www.assurance-voyage.axa-assistance.fr Open in urlscan Pro
34.149.129.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wwwalcorix.com/
Effective URL:
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On September 07 via api (September 7th 2023, 10:51:52 am UTC) from FR — Scanned from FR

Summary HTTP 45 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 45 HTTP transactions. The main IP is 34.149.129.12, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.assurance-voyage.axa-assistance.fr.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 11th 2023. Valid for: a year.

This is the only time www.assurance-voyage.axa-assistance.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.172.228.26 167.172.228.26	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	52.117.247.211 52.117.247.211	36351 (SOFTLAYER) (SOFTLAYER)
1 1	168.119.4.34 168.119.4.34	24940 (HETZNER-AS) (HETZNER-AS)
1 2	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
1	13.224.189.92 13.224.189.92	16509 (AMAZON-02) (AMAZON-02)
1 1	108.128.125.55 108.128.125.55	16509 (AMAZON-02) (AMAZON-02)
16	34.149.129.12 34.149.129.12	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	104.18.131.236 104.18.131.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
7	143.204.215.120 143.204.215.120	16509 (AMAZON-02) (AMAZON-02)
5	143.204.215.57 143.204.215.57	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.91 18.66.147.91	16509 (AMAZON-02) (AMAZON-02)
1	13.32.117.182 13.32.117.182	16509 (AMAZON-02) (AMAZON-02)
45	10

1 167.172.228.26 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

wwwalcorix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.117.247.211 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com

myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p374591.myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.4.34 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.34.4.119.168.clients.your-server.de

biddm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.231.97 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-92.fra2.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.125.55 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-125-55.eu-west-1.compute.amazonaws.com

redirects.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 34.149.129.12 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 12.129.149.34.bc.googleusercontent.com

www.assurance-voyage.axa-assistance.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webserver-salesaxapartners-prd.lfr.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.131.236 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.215.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-120.fra53.r.cloudfront.net

sw-assets.ekomiapps.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smart-widget-assets.ekomiapps.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.215.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-57.fra53.r.cloudfront.net

smart-widget-assets.ekomiapps.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sw-assets.ekomiapps.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-91.fra60.r.cloudfront.net

tag.aticdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.117.182 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-117-182.fra60.r.cloudfront.net

logws1309.ati-host.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	axa-assistance.fr www.assurance-voyage.axa-assistance.fr	423 KB
12	ekomiapps.de sw-assets.ekomiapps.de — Cisco Umbrella Rank: 129381 smart-widget-assets.ekomiapps.de — Cisco Umbrella Rank: 143401	200 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 377	148 KB
4	tradedoubler.com 2 redirects clk.tradedoubler.com — Cisco Umbrella Rank: 94176 vht.tradedoubler.com — Cisco Umbrella Rank: 90323 redirects.tradedoubler.com — Cisco Umbrella Rank: 123597	6 KB
2	myckdom.com 1 redirects myckdom.com — Cisco Umbrella Rank: 196792 p374591.myckdom.com	1 KB
1	ati-host.net logws1309.ati-host.net — Cisco Umbrella Rank: 153547	344 B
1	aticdn.net tag.aticdn.net — Cisco Umbrella Rank: 15363	22 KB
1	lfr.cloud webserver-salesaxapartners-prd.lfr.cloud	250 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	95 KB
1	biddm.com 1 redirects biddm.com	584 B
1	wwwalcorix.com 1 redirects wwwalcorix.com	1 KB
45	11

	Domain	Requested by
15	www.assurance-voyage.axa-assistance.fr	www.assurance-voyage.axa-assistance.fr
11	cdn.cookielaw.org	www.assurance-voyage.axa-assistance.fr www.googletagmanager.com cdn.cookielaw.org
8	sw-assets.ekomiapps.de	www.assurance-voyage.axa-assistance.fr smart-widget-assets.ekomiapps.de sw-assets.ekomiapps.de
4	smart-widget-assets.ekomiapps.de	sw-assets.ekomiapps.de smart-widget-assets.ekomiapps.de
2	clk.tradedoubler.com	1 redirects p374591.myckdom.com
1	logws1309.ati-host.net	tag.aticdn.net
1	tag.aticdn.net	www.googletagmanager.com
1	webserver-salesaxapartners-prd.lfr.cloud
1	www.googletagmanager.com	www.assurance-voyage.axa-assistance.fr
1	redirects.tradedoubler.com	1 redirects
1	vht.tradedoubler.com	clk.tradedoubler.com
1	biddm.com	1 redirects
1	p374591.myckdom.com
1	myckdom.com	1 redirects
1	wwwalcorix.com	1 redirects
45	15

This site contains links to these domains. Also see Links.

Domain
www.axa-schengen.com
www.facebook.com
www.linkedin.com
www.youtube.com
www.assicurazione-viaggio.axa-assistance.it
www.axa-assistance-segurodeviaje.es
www.viagemsegura.pt
www.axa-travel-insurance.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.myckdom.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-03-20`	a year	crt.sh
*.tradedoubler.com R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
sales-services.axapartners.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-07-10`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
ekomiapps.de Amazon RSA 2048 M02	`2023-02-22` - `2023-12-13`	10 months	crt.sh
liferay.cloud Sectigo RSA Domain Validation Secure Server CA	`2023-08-14` - `2024-09-12`	a year	crt.sh
tag.aticdn.net Thawte RSA CA 2018	`2023-01-02` - `2024-02-02`	a year	crt.sh
*.ati-host.net Thawte RSA CA 2018	`2023-04-14` - `2024-05-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Frame ID: 8C80B76A5F93F40EF2DB579AA27861AD
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Assurance Voyage à l'Étranger - dès 10,99 € - AXAarrowFull arrowChevronHealthkitPencalendardollareuropoundyencheckfilegearpinLocatorfamilydownloadBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://wwwalcorix.com/ HTTP 302
https://myckdom.com/aS/feedclick?s=bftZiWr7sm_t1cF0lAjQjY8uDhK_8R6j6jUvurVsDL7J9-5EtRimpRG_6U4hq... HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBqhmk39KzfonDHjNDMqxHIywn03uCMUnW... Page URL
https://biddm.com/czszl0k.php?key=ihqcqg45vr7634mntn22&subid=90671379353&bid=0.0008&site=44777... HTTP 302
https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=dbb09scsca4526o011 Page URL
https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=dbb09scsca4526o011 HTTP 302
http://redirects.tradedoubler.com/projectr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tra... HTTP 302
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

