6wEGexGLYw_r5Fj4g55KypAWILgZ_GghAa7hbh-KQc8WzQZKLly6neNSRFg5eFkOixoCuSUuCh_2BEKIUeSD6f1eQv7XI_KJGC-Jj7CFGzSms8LATB74En-k2zvr25vyQkD7V3CU3nEIF9NIoDhXFZJZpSbldabFQU1tpYnVQZLhaz7jHmCnQWdXeu2Clj-JJb0BI-sEx-0hs7ulaWXAZ1UZlfGCaFHcg3P5BTS1B7GNLWyNNIN2_GNOcEboouiHDKpXu0RNHtw_6jVreAeNlrUZVbKx5ZbArpzuiINOnENpA53L4q1tx375iqyReKZEIvuh6oSZAspur0hpjotjEhlYx0uFVn5vmhmq6QBtMGfe6KGTsi_XG52tYyIq3mcuBOz7KUuHHuSMplc6ZB7isT6PveFEqsink4W5vFKBt4gD4_n7xy5fqfgAjIQkU9J1eY7M4qRIFyS_CtWwoJlhuIy20I2LkoOFT5AdLCbUZP7EdRWAT5y5pgmCFHjp2USxHV4Ja67rjSss1NoIg4tz-g6PveFEqsinlXgeUv9xV8GMHb7GoR2Ht6DmPzB47ChNOYyj5NLj8YP3VMWGI-xeYLani7cSPLcIGfFGyMS0SR3zmMMKiT1gysAc9h48DB6ZklEzOD5GfDvphXp8gBWaLBAQCgbiPhPVVt51jBqPLKy6hEpuhu41NI4HJunKpK9iEy3FezKFWRhOAC65C0UOyRJg1v6JbB0DQ HTTP 302
  • https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBgHPYePAwemZUfCZl9O_NDNJc-0LMrf-9ffaeV5GG9s7x_DjOBQJt_Qbo17k37XGemU6ogLLsDye9DAKS8HJHrdU2YN1h0sSZnV3rtgpY_iSW9ASPrBMftIFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgZ9Q28zIGxrc6PveFEqsinllPiCT55VdXwlt7BALO2dZ_IOo_CvZ6uBs1qgfzF7mPKwWcH55acyZPAFY476kfm8Soh19S_gLkhVZML07xUedx5dHD-ND2PrTrgoNXtpAE3TORAlHhCyX5EJo2RPerI6fAz2xm0jbSTdCSSk0HQobo4hmEPlRnzNQSkPP_zslyIGn2fbA7x7dBcvS231v-nbhaDpz3wbaeJ4pMRA851oFFtGHlaE3QDF6P_CYCJRt6hYEa7djHvbYDJr5MdVv7Xl1Nxo7QkWj239LxYgWPuLOAybR1bmtoJo&ui=FmF2hyxTopf0UvlLfHqu442feeUEaJ2oIaIc3yOo5HJbWdKHdzPQN7CwoBm-kLNbn006L_ZdT5EF4X0uhvIt3uZYuL-KuYTc-vayGxRUOauuzQECcY8zAw&si=1&oref=a4e5ddd3fa71890442e0bb3261eca518&optunit=Kl1lJQDc7RqtK6Mz5FaVqw&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Request Chain 1
  • https://biddm.com/czszl0k.php?key=ihqcqg45vr7634mntn22&subid=90671650388&bid=0.0008&site=447767331&os=Windows+10&browser=Chrome+116&carrier=UNKNOWN&device=Desktop&geo=FR&language=@@LANGUAGE@@&keyword=wwwcpfcu.com+RO+checking+account+Finance+commercial+bank+ebanking&campaign_name=TD13+-+AXA+Assistance+FR++Win HTTP 302
  • https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=c5580scmy8ry9vrc2f