10
IPs

4
Countries

1144 kB
Transfer

2457 kB
Size

16
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.axa-schengen.com/fr?utm_source=EcommerceFR&utm_medium=partnership&utm_campaign=201515_EcommerceFranceSchengen
Title: Assurance Schengen

Search URL Search Domain Scan URL

URL: https://www.facebook.com/axa.assistance

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/axa-partners/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AXAAssistanceChannel

Search URL Search Domain Scan URL

URL: https://www.assicurazione-viaggio.axa-assistance.it/
Title: AXA Assicurazione Viaggio

Search URL Search Domain Scan URL

URL: https://www.axa-schengen.com/fr
Title: AXA Assurance Schengen

Search URL Search Domain Scan URL

URL: https://www.axa-assistance-segurodeviaje.es/
Title: AXA Seguros y asistencia en viajes

Search URL Search Domain Scan URL

URL: https://www.viagemsegura.pt/
Title: AXA Seguro de viagem

Search URL Search Domain Scan URL

URL: https://www.axa-travel-insurance.com/
Title: AXA Travel Insurance Global

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wwwalcorix.com/ HTTP 302
https://myckdom.com/aS/feedclick?s=bftZiWr7sm_t1cF0lAjQjY8uDhK_8R6j6jUvurVsDL7J9-5EtRimpRG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI3NDajatOk7jXw4cmSiDMaysLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwNPLmCCvrgRxHekL_DgR1RUuURui4B3gRwXERbP2XHJVEePUXigsWvdlMnA2aA_KEfjlFQpsRfwQhKwbAS5gg9H60RdY-EOMrWHvLBmnS_0imlxHMIQXS_-0A-w9VxlWL1edFxnBiZnwTG-0KYht1q1u6oreUplXD7mrjA6Q4T5NTHiotrBtRQ1S7BYiTHQJdEFzAIYOarq_N7wlRWsGLX-NuRJly2YxFcbb8-hQxrGozo9kMRJQvH5WP84m5VjUpF5QtcFEGj8R2X0uSE9ffVINPAuW7leKDiXXSwnF6ZL-igQcszvhjapBqV6_GcDvrooEfT-vB3uZ-qRO7OQv0rTv3sGvr3ep2KBQZwgLhBbTKQxpp8bVDtzgnLkE6-BhTPsIoKAsc072YOSv0AnYxekB6m181NXxxeUCDgkFciS1_JGb4kcabWQxpKa9HtnC-YLTYBcBxjqRg3LvNu5TkbGe4zdtVkiBETob0n6rQykEzv6oza-fIx0sYrTxqColNonnQvE_7LroRbnp_lwQ2phaBxF3videM9T36Zjzjf9cbe3O6u_J0j14NWwkICuxzL9mzRF-ssYJszfjwVcAuV-giSlA25L0obI5kiPl0b4ZjFqckJgWRoslSx5to6iQSbfftTkpAEMynvnceOYV9U0DGW7yMHQIiCyURlunu4Rxwl88DVCVnGdl6zmwxYmZRLjddtNgvdsvEXGdFff_ufa0rPcNJJW9c2_Sk0cVIY47cBNUfmEpSA_ke6L55Gu_7a0U6yvsz20y22jrfeEIvGu5mHSollN8_R_t7s-Wbdx2iW8yKyuTfRJpQ2ge7Uo-9Z8QWW7j6bn4GMSBKAdhU8Q2VuoNeNSdBVDDgrUT4dOz4V5q3rSKM3NQG0tD0l2adFcezebfb8QRpP3LxTo2OwrMtwo6kBcJIV7X5hWRTZXP_XgRAssz9Tgu7hkyFqwyBNbG1rwzn-Jso-4dzFH8mPR53CLErDhEhOFubxSgbeIBjwSTS2LsaQJCqvI-bP9JSMKhCk13TbFt5qNF4956KMF7xyDMmfbOb47fB8hbu_XVHUVgE-cuaYJghR46dlEsRfKWKNhL8vB_NTaCIOLc_oKoEo6vcLSEzuqHPErRaTXo5jDCok9YMrKhmk39KzfonDHjNDMqxHIzp6t2Df9GS89yyjg35Tl8LMF1sLsXmiB_mh6y2RNxf5w HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBqhmk39KzfonDHjNDMqxHIywn03uCMUnWXV3rtgpY_iSV8NwS4VzVtuEmTUDamv9Wj9EVoFzCvr6nUsZVZhWVPP-29LJmEHdmZ7b6Qy9a1mH1SDoPg9POwswKYjJbvnMpGJWdAgaDFAOJTu6AXYz7K7VIOg-D087C6igwjjQ3X8wDwHvy-FgMa29I_FSOB8M4Efux7TEFQK3pfm6NVdu148uzwn_CupyqQDojgHyynN1-rVVBwUbSr_tzFXyl2Xqp42dSrBkHXC218va1jhGFGI8jdqPtxH4UCJQ48Q3rpLLNlfGdf3DcofXCB6hjLj_YHAXkZifdxCbuZMoHaWmwuNtadod4QUG5-i0RSsv-tAz&ui=bftZiWr7sm_t1cF0lAjQjfbWwvziNp_1xLgNeF8Zj-hV70zWaePYCiv9tRTYMFKlYw_XJBRxHmqtnfL1HdTpKsIQlNpTcezMRCwWZ8AIezUSG9tXIBsRUA&si=1&oref=742b0620dc8b8070f3fc66cca6f0208d&optunit=1SDoPg9POwtd1DkgOMi8xg&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0 Page URL
https://biddm.com/czszl0k.php?key=ihqcqg45vr7634mntn22&subid=90671379353&bid=0.0008&site=447779964&os=Windows+10&browser=Chrome+116&carrier=UNKNOWN&device=Desktop&geo=FR&language=@@LANGUAGE@@&keyword=wwwalcorix.com+RO&campaign_name=TD13+-+AXA+Assistance+FR++Win HTTP 302