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
domainClick
p374591.myckdom.com/adServe/
Redirect Chain
  • http://wwwcpfcu.com/
  • https://myckdom.com/aS/feedclick?s=FmF2hyxTopf0UvlLfHqu4yvYlb4oD4fZKx_EOOG6jvaabpdkJDqlujZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySs4_k_wpXh0MakMa_tKTK9AWv6tOH8lSlHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyy...
  • https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBgHPYePAwemZUfCZl9O_NDNJc-0LMrf-9ffaeV5GG9s7x_DjOBQJt_Qbo17k37XGemU6ogLLsDye9DAKS8HJHrdU2YN1h0sSZnV3rtgpY_iSW9ASPrBMftIFthD195...
505 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBgHPYePAwemZUfCZl9O_NDNJc-0LMrf-9ffaeV5GG9s7x_DjOBQJt_Qbo17k37XGemU6ogLLsDye9DAKS8HJHrdU2YN1h0sSZnV3rtgpY_iSW9ASPrBMftIFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgZ9Q28zIGxrc6PveFEqsinllPiCT55VdXwlt7BALO2dZ_IOo_CvZ6uBs1qgfzF7mPKwWcH55acyZPAFY476kfm8Soh19S_gLkhVZML07xUedx5dHD-ND2PrTrgoNXtpAE3TORAlHhCyX5EJo2RPerI6fAz2xm0jbSTdCSSk0HQobo4hmEPlRnzNQSkPP_zslyIGn2fbA7x7dBcvS231v-nbhaDpz3wbaeJ4pMRA851oFFtGHlaE3QDF6P_CYCJRt6hYEa7djHvbYDJr5MdVv7Xl1Nxo7QkWj239LxYgWPuLOAybR1bmtoJo&ui=FmF2hyxTopf0UvlLfHqu442feeUEaJ2oIaIc3yOo5HJbWdKHdzPQN7CwoBm-kLNbn006L_ZdT5EF4X0uhvIt3uZYuL-KuYTc-vayGxRUOauuzQECcY8zAw&si=1&oref=a4e5ddd3fa71890442e0bb3261eca518&optunit=Kl1lJQDc7RqtK6Mz5FaVqw&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 13:04:56 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Thu, 07 Sep 2023 13:04:56 GMT
location
https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBgHPYePAwemZUfCZl9O_NDNJc-0LMrf-9ffaeV5GG9s7x_DjOBQJt_Qbo17k37XGemU6ogLLsDye9DAKS8HJHrdU2YN1h0sSZnV3rtgpY_iSW9ASPrBMftIFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgZ9Q28zIGxrc6PveFEqsinllPiCT55VdXwlt7BALO2dZ_IOo_CvZ6uBs1qgfzF7mPKwWcH55acyZPAFY476kfm8Soh19S_gLkhVZML07xUedx5dHD-ND2PrTrgoNXtpAE3TORAlHhCyX5EJo2RPerI6fAz2xm0jbSTdCSSk0HQobo4hmEPlRnzNQSkPP_zslyIGn2fbA7x7dBcvS231v-nbhaDpz3wbaeJ4pMRA851oFFtGHlaE3QDF6P_CYCJRt6hYEa7djHvbYDJr5MdVv7Xl1Nxo7QkWj239LxYgWPuLOAybR1bmtoJo&ui=FmF2hyxTopf0UvlLfHqu442feeUEaJ2oIaIc3yOo5HJbWdKHdzPQN7CwoBm-kLNbn006L_ZdT5EF4X0uhvIt3uZYuL-KuYTc-vayGxRUOauuzQECcY8zAw&si=1&oref=a4e5ddd3fa71890442e0bb3261eca518&optunit=Kl1lJQDc7RqtK6Mz5FaVqw&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
server
nginx
click
clk.tradedoubler.com/
Redirect Chain
  • https://biddm.com/czszl0k.php?key=ihqcqg45vr7634mntn22&subid=90671650388&bid=0.0008&site=447767331&os=Windows+10&browser=Chrome+116&carrier=UNKNOWN&device=Desktop&geo=FR&language=@@LANGUAGE@@&keywo...
  • https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=c5580scmy8ry9vrc2f
852 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=c5580scmy8ry9vrc2f
Requested by
Host: p374591.myckdom.com
URL: https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBgHPYePAwemZUfCZl9O_NDNJc-0LMrf-9ffaeV5GG9s7x_DjOBQJt_Qbo17k37XGemU6ogLLsDye9DAKS8HJHrdU2YN1h0sSZnV3rtgpY_iSW9ASPrBMftIFthD195c5YTj-GPcsoI_bX2-RUHmZe-TbZh2vrFwOgZ9Q28zIGxrc6PveFEqsinllPiCT55VdXwlt7BALO2dZ_IOo_CvZ6uBs1qgfzF7mPKwWcH55acyZPAFY476kfm8Soh19S_gLkhVZML07xUedx5dHD-ND2PrTrgoNXtpAE3TORAlHhCyX5EJo2RPerI6fAz2xm0jbSTdCSSk0HQobo4hmEPlRnzNQSkPP_zslyIGn2fbA7x7dBcvS231v-nbhaDpz3wbaeJ4pMRA851oFFtGHlaE3QDF6P_CYCJRt6hYEa7djHvbYDJr5MdVv7Xl1Nxo7QkWj239LxYgWPuLOAybR1bmtoJo&ui=FmF2hyxTopf0UvlLfHqu442feeUEaJ2oIaIc3yOo5HJbWdKHdzPQN7CwoBm-kLNbn006L_ZdT5EF4X0uhvIt3uZYuL-KuYTc-vayGxRUOauuzQECcY8zAw&si=1&oref=a4e5ddd3fa71890442e0bb3261eca518&optunit=Kl1lJQDc7RqtK6Mz5FaVqw&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.231.186.35.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
978b28de907f2a089e5325353abd72d7b71a3dd57e5b1520fb961c5dc4d8ac37

Request headers

Referer
https://p374591.myckdom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
852
content-type
text/html; charset=ISO-8859-1
date
Thu, 07 Sep 2023 13:04:56 GMT
pragma
no-cache
referrer-policy
origin
server
TXServerHttp
via
1.1 google

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 13:04:57 GMT
Location
https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=c5580scmy8ry9vrc2f
Server
nginx/1.24.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=c5580scmy8ry9vrc2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-92.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
e88544a0b333b266c598a72cdef1ffb8cefbc24df90efef83c8f046df08967ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
Date
Wed, 06 Sep 2023 12:46:43 GMT
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA2-C1
Age
87495
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3598
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 01 Jun 2023 10:47:07 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
e-AqeWjCsUFsu8QGiwGe69WKvQYAa6vQaUz6zowXI0CYAOeYYMKDTQ==
Primary Request /
www.assurance-voyage.axa-assistance.fr/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=c5580scmy8ry9vrc2f
  • http://redirects.tradedoubler.com/projectr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr&_td_deeplink=https://www.assurance-voyage.axa-assistance.fr/
  • https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
203 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
7f646e6975dc85d7f94599023cbfdf0294a946dbe191b3cb3980c9ef456dc0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://clk.tradedoubler.com
Referer
https://clk.tradedoubler.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 07 Sep 2023 13:04:58 GMT
etag
W/"881e93ca"
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1

Redirect headers

Cache-control
no-cache="set-cookie"
Connection
keep-alive
Content-Length
1
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 13:04:57 GMT
Location
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Server
Apache/2.4.57 (Ubuntu)
index.js
www.assurance-voyage.axa-assistance.fr/o/frontend-js-svg4everybody-web/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/frontend-js-svg4everybody-web/index.js
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
32e1970356bfcfa99cc54aeaec6949785efb0eab022cab894f3c0dd3e9c4449f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 06:22:29 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Fri, 29 Apr 2022 06:01:44 GMT
age
24149
etag
"86a92ce7"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3096
x-xss-protection
1
neo.css
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/ 		206 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694003122000
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
f05d8b1021127ec868b6addd35c8dc5c3411753bfd2f858da3471c52ffc53e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
last-modified
Wed, 06 Sep 2023 12:25:22 GMT
age
1870
etag
W/"1b6619e6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23930
x-xss-protection
1
override.css
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/ 		1 KB
535 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/override.css?t=1694003122000
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
d8f284c5c340f59de5287a2caba4a774c510a9cd43e3b045ed008ae2b5a2a923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:30:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
last-modified
Wed, 06 Sep 2023 12:25:22 GMT
age
2080
etag
W/"f469e1b3"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
459
x-xss-protection
1
lazysizes.js
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/js/lazysizes.js?t=1694003122000
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
68968cee2f6a5854a60ac6174c545cf54d73fe63e8bfcfa8544e081a0ec431d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:36:50 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 06 Sep 2023 12:25:22 GMT
age
1688
etag
"d8e9185c"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8254
x-xss-protection
1
neo.js
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/js/ 		179 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/js/neo.js?t=1694003122000
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
66bedf1ae5a12cc02622a31ebe44e2c671b2d6d7a8b885b3fd638e7e43a49f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:36:50 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 06 Sep 2023 12:25:22 GMT
age
1688
etag
"5b96b8ac"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
182995
x-xss-protection
1
OtAutoBlock.js
cdn.cookielaw.org/consent/72ddb531-517f-470c-b237-dfef93481d9b/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/72ddb531-517f-470c-b237-dfef93481d9b/OtAutoBlock.js
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dc1eee7a96323d808db11fc2b6876cc8339e663fd00a7389556e8e5e210deb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 07 Sep 2023 13:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
27045
content-md5
f861GjUV44JOBvn59/ORmQ==
content-length
1912
x-ms-lease-status
unlocked
last-modified
Wed, 19 Apr 2023 15:39:24 GMT
server
cloudflare
etag
0x8DB40EC40AE4B91
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
04f0a95f-b01e-0029-1ed5-72aea4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
802f29211dbf063a-CDG
expires
Fri, 08 Sep 2023 13:04:59 GMT
gtm.js
www.googletagmanager.com/ 		0
0
widget.js
sw-assets.ekomiapps.de/static_resources/ 		346 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sw-assets.ekomiapps.de/static_resources/widget.js
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-120.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f51590d5dc8f61cfc0c025dfc89f35c726bef31ec33664ff8bebbb73e4fae660