https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=dbb09scsca4526o011 Page URL
https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=dbb09scsca4526o011 HTTP 302
http://redirects.tradedoubler.com/projectr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr&_td_deeplink=https://www.assurance-voyage.axa-assistance.fr/ HTTP 302
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://wwwalcorix.com/ HTTP 302
https://myckdom.com/aS/feedclick?s=bftZiWr7sm_t1cF0lAjQjY8uDhK_8R6j6jUvurVsDL7J9-5EtRimpRG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI3NDajatOk7jXw4cmSiDMaysLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwNPLmCCvrgRxHekL_DgR1RUuURui4B3gRwXERbP2XHJVEePUXigsWvdlMnA2aA_KEfjlFQpsRfwQhKwbAS5gg9H60RdY-EOMrWHvLBmnS_0imlxHMIQXS_-0A-w9VxlWL1edFxnBiZnwTG-0KYht1q1u6oreUplXD7mrjA6Q4T5NTHiotrBtRQ1S7BYiTHQJdEFzAIYOarq_N7wlRWsGLX-NuRJly2YxFcbb8-hQxrGozo9kMRJQvH5WP84m5VjUpF5QtcFEGj8R2X0uSE9ffVINPAuW7leKDiXXSwnF6ZL-igQcszvhjapBqV6_GcDvrooEfT-vB3uZ-qRO7OQv0rTv3sGvr3ep2KBQZwgLhBbTKQxpp8bVDtzgnLkE6-BhTPsIoKAsc072YOSv0AnYxekB6m181NXxxeUCDgkFciS1_JGb4kcabWQxpKa9HtnC-YLTYBcBxjqRg3LvNu5TkbGe4zdtVkiBETob0n6rQykEzv6oza-fIx0sYrTxqColNonnQvE_7LroRbnp_lwQ2phaBxF3videM9T36Zjzjf9cbe3O6u_J0j14NWwkICuxzL9mzRF-ssYJszfjwVcAuV-giSlA25L0obI5kiPl0b4ZjFqckJgWRoslSx5to6iQSbfftTkpAEMynvnceOYV9U0DGW7yMHQIiCyURlunu4Rxwl88DVCVnGdl6zmwxYmZRLjddtNgvdsvEXGdFff_ufa0rPcNJJW9c2_Sk0cVIY47cBNUfmEpSA_ke6L55Gu_7a0U6yvsz20y22jrfeEIvGu5mHSollN8_R_t7s-Wbdx2iW8yKyuTfRJpQ2ge7Uo-9Z8QWW7j6bn4GMSBKAdhU8Q2VuoNeNSdBVDDgrUT4dOz4V5q3rSKM3NQG0tD0l2adFcezebfb8QRpP3LxTo2OwrMtwo6kBcJIV7X5hWRTZXP_XgRAssz9Tgu7hkyFqwyBNbG1rwzn-Jso-4dzFH8mPR53CLErDhEhOFubxSgbeIBjwSTS2LsaQJCqvI-bP9JSMKhCk13TbFt5qNF4956KMF7xyDMmfbOb47fB8hbu_XVHUVgE-cuaYJghR46dlEsRfKWKNhL8vB_NTaCIOLc_oKoEo6vcLSEzuqHPErRaTXo5jDCok9YMrKhmk39KzfonDHjNDMqxHIzp6t2Df9GS89yyjg35Tl8LMF1sLsXmiB_mh6y2RNxf5w HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBqhmk39KzfonDHjNDMqxHIywn03uCMUnWXV3rtgpY_iSV8NwS4VzVtuEmTUDamv9Wj9EVoFzCvr6nUsZVZhWVPP-29LJmEHdmZ7b6Qy9a1mH1SDoPg9POwswKYjJbvnMpGJWdAgaDFAOJTu6AXYz7K7VIOg-D087C6igwjjQ3X8wDwHvy-FgMa29I_FSOB8M4Efux7TEFQK3pfm6NVdu148uzwn_CupyqQDojgHyynN1-rVVBwUbSr_tzFXyl2Xqp42dSrBkHXC218va1jhGFGI8jdqPtxH4UCJQ48Q3rpLLNlfGdf3DcofXCB6hjLj_YHAXkZifdxCbuZMoHaWmwuNtadod4QUG5-i0RSsv-tAz&ui=bftZiWr7sm_t1cF0lAjQjfbWwvziNp_1xLgNeF8Zj-hV70zWaePYCiv9tRTYMFKlYw_XJBRxHmqtnfL1HdTpKsIQlNpTcezMRCwWZ8AIezUSG9tXIBsRUA&si=1&oref=742b0620dc8b8070f3fc66cca6f0208d&optunit=1SDoPg9POwtd1DkgOMi8xg&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0

Request Chain 1

https://biddm.com/czszl0k.php?key=ihqcqg45vr7634mntn22&subid=90671379353&bid=0.0008&site=447779964&os=Windows+10&browser=Chrome+116&carrier=UNKNOWN&device=Desktop&geo=FR&language=@@LANGUAGE@@&keyword=wwwalcorix.com+RO&campaign_name=TD13+-+AXA+Assistance+FR++Win HTTP 302
https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=dbb09scsca4526o011

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

domainClick
p374591.myckdom.com/adServe/
Redirect Chain

http://wwwalcorix.com/
https://myckdom.com/aS/feedclick?s=bftZiWr7sm_t1cF0lAjQjY8uDhK_8R6j6jUvurVsDL7J9-5EtRimpRG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI3NDajatOk7jXw4cmSiDMaysLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwNP...
https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBqhmk39KzfonDHjNDMqxHIywn03uCMUnWXV3rtgpY_iSV8NwS4VzVtuEmTUDamv9Wj9EVoFzCvr6nUsZVZhWVPP-29LJmEHdmZ7b6Qy9a1mH1SDoPg9POwswKYjJbv...