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:08:09 GMT
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
last-modified
Mon, 26 Jun 2023 07:58:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1843012
etag
"87cc6c5e2b6611d43a3e35da657e4751"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
346
x-amz-cf-id
9zGkLLgugBi3N-_B7SN5dgl02oo_X28tcYraGZ8KNkfMdGb67OYhqw==
9bd44933-e960-3dd6-e4f2-2b2c0ba085ad
www.assurance-voyage.axa-assistance.fr/documents/1575110/1575873/Home_Page_Banner.gif/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.assurance-voyage.axa-assistance.fr/documents/1575110/1575873/Home_Page_Banner.gif/9bd44933-e960-3dd6-e4f2-2b2c0ba085ad?t=1670431037895
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
2acde4141b361a5114c686c1a8dc333c2d331a1b3d00e3ee1413fc02b5a43278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 20:22:16 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 07 Dec 2022 16:37:17 GMT
age
60163
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=3600,public
content-disposition
inline; filename="Home_Page_Banner.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74710
x-xss-protection
1
SourceSansPro-Regular-latin.woff2
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/fonts/SourceSansPro-Regular-latin.woff2
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694003122000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
596282470f6a49208b060d1c6eed24911abff11352aac51645cd265c3207abb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694003122000
Origin
https://www.assurance-voyage.axa-assistance.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 13:04:59 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 06 Sep 2023 12:12:48 GMT
etag
W/"17336-1694002368000"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17336
x-xss-protection
1
SourceSansPro-Bold-latin.woff2
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/fonts/SourceSansPro-Bold-latin.woff2
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694003122000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
7379ade3f55cccc84c6229d3cdc0475d6ed1e7641a747033b55e6f866857926a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694003122000
Origin
https://www.assurance-voyage.axa-assistance.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 13:04:59 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 06 Sep 2023 12:12:48 GMT
etag
W/"16932-1694002368000"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16932
x-xss-protection
1
SourceSansPro-Regular-latin-extended.woff2
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/fonts/SourceSansPro-Regular-latin-extended.woff2
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694003122000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
77eaa6a3b1fae1b8ac89890921dc2b807930a491af55aa90abc2cfe18536d42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694003122000
Origin
https://www.assurance-voyage.axa-assistance.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 13:04:59 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 06 Sep 2023 12:12:48 GMT
etag
W/"26700-1694002368000"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26700
x-xss-protection
1
1eade1e6-4a73-31f4-730d-86e69985692f
www.assurance-voyage.axa-assistance.fr/documents/42276/42868/suite_case.png/ 		325 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.assurance-voyage.axa-assistance.fr/documents/42276/42868/suite_case.png/1eade1e6-4a73-31f4-730d-86e69985692f?t=1526652133064
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
d7749beef876cdb9129bd50fa3ebbf2c288830e63a8aa5faf1ed388814c8cf9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 19:49:20 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 14:02:13 GMT
age
62139
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=3600,public
content-disposition
inline; filename="suite_case.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
325
x-xss-protection
1
baae025e-9e98-8446-fdb2-b3a518f2cb5c
www.assurance-voyage.axa-assistance.fr/documents/42276/42868/pencil.png/ 		305 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.assurance-voyage.axa-assistance.fr/documents/42276/42868/pencil.png/baae025e-9e98-8446-fdb2-b3a518f2cb5c?t=1526654442633
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
57d69a0c22fedb3b9456a9cb153f92aa763c4beb5f210aa052159ba6a593e0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 06:52:00 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 14:40:42 GMT
age
22379
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=3600,public
content-disposition
inline; filename="pencil.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
1
layout_set_logo
www.assurance-voyage.axa-assistance.fr/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.assurance-voyage.axa-assistance.fr/image/layout_set_logo?img_id=42322&t=1694003333755
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
0d75704ed2b6195a0b17f944c90e2c006c86ccbc88717ea6bef4fb045aa87f41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:31:03 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 06 Sep 2023 12:28:53 GMT
age
2036
etag
"347dcfdd"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2916
x-xss-protection
1
f-widget.js
smart-widget-assets.ekomiapps.de/static_resources/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Requested by
Host: sw-assets.ekomiapps.de
URL: https://sw-assets.ekomiapps.de/static_resources/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-120.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fcac0f4020279d0e32f8c27c13526f45257b03dcc5d84ef8b7bca82cced3f39

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 06:48:48 GMT
content-encoding
gzip
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
last-modified
Mon, 26 Jun 2023 07:58:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
2441773
etag
W/"0ab7548cdf2d3776c7ee855a48e8b71e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
BwlUmg-o8IlwPOAXL5v3_RDj01U_56ZWEStdBQyPbpKn4oULZY_u0w==
jquery.min.js
sw-assets.ekomiapps.de/static_resources/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sw-assets.ekomiapps.de/static_resources/jquery.min.js
Requested by
Host: smart-widget-assets.ekomiapps.de
URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-120.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d64872744533f880e2db04feaad26db4e3d8ea4588be10f479f639c1e9582f4d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 06:36:09 GMT
content-encoding
gzip
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
last-modified
Tue, 19 Nov 2019 20:26:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1751332
etag
W/"a15c0a89a27a8a9a8f01d2383c8aa86b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
CyyZ3SMZwhV-gpEzAv8g5EscSjxfXyabvMg0YlCWODIiUeEpQmffWA==
sf831715b17e931e7e83.json
smart-widget-assets.ekomiapps.de/data_files/widget/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://smart-widget-assets.ekomiapps.de/data_files/widget/sf831715b17e931e7e83.json
Requested by
Host: smart-widget-assets.ekomiapps.de
URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-120.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94fb8349729a1f55b6463274115d0eb0738407a5a743ff486cb07878e164707e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 08:46:34 GMT
content-encoding
gzip
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
15508
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 30 Aug 2023 12:20:35 GMT
server
AmazonS3
etag
W/"3292d4c8f6338e21017228ea79bac37a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=43200,public
x-amz-cf-id
dmszPTTWKmNkIjCwth5gNzEIaXV5toabQCGGnNqw-PCEj2kXuV06QA==
widget.css
sw-assets.ekomiapps.de/static_resources/ 		155 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sw-assets.ekomiapps.de/static_resources/widget.css
Requested by
Host: sw-assets.ekomiapps.de
URL: https://sw-assets.ekomiapps.de/static_resources/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-120.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59df6220fbd943e8cc4fd226f0174e5ddd07c60f0b30a1312fe797139cdb93b9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 05:08:10 GMT
content-encoding
gzip
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
last-modified
Mon, 07 Feb 2022 19:45:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1843012
etag
W/"b380c60d7d560b269c16c4b63ab64f7e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
x-amz-cf-id
eyixgfbF1dHFu4cePIzdZStQiJp42fKn4hRfp1GrtT4qCPfLYeZrvA==
83171_seller_summary.json
smart-widget-assets.ekomiapps.de/data_files/json/ 		171 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://smart-widget-assets.ekomiapps.de/data_files/json/83171_seller_summary.json
Requested by
Host: smart-widget-assets.ekomiapps.de
URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-120.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f9b62f110c44f7af112362d0768c689a5265883b8c0f7793a7d5f90092db0a1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 07:22:10 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
20572
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
171
last-modified
Thu, 07 Sep 2023 02:54:41 GMT
server
AmazonS3
etag
"829e444799859dffe3de76cb5461aa84"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=43200,public
accept-ranges
bytes
x-amz-cf-id
6_wwQ_Iy11-by2MxYo-ox5y5kucMlA7LqYxGBogf_DDL7JLF5mbXjw==
83171_schema.json
smart-widget-assets.ekomiapps.de/data_files/json/ 		7 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://smart-widget-assets.ekomiapps.de/data_files/json/83171_schema.json
Requested by
Host: smart-widget-assets.ekomiapps.de
URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-120.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cab81dec82a2a34c078e38c16ce2ea2d0fed56c179579a3d2e5160ba2d463051