457 B
732 B

277ms
259ms

Document
text/html

52.117.247.211
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBqhmk39KzfonDHjNDMqxHIywn03uCMUnWXV3rtgpY_iSV8NwS4VzVtuEmTUDamv9Wj9EVoFzCvr6nUsZVZhWVPP-29LJmEHdmZ7b6Qy9a1mH1SDoPg9POwswKYjJbvnMpGJWdAgaDFAOJTu6AXYz7K7VIOg-D087C6igwjjQ3X8wDwHvy-FgMa29I_FSOB8M4Efux7TEFQK3pfm6NVdu148uzwn_CupyqQDojgHyynN1-rVVBwUbSr_tzFXyl2Xqp42dSrBkHXC218va1jhGFGI8jdqPtxH4UCJQ48Q3rpLLNlfGdf3DcofXCB6hjLj_YHAXkZifdxCbuZMoHaWmwuNtadod4QUG5-i0RSsv-tAz&ui=bftZiWr7sm_t1cF0lAjQjfbWwvziNp_1xLgNeF8Zj-hV70zWaePYCiv9tRTYMFKlYw_XJBRxHmqtnfL1HdTpKsIQlNpTcezMRCwWZ8AIezUSG9tXIBsRUA&si=1&oref=742b0620dc8b8070f3fc66cca6f0208d&optunit=1SDoPg9POwtd1DkgOMi8xg&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: d3.f7.7534.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 07 Sep 2023 10:51:35 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Thu, 07 Sep 2023 10:51:34 GMT
location: https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBqhmk39KzfonDHjNDMqxHIywn03uCMUnWXV3rtgpY_iSV8NwS4VzVtuEmTUDamv9Wj9EVoFzCvr6nUsZVZhWVPP-29LJmEHdmZ7b6Qy9a1mH1SDoPg9POwswKYjJbvnMpGJWdAgaDFAOJTu6AXYz7K7VIOg-D087C6igwjjQ3X8wDwHvy-FgMa29I_FSOB8M4Efux7TEFQK3pfm6NVdu148uzwn_CupyqQDojgHyynN1-rVVBwUbSr_tzFXyl2Xqp42dSrBkHXC218va1jhGFGI8jdqPtxH4UCJQ48Q3rpLLNlfGdf3DcofXCB6hjLj_YHAXkZifdxCbuZMoHaWmwuNtadod4QUG5-i0RSsv-tAz&ui=bftZiWr7sm_t1cF0lAjQjfbWwvziNp_1xLgNeF8Zj-hV70zWaePYCiv9tRTYMFKlYw_XJBRxHmqtnfL1HdTpKsIQlNpTcezMRCwWZ8AIezUSG9tXIBsRUA&si=1&oref=742b0620dc8b8070f3fc66cca6f0208d&optunit=1SDoPg9POwtd1DkgOMi8xg&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
server: nginx

GET
H2

200

click Show response
clk.tradedoubler.com/
Redirect Chain

https://biddm.com/czszl0k.php?key=ihqcqg45vr7634mntn22&subid=90671379353&bid=0.0008&site=447779964&os=Windows+10&browser=Chrome+116&carrier=UNKNOWN&device=Desktop&geo=FR&language=@@LANGUAGE@@&keywo...
https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=dbb09scsca4526o011

852 B
1 KB

514ms
190ms

Document
text/html

35.186.231.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=dbb09scsca4526o011
Requested by: Host: p374591.myckdom.com
URL: https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBqhmk39KzfonDHjNDMqxHIywn03uCMUnWXV3rtgpY_iSV8NwS4VzVtuEmTUDamv9Wj9EVoFzCvr6nUsZVZhWVPP-29LJmEHdmZ7b6Qy9a1mH1SDoPg9POwswKYjJbvnMpGJWdAgaDFAOJTu6AXYz7K7VIOg-D087C6igwjjQ3X8wDwHvy-FgMa29I_FSOB8M4Efux7TEFQK3pfm6NVdu148uzwn_CupyqQDojgHyynN1-rVVBwUbSr_tzFXyl2Xqp42dSrBkHXC218va1jhGFGI8jdqPtxH4UCJQ48Q3rpLLNlfGdf3DcofXCB6hjLj_YHAXkZifdxCbuZMoHaWmwuNtadod4QUG5-i0RSsv-tAz&ui=bftZiWr7sm_t1cF0lAjQjfbWwvziNp_1xLgNeF8Zj-hV70zWaePYCiv9tRTYMFKlYw_XJBRxHmqtnfL1HdTpKsIQlNpTcezMRCwWZ8AIezUSG9tXIBsRUA&si=1&oref=742b0620dc8b8070f3fc66cca6f0208d&optunit=1SDoPg9POwtd1DkgOMi8xg&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.231.186.35.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: 46c7a978f851d5a2657b06e795ae04d766fd6800564d6ac3d617c8d6990a67be