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 08:46:34 GMT
content-encoding
gzip
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
15508
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 07 Sep 2023 02:54:41 GMT
server
AmazonS3
etag
W/"aa7467f73b3772bc0fc3e8ef8d037b6f"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=43200,public
x-amz-cf-id
nAbQjBQamFZM3D6w5GwC3KzGu2ZPRaPmdlzW8BQ9JS2ZGt8PFLKWAA==
fr_seal_silver-46.png
sw-assets.ekomiapps.de/resources/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sw-assets.ekomiapps.de/resources/fr_seal_silver-46.png
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-120.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2b881c9d8128c4016dbdddc6fff0c7594db532e2f4ef0c1bf7916906ba7afaf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 22:33:03 GMT
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
last-modified
Tue, 19 Nov 2019 20:25:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
138719
etag
"b2df4eae5e7cd54abfa35583f6d4734c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,public
accept-ranges
bytes
content-length
2622
x-amz-cf-id
l-Gpfjtrdd6xcpzrk1VD-gFqa2H5fla__gFobl4805JNtkWOkrdMMw==
stars_grey-214x35.png
sw-assets.ekomiapps.de/resources/ 		701 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sw-assets.ekomiapps.de/resources/stars_grey-214x35.png
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-120.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ba51a1691a42400fddc4ef5cdd2f11cf955f48d5270db69e60aa4d204e3e68

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:08:45 GMT
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
last-modified
Mon, 07 Feb 2022 19:52:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1936577
etag
"f52a98ef74c187b69a852d80e4e42155"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
701
x-amz-cf-id
ANudIPNPtSMpJQL6_7xWH9pLguzjq-dHMVTPd0hXOTuTwLtaGSW3yw==
stars_yellow-214x35.png
sw-assets.ekomiapps.de/resources/ 		741 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sw-assets.ekomiapps.de/resources/stars_yellow-214x35.png
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-120.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a56a77411e71dc71ba776f5c46fdfccacc4227e70b8aca4b49532803e3fcbaf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:08:45 GMT
via
1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
last-modified
Mon, 07 Feb 2022 19:52:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1936577
etag
"15ac86a72246b7134c42bfb860ea342c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
741
x-amz-cf-id
8wDLYW-PsjoEZSTMMNuoJdoR7NaWFrJzP_GvQFKd5grMDIWkdpNR-Q==
633d68c01b65eUbuntu-Bold.woff
sw-assets.ekomiapps.de/resources/ 		108 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sw-assets.ekomiapps.de/resources/633d68c01b65eUbuntu-Bold.woff
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-120.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0bd40fe555a0f74b252615c5a5fd35522aa234008d16e7265961f2cec586c3b

Request headers

Referer
https://www.assurance-voyage.axa-assistance.fr/
Origin
https://www.assurance-voyage.axa-assistance.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:56:50 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
9608892
x-cache
Hit from cloudfront
content-length
111016
last-modified
Wed, 05 Oct 2022 11:21:37 GMT
server
AmazonS3
etag
"278321edc4a28fc3f2441b1472e9347a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
x-amz-cf-id
8thXgxjTU3NaC97XyBrbSIsGql1dxaTRfm1JXEdZ_hAkZGoogD8qew==
opensans-semibold-webfont.woff2
sw-assets.ekomiapps.de/resources/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sw-assets.ekomiapps.de/resources/opensans-semibold-webfont.woff2
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-120.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d6e4381fc19b67932d247814a16bde5b26a26bbf7ef181c0d404365017047e8

Request headers

Referer
https://www.assurance-voyage.axa-assistance.fr/
Origin
https://www.assurance-voyage.axa-assistance.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:56:50 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
9608892
x-cache
Hit from cloudfront
content-length
19004
last-modified
Mon, 07 Feb 2022 19:50:06 GMT
server
AmazonS3
etag
"32fdf0989cad8e43dbd1177d17e7331f"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000,public
accept-ranges
bytes
x-amz-cf-id
AtRT_Rk8K7Ny4wVK_Lt--h1y24-vf_QhFVgC0-qaRUsGZvVCU0roXw==
81e9f3f0-a761-5dc0-1e85-e1fdbdf6e52b
www.assurance-voyage.axa-assistance.fr/documents/42276/42883/250x167_vignette_sante_coronavirus.jpg/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.assurance-voyage.axa-assistance.fr/documents/42276/42883/250x167_vignette_sante_coronavirus.jpg/81e9f3f0-a761-5dc0-1e85-e1fdbdf6e52b?t=1584376032458
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
c383da4a6a8b3ef5a775c42886723aa5653003975a41ac467e9dea416b4667f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 20:34:20 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Mon, 16 Mar 2020 16:27:12 GMT
age
59442
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=3600,public
content-disposition
inline; filename="250x167_vignette_sante_coronavirus.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10346
x-xss-protection
1
a85e9ccd-eb00-36db-7309-efe0d4271376
webserver-salesaxapartners-prd.lfr.cloud/documents/42276/0/Axa-assurance-voyage_Devis-en-ligne_rapide.jpg/ 		0
0
964fe82d-f059-ae04-ff4e-bc150cad075f
www.assurance-voyage.axa-assistance.fr/documents/42276/42883/250x167_vignette_assurance_voyage.jpg/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.assurance-voyage.axa-assistance.fr/documents/42276/42883/250x167_vignette_assurance_voyage.jpg/964fe82d-f059-ae04-ff4e-bc150cad075f?t=1540461239874
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
9bda13ec3922b46d28fa6f19be72952be8cf17cc676e930116877bd9953a852e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 19:54:58 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Thu, 25 Oct 2018 09:53:59 GMT
age
61804
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=3600,public
content-disposition
inline; filename="250x167_vignette_assurance_voyage.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34153
x-xss-protection
1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-K6JJDR
Domain
webserver-salesaxapartners-prd.lfr.cloud
URL
https://webserver-salesaxapartners-prd.lfr.cloud/documents/42276/0/Axa-assurance-voyage_Devis-en-ligne_rapide.jpg/a85e9ccd-eb00-36db-7309-efe0d4271376?t=1649843313679

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| cookieExist object| dataLayer function| pushDataLayerCTA function| defaultPianoCookie function| svg4everybody object| lazySizes function| pushDataLayerMetaHeader function| isInternalUrl function| pushDataLayerLandingNavigationCategory function| pushDataLayerLandingNavigationCategoryMobile function| pushDataLayerBurgerMenu function| pushDataLayerHeaderFunnel string| _ekomiWidgetsServerUrl number| _customerId boolean| _ekomiDraftMode string| _language object| _ekomiWidgetTokens boolean| ekomiWidgetJs function| pushDataLayerMostSubscribed function| pushDataLayerDestination function| pushDataLayerSocialLinks function| pushDataLayerNavigationLinks function| loadJsFile boolean| ekomiWidgetMainJs string| smartWidgetsServerBaseUrl object| productIdsFileData object| deletedFileData number| currentPageInPagination object| deletedFileCreatedData object| schemaData object| tokenFileData object| languageData object| summaryFileData object| widgetFileCount object| alreadyLoadedWidgets number| totalPageLinks boolean| isForward number| lastDifferenceFactor number| currentMaxToSkip number| counter object| hashProductIdsData string| fallBackLanguage object| languageMapping function| getKeyByValue function| getPageLanguage function| evolute function| arthmatic function| replaceRepeatFilledStarComputedWidth function| getDate function| isSafari function| isIE function| getSealForReview function| replaceReviewPlaceholders function| ratingRange function| getDateFormat function| getStringBetween function| getRatingGrade function| getSealType function| translateText function| getWidgetContainer number| c1 boolean| widgetCssLoaded boolean| ekomiWidgetJqueryFile function| ekomiWidgetMain object| DateFormat undefined| $ undefined| jQuery function| ekomiWidgetJquery boolean| ajaxEnabled

12 Cookies

Domain/Path Name / Value
.myckdom.com/ Name: rhid
Value: 83612871595
.myckdom.com/ Name: loi
Value: ad_1647281_off_1089936_aff_88987_cid_374591-WWWCPFCU.COM_ts_1694091896
biddm.com/ Name: uclick
Value: scmy8ry9vr
biddm.com/ Name: uclickhash
Value: scmy8ry9vr-scmy8ry9vr-ntuq-0-ntuq-gx4kbl-wha1-168ebf
.tradedoubler.com/ Name: EH_0
Value: 1z11z1z12wz1DIcuOz1EKayaPGw2dmyFC1MOPP24ebt787pN%79U2ID%7aVQFXQDTZGa.j_mE3Tt%79WYaqhhRUJRMR1KIMWX5oKOUiNuXvtk1dOpsNPnVUpS1ibp
.tradedoubler.com/ Name: GUID
Value: 1z11zz12wzNwvAKz7096579e960db101a493338280cf614a
redirects.tradedoubler.com/ Name: AWSELB
Value: FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C92448B5DC41B6DF8F1BB665B74D1DBC44CACB35A8119CA374522E5CD51D3AB65B8C1BA03E231E71D15DBA2CF9A7C59ACA2
www.assurance-voyage.axa-assistance.fr/ Name: JSESSIONID
Value: 19FDB94172DA7CDDFE4FEBFEC4641327
www.assurance-voyage.axa-assistance.fr/ Name: COOKIE_SUPPORT
Value: true
www.assurance-voyage.axa-assistance.fr/ Name: GUEST_LANGUAGE_ID
Value: fr_FR
www.assurance-voyage.axa-assistance.fr/ Name: SERVER_ID
Value: eed665fd56cd9bdc
www.assurance-voyage.axa-assistance.fr/ Name: ATConsent
Value: optin