Request headers

Referer: https://p374591.myckdom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 852
content-type: text/html; charset=ISO-8859-1
date: Thu, 07 Sep 2023 10:51:38 GMT
pragma: no-cache
referrer-policy: origin
server: TXServerHttp
via: 1.1 google

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Sep 2023 10:51:39 GMT
Location: https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=dbb09scsca4526o011
Server: nginx/1.24.0
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked

GET
H/1.1 200
OK prefs.js
vht.tradedoubler.com/fp/ 9 KB
4 KB 890ms
155ms Script
application/javascript 13.224.189.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vht.tradedoubler.com/fp/prefs.js

Requested by

Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=dbb09scsca4526o011

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-92.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
Date: Wed, 06 Sep 2023 12:46:43 GMT
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA2-C1
Age: 79498
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3598
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 01 Jun 2023 10:47:07 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: PfsiQfDbx6z4ih2FMjJI9E29tWrycYOAYAILSbe_D22cpBI_uI-7_g==

GET
H2

200

Primary Request / Show response
www.assurance-voyage.axa-assistance.fr/
Redirect Chain

https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=dbb09scsca4526o011
http://redirects.tradedoubler.com/projectr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr&_td_deeplink=https://www.assurance-voyage.axa-assistance.fr/
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr

203 KB
29 KB

781ms
350ms

Document
text/html

34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

0af3f9ea4c021d5f48ab08b7fe5fc4a70446bc3b319839abe474eebbf9ad69c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://clk.tradedoubler.com
Referer: https://clk.tradedoubler.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 07 Sep 2023 10:51:42 GMT
etag: W/"e43762f1"
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1

Redirect headers

Cache-control: no-cache="set-cookie"
Connection: keep-alive
Content-Length: 1
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Sep 2023 10:51:41 GMT
Location: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Server: Apache/2.4.57 (Ubuntu)

GET
H2 200 index.js Show response
www.assurance-voyage.axa-assistance.fr/o/frontend-js-svg4everybody-web/ 3 KB
3 KB 416ms
415ms Script
application/javascript 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.assurance-voyage.axa-assistance.fr/o/frontend-js-svg4everybody-web/index.js

Requested by

Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

32e1970356bfcfa99cc54aeaec6949785efb0eab022cab894f3c0dd3e9c4449f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 18:44:26 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 06:01:44 GMT
age: 58036
etag: "86a92ce7"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3096
x-xss-protection: 1

GET
H2 200 neo.css
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/ 206 KB
23 KB 400ms
399ms Stylesheet
text/css 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694002800000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

f05d8b1021127ec868b6addd35c8dc5c3411753bfd2f858da3471c52ffc53e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 12:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
last-modified: Wed, 06 Sep 2023 12:20:00 GMT
age: 80758
etag: W/"1b6619e6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23930
x-xss-protection: 1

GET
H2 200 override.css
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/ 1 KB
591 B 399ms
398ms Stylesheet
text/css 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/override.css?t=1694002800000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

d8f284c5c340f59de5287a2caba4a774c510a9cd43e3b045ed008ae2b5a2a923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 12:25:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
last-modified: Wed, 06 Sep 2023 12:20:00 GMT
age: 80758
etag: W/"f469e1b3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 459
x-xss-protection: 1

GET
H2 200 lazysizes.js Show response
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/js/ 8 KB
8 KB 415ms
414ms Script
application/javascript 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/js/lazysizes.js?t=1694002800000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

68968cee2f6a5854a60ac6174c545cf54d73fe63e8bfcfa8544e081a0ec431d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 12:35:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 06 Sep 2023 12:20:00 GMT
age: 80175
etag: "d8e9185c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8254
x-xss-protection: 1

GET
H2 200 neo.js Show response
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/js/ 179 KB
179 KB 445ms
444ms Script
application/javascript 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/js/neo.js?t=1694002800000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

66bedf1ae5a12cc02622a31ebe44e2c671b2d6d7a8b885b3fd638e7e43a49f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 12:35:27 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 06 Sep 2023 12:20:00 GMT
age: 80175
etag: "5b96b8ac"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182995
x-xss-protection: 1

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/72ddb531-517f-470c-b237-dfef93481d9b/ 5 KB
2 KB 886ms
145ms Script
application/x-javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/72ddb531-517f-470c-b237-dfef93481d9b/OtAutoBlock.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dc1eee7a96323d808db11fc2b6876cc8339e663fd00a7389556e8e5e210deb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Sep 2023 10:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 17021
content-md5: f861GjUV44JOBvn59/ORmQ==
content-length: 1912
x-ms-lease-status: unlocked
last-modified: Wed, 19 Apr 2023 15:39:24 GMT
server: cloudflare
etag: 0x8DB40EC40AE4B91
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 04f0a95f-b01e-0029-1ed5-72aea4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 802e65eb48dd3ce0-CDG
expires: Fri, 08 Sep 2023 10:51:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 324 KB
95 KB 890ms
256ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K6JJDR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

226d9426cffb6fcfb6dfc6bc90175bf09199bd858cad0dc13aeba11b702fec11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:51:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96858
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Sep 2023 10:51:43 GMT

GET
H2 200 widget.js Show response
sw-assets.ekomiapps.de/static_resources/ 346 B
730 B 621ms
260ms Script
application/javascript 143.204.215.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sw-assets.ekomiapps.de/static_resources/widget.js
Requested by: Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-120.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f51590d5dc8f61cfc0c025dfc89f35c726bef31ec33664ff8bebbb73e4fae660

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:08:09 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jun 2023 07:58:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1835015
etag: "87cc6c5e2b6611d43a3e35da657e4751"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public
accept-ranges: bytes
content-length: 346
x-amz-cf-id: INo88r-f-tuHgXrk7kFntVA0zisltmDZQE7jFAhiORJ7uKw3IMqGXQ==