2 Console Messages

Source Level URL
Text
network error URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6JJDR
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://webserver-salesaxapartners-prd.lfr.cloud/documents/42276/0/Axa-assurance-voyage_Devis-en-ligne_rapide.jpg/a85e9ccd-eb00-36db-7309-efe0d4271376?t=1649843313679
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

biddm.com
cdn.cookielaw.org
clk.tradedoubler.com
myckdom.com
p374591.myckdom.com
redirects.tradedoubler.com
smart-widget-assets.ekomiapps.de
sw-assets.ekomiapps.de
vht.tradedoubler.com
webserver-salesaxapartners-prd.lfr.cloud
www.assurance-voyage.axa-assistance.fr
www.googletagmanager.com
wwwcpfcu.com
webserver-salesaxapartners-prd.lfr.cloud
www.googletagmanager.com
104.18.131.236
108.128.125.55
13.224.189.92
143.204.215.120
167.172.228.26
168.119.4.34
34.149.129.12
35.186.231.97
52.117.247.211
0d75704ed2b6195a0b17f944c90e2c006c86ccbc88717ea6bef4fb045aa87f41
0dc1eee7a96323d808db11fc2b6876cc8339e663fd00a7389556e8e5e210deb1
2acde4141b361a5114c686c1a8dc333c2d331a1b3d00e3ee1413fc02b5a43278
32e1970356bfcfa99cc54aeaec6949785efb0eab022cab894f3c0dd3e9c4449f
3fcac0f4020279d0e32f8c27c13526f45257b03dcc5d84ef8b7bca82cced3f39
57d69a0c22fedb3b9456a9cb153f92aa763c4beb5f210aa052159ba6a593e0cb
596282470f6a49208b060d1c6eed24911abff11352aac51645cd265c3207abb7
59df6220fbd943e8cc4fd226f0174e5ddd07c60f0b30a1312fe797139cdb93b9
5d6e4381fc19b67932d247814a16bde5b26a26bbf7ef181c0d404365017047e8
5f9b62f110c44f7af112362d0768c689a5265883b8c0f7793a7d5f90092db0a1
66bedf1ae5a12cc02622a31ebe44e2c671b2d6d7a8b885b3fd638e7e43a49f5d
68968cee2f6a5854a60ac6174c545cf54d73fe63e8bfcfa8544e081a0ec431d5
7379ade3f55cccc84c6229d3cdc0475d6ed1e7641a747033b55e6f866857926a
77eaa6a3b1fae1b8ac89890921dc2b807930a491af55aa90abc2cfe18536d42f
7f646e6975dc85d7f94599023cbfdf0294a946dbe191b3cb3980c9ef456dc0bd
94fb8349729a1f55b6463274115d0eb0738407a5a743ff486cb07878e164707e
978b28de907f2a089e5325353abd72d7b71a3dd57e5b1520fb961c5dc4d8ac37
9a56a77411e71dc71ba776f5c46fdfccacc4227e70b8aca4b49532803e3fcbaf
9bda13ec3922b46d28fa6f19be72952be8cf17cc676e930116877bd9953a852e
a0bd40fe555a0f74b252615c5a5fd35522aa234008d16e7265961f2cec586c3b
b2b881c9d8128c4016dbdddc6fff0c7594db532e2f4ef0c1bf7916906ba7afaf
c383da4a6a8b3ef5a775c42886723aa5653003975a41ac467e9dea416b4667f1
cab81dec82a2a34c078e38c16ce2ea2d0fed56c179579a3d2e5160ba2d463051
d5ba51a1691a42400fddc4ef5cdd2f11cf955f48d5270db69e60aa4d204e3e68
d64872744533f880e2db04feaad26db4e3d8ea4588be10f479f639c1e9582f4d
d7749beef876cdb9129bd50fa3ebbf2c288830e63a8aa5faf1ed388814c8cf9a
d8f284c5c340f59de5287a2caba4a774c510a9cd43e3b045ed008ae2b5a2a923
e88544a0b333b266c598a72cdef1ffb8cefbc24df90efef83c8f046df08967ce
f05d8b1021127ec868b6addd35c8dc5c3411753bfd2f858da3471c52ffc53e3b
f51590d5dc8f61cfc0c025dfc89f35c726bef31ec33664ff8bebbb73e4fae660