GET
H3 200 9bd44933-e960-3dd6-e4f2-2b2c0ba085ad
www.assurance-voyage.axa-assistance.fr/documents/1575110/1575873/Home_Page_Banner.gif/ 73 KB
73 KB 149ms
149ms Image
image/gif 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.assurance-voyage.axa-assistance.fr/documents/1575110/1575873/Home_Page_Banner.gif/9bd44933-e960-3dd6-e4f2-2b2c0ba085ad?t=1670431037895

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

2acde4141b361a5114c686c1a8dc333c2d331a1b3d00e3ee1413fc02b5a43278

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 20:22:16 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 07 Dec 2022 16:37:17 GMT
age: 52167
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=3600,public
content-disposition: inline; filename="Home_Page_Banner.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74710
x-xss-protection: 1

GET
H3 200 SourceSansPro-Regular-latin.woff2
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/fonts/ 17 KB
17 KB 195ms
194ms Font
application/octet-stream 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/fonts/SourceSansPro-Regular-latin.woff2

Requested by

Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694002800000

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

596282470f6a49208b060d1c6eed24911abff11352aac51645cd265c3207abb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694002800000
Origin: https://www.assurance-voyage.axa-assistance.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:51:43 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 06 Sep 2023 12:12:48 GMT
etag: W/"17336-1694002368000"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17336
x-xss-protection: 1

GET
H3 200 SourceSansPro-Bold-latin.woff2
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/fonts/ 17 KB
17 KB 269ms
268ms Font
application/octet-stream 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/fonts/SourceSansPro-Bold-latin.woff2

Requested by

Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694002800000

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

7379ade3f55cccc84c6229d3cdc0475d6ed1e7641a747033b55e6f866857926a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694002800000
Origin: https://www.assurance-voyage.axa-assistance.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:51:43 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 06 Sep 2023 12:12:48 GMT
etag: W/"16932-1694002368000"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16932
x-xss-protection: 1

GET
H3 200 SourceSansPro-Regular-latin-extended.woff2
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/fonts/ 26 KB
26 KB 274ms
274ms Font
application/octet-stream 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/fonts/SourceSansPro-Regular-latin-extended.woff2

Requested by

Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694002800000

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

77eaa6a3b1fae1b8ac89890921dc2b807930a491af55aa90abc2cfe18536d42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694002800000
Origin: https://www.assurance-voyage.axa-assistance.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:51:43 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 06 Sep 2023 12:12:48 GMT
etag: W/"26700-1694002368000"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26700
x-xss-protection: 1

GET
H3 200 1eade1e6-4a73-31f4-730d-86e69985692f
www.assurance-voyage.axa-assistance.fr/documents/42276/42868/suite_case.png/ 325 B
345 B 189ms
189ms Image
image/png 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.assurance-voyage.axa-assistance.fr/documents/42276/42868/suite_case.png/1eade1e6-4a73-31f4-730d-86e69985692f?t=1526652133064

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

d7749beef876cdb9129bd50fa3ebbf2c288830e63a8aa5faf1ed388814c8cf9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 19:49:20 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 14:02:13 GMT
age: 54143
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=3600,public
content-disposition: inline; filename="suite_case.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 325
x-xss-protection: 1

GET
H3 200 baae025e-9e98-8446-fdb2-b3a518f2cb5c
www.assurance-voyage.axa-assistance.fr/documents/42276/42868/pencil.png/ 305 B
325 B 189ms
188ms Image
image/png 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.assurance-voyage.axa-assistance.fr/documents/42276/42868/pencil.png/baae025e-9e98-8446-fdb2-b3a518f2cb5c?t=1526654442633

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

57d69a0c22fedb3b9456a9cb153f92aa763c4beb5f210aa052159ba6a593e0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 06:52:00 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 14:40:42 GMT
age: 14383
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=3600,public
content-disposition: inline; filename="pencil.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 1

GET
H3 200 layout_set_logo
www.assurance-voyage.axa-assistance.fr/image/ 3 KB
3 KB 189ms
189ms Image
image/png 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.assurance-voyage.axa-assistance.fr/image/layout_set_logo?img_id=42322&t=1694003076749

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

0d75704ed2b6195a0b17f944c90e2c006c86ccbc88717ea6bef4fb045aa87f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 12:26:30 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Tue, 09 Oct 2018 11:24:03 GMT
age: 80713
etag: "347dcfdd"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2916
x-xss-protection: 1

GET
H2 200 f-widget.js Show response
smart-widget-assets.ekomiapps.de/static_resources/ 44 KB
12 KB 160ms
140ms Script
application/javascript 143.204.215.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Requested by: Host: sw-assets.ekomiapps.de
URL: https://sw-assets.ekomiapps.de/static_resources/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-120.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fcac0f4020279d0e32f8c27c13526f45257b03dcc5d84ef8b7bca82cced3f39

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 06:48:48 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Mon, 26 Jun 2023 07:58:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 2433777
etag: W/"0ab7548cdf2d3776c7ee855a48e8b71e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: wSiuoKuBXVslOP6L0fi4nQ081hHGhkH-wesRl8HiHAC57vxCpYjkJw==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 218ms
218ms Script
application/javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6JJDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Sep 2023 10:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7EncTFplbWDUpOxlbB9/Qg==
age: 63315
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6836
x-ms-lease-status: unlocked
last-modified: Tue, 05 Sep 2023 02:39:54 GMT
server: cloudflare
etag: 0x8DBADB963286BA0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cd0d57e4-801e-001e-7331-e0d55b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 802e65f10ee33ce0-CDG

GET
H2 200 jquery.min.js Show response
sw-assets.ekomiapps.de/static_resources/ 89 KB
31 KB 230ms
230ms Script
application/javascript 143.204.215.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sw-assets.ekomiapps.de/static_resources/jquery.min.js
Requested by: Host: smart-widget-assets.ekomiapps.de
URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-120.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d64872744533f880e2db04feaad26db4e3d8ea4588be10f479f639c1e9582f4d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 06:36:09 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 20:26:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1743336
etag: W/"a15c0a89a27a8a9a8f01d2383c8aa86b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: MARMD40J8At-yYkuEhycx1BxLBRyUJOR7OnlpkEjobTJHrIuoncLmg==

GET
H2 200 72ddb531-517f-470c-b237-dfef93481d9b.json Show response
cdn.cookielaw.org/consent/72ddb531-517f-470c-b237-dfef93481d9b/ 3 KB
2 KB 1182ms
565ms XHR
application/x-javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/72ddb531-517f-470c-b237-dfef93481d9b/72ddb531-517f-470c-b237-dfef93481d9b.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c30f603d71a66de601b646e341bcc97169247c313b04d1094de2cbd4c8cdb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Sep 2023 10:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 47627
content-md5: +DPm5xTA76Dtn5ZTkFEZUQ==
content-length: 1487
x-ms-lease-status: unlocked
last-modified: Wed, 19 Apr 2023 15:39:25 GMT
server: cloudflare
etag: 0x8DB40EC4179BCA5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a4eee1f3-d01e-00ba-49d5-7238ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 802e65f7999c3caa-CDG
expires: Fri, 08 Sep 2023 10:51:45 GMT

GET
H2 200 sf831715b17e931e7e83.json Show response
smart-widget-assets.ekomiapps.de/data_files/widget/ 4 KB
2 KB 688ms
400ms Fetch
application/json 143.204.215.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-widget-assets.ekomiapps.de/data_files/widget/sf831715b17e931e7e83.json
Requested by: Host: smart-widget-assets.ekomiapps.de
URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-57.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94fb8349729a1f55b6463274115d0eb0738407a5a743ff486cb07878e164707e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 08:46:34 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 7511
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 30 Aug 2023 12:20:35 GMT
server: AmazonS3
etag: W/"3292d4c8f6338e21017228ea79bac37a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=43200,public
x-amz-cf-id: C761I5C7PV2p1nKhbwN6pHUXnmN0RMOpgiR3nzu0OUQJWzlB5hVxvA==

GET
H3 200 81e9f3f0-a761-5dc0-1e85-e1fdbdf6e52b
www.assurance-voyage.axa-assistance.fr/documents/42276/42883/250x167_vignette_sante_coronavirus.jpg/ 10 KB
10 KB 163ms
162ms Image
image/jpeg 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.assurance-voyage.axa-assistance.fr/documents/42276/42883/250x167_vignette_sante_coronavirus.jpg/81e9f3f0-a761-5dc0-1e85-e1fdbdf6e52b?t=1584376032458

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

c383da4a6a8b3ef5a775c42886723aa5653003975a41ac467e9dea416b4667f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 20:34:20 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 16:27:12 GMT
age: 51444
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=3600,public
content-disposition: inline; filename="250x167_vignette_sante_coronavirus.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10346
x-xss-protection: 1

GET
H2 200 a85e9ccd-eb00-36db-7309-efe0d4271376
webserver-salesaxapartners-prd.lfr.cloud/documents/42276/0/Axa-assurance-voyage_Devis-en-ligne_rapide.jpg/ 249 KB
250 KB 1018ms
666ms Image
image/jpeg 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webserver-salesaxapartners-prd.lfr.cloud/documents/42276/0/Axa-assurance-voyage_Devis-en-ligne_rapide.jpg/a85e9ccd-eb00-36db-7309-efe0d4271376?t=1649843313679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

29b13ea64977d90965c76813cf18f40f145c4765d85b34ce0c187201329cc7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 10:51:45 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 09:48:33 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
content-disposition: inline; filename="Axa-assurance-voyage_Devis-en-ligne_rapide.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254815
x-xss-protection: 1
expires: Sat, 07 Oct 2023 10:51:45 GMT

GET
H3 200 964fe82d-f059-ae04-ff4e-bc150cad075f
www.assurance-voyage.axa-assistance.fr/documents/42276/42883/250x167_vignette_assurance_voyage.jpg/ 33 KB
33 KB 126ms
126ms Image
image/jpeg 34.149.129.12
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.assurance-voyage.axa-assistance.fr/documents/42276/42883/250x167_vignette_assurance_voyage.jpg/964fe82d-f059-ae04-ff4e-bc150cad075f?t=1540461239874

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.129.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

12.129.149.34.bc.googleusercontent.com

Software

Resource Hash

9bda13ec3922b46d28fa6f19be72952be8cf17cc676e930116877bd9953a852e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 19:54:58 GMT
via: 1.1 google
x-content-type-options: nosniff
last-modified: Thu, 25 Oct 2018 09:53:59 GMT
age: 53806
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=3600,public
content-disposition: inline; filename="250x167_vignette_assurance_voyage.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34153
x-xss-protection: 1

GET
H2 200 widget.css
sw-assets.ekomiapps.de/static_resources/ 155 KB
19 KB 586ms
585ms Stylesheet
text/css 143.204.215.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sw-assets.ekomiapps.de/static_resources/widget.css
Requested by: Host: sw-assets.ekomiapps.de
URL: https://sw-assets.ekomiapps.de/static_resources/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-120.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59df6220fbd943e8cc4fd226f0174e5ddd07c60f0b30a1312fe797139cdb93b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:08:10 GMT
content-encoding: gzip
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 19:45:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1835016
etag: W/"b380c60d7d560b269c16c4b63ab64f7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000,public
x-amz-cf-id: a1qn2UsYPF0K7GoED2aXvIe7hcSwl1vQYNdMqDye3TKGs2KJzGfkWQ==

GET
H2 200 83171_seller_summary.json Show response
smart-widget-assets.ekomiapps.de/data_files/json/ 171 B
656 B 582ms
581ms Fetch
application/json 143.204.215.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-widget-assets.ekomiapps.de/data_files/json/83171_seller_summary.json
Requested by: Host: smart-widget-assets.ekomiapps.de
URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-57.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f9b62f110c44f7af112362d0768c689a5265883b8c0f7793a7d5f90092db0a1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 07:22:10 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 12576
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 171
last-modified: Thu, 07 Sep 2023 02:54:41 GMT
server: AmazonS3
etag: "829e444799859dffe3de76cb5461aa84"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=43200,public
accept-ranges: bytes
x-amz-cf-id: UX667vvAMAYfgzDveyzOPr-a4-uGjmDU43IWIBx4JR_I7susRIolkg==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/ 400 KB
97 KB 687ms
687ms Script
application/javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Sep 2023 10:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Sw59qQKTUz8IJh2hCY03KQ==
age: 42908
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 98810
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:51 GMT
server: cloudflare
etag: 0x8DB55BF34FA32B5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 33d48d17-101e-00ca-25d3-874b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 802e65faff1e3ce0-CDG

GET
H2 200 83171_schema.json Show response
smart-widget-assets.ekomiapps.de/data_files/json/ 7 KB
1 KB 610ms
609ms Fetch
application/json 143.204.215.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smart-widget-assets.ekomiapps.de/data_files/json/83171_schema.json
Requested by: Host: smart-widget-assets.ekomiapps.de
URL: https://smart-widget-assets.ekomiapps.de/static_resources/f-widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-57.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cab81dec82a2a34c078e38c16ce2ea2d0fed56c179579a3d2e5160ba2d463051

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 08:46:34 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 7512
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 07 Sep 2023 02:54:41 GMT
server: AmazonS3
etag: W/"aa7467f73b3772bc0fc3e8ef8d037b6f"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=43200,public
x-amz-cf-id: GKDaGUZATwI3JEmnHiXx00nlYLLO0QhcoB1l05kwv-zwoph7IqCMDw==

GET
H2 200 fr.json Show response
cdn.cookielaw.org/consent/72ddb531-517f-470c-b237-dfef93481d9b/d6bc21c6-a5c5-4164-bea8-f2cfadf2b7a0/ 63 KB
16 KB 216ms
215ms Fetch
application/x-javascript 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/72ddb531-517f-470c-b237-dfef93481d9b/d6bc21c6-a5c5-4164-bea8-f2cfadf2b7a0/fr.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3e9ad849a5adb36e8ee8fd617d516d0e4f4abc37d70d507b8d48840e9da7e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Sep 2023 10:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 47127
content-md5: Y25SFT43PJOeCExSHJ5+Kg==
content-length: 16033
x-ms-lease-status: unlocked
last-modified: Wed, 19 Apr 2023 15:39:27 GMT
server: cloudflare
etag: 0x8DB40EC42A14A9F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f9f513bb-801e-00a2-7fd5-72157a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 802e65fef8713caa-CDG
expires: Fri, 08 Sep 2023 10:51:46 GMT

GET
H2 200 fr_seal_silver-46.png
sw-assets.ekomiapps.de/resources/ 3 KB
3 KB 270ms
267ms Image
image/png 143.204.215.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw-assets.ekomiapps.de/resources/fr_seal_silver-46.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-120.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2b881c9d8128c4016dbdddc6fff0c7594db532e2f4ef0c1bf7916906ba7afaf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 22:33:03 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Tue, 19 Nov 2019 20:25:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 130724
etag: "b2df4eae5e7cd54abfa35583f6d4734c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,public
accept-ranges: bytes
content-length: 2622
x-amz-cf-id: 0Sa9bBFm6DmHi3trohjn8pfiiEPowqDDA2s55sSn1Xkfz73xhVkVJQ==

GET
H2 200 stars_grey-214x35.png
sw-assets.ekomiapps.de/resources/ 701 B
1 KB 400ms
398ms Image
image/png 143.204.215.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw-assets.ekomiapps.de/resources/stars_grey-214x35.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-120.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5ba51a1691a42400fddc4ef5cdd2f11cf955f48d5270db69e60aa4d204e3e68

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 03:08:45 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 19:52:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1928582
etag: "f52a98ef74c187b69a852d80e4e42155"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
accept-ranges: bytes
content-length: 701
x-amz-cf-id: lfhqvMewSIysVLsWn1g3NzfhVAxqb7q0Hp1n7RjlSdZiUCg36xHr4w==

GET
H2 200 stars_yellow-214x35.png
sw-assets.ekomiapps.de/resources/ 741 B
1 KB 401ms
399ms Image
image/png 143.204.215.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sw-assets.ekomiapps.de/resources/stars_yellow-214x35.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-120.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a56a77411e71dc71ba776f5c46fdfccacc4227e70b8aca4b49532803e3fcbaf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 03:08:45 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
last-modified: Mon, 07 Feb 2022 19:52:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1928582
etag: "15ac86a72246b7134c42bfb860ea342c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
accept-ranges: bytes
content-length: 741
x-amz-cf-id: ePVFmnAiH6qXlrcu8B2P1P2BdPChXyhXc4nsjzGgcahUP9ipj6yYPg==

GET
H2 200 633d68c01b65eUbuntu-Bold.woff
sw-assets.ekomiapps.de/resources/ 108 KB
109 KB 348ms
347ms Font
application/octet-stream 143.204.215.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sw-assets.ekomiapps.de/resources/633d68c01b65eUbuntu-Bold.woff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-57.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0bd40fe555a0f74b252615c5a5fd35522aa234008d16e7265961f2cec586c3b

Request headers

Referer: https://www.assurance-voyage.axa-assistance.fr/
Origin: https://www.assurance-voyage.axa-assistance.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:56:50 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 9600897
x-cache: Hit from cloudfront
content-length: 111016
last-modified: Wed, 05 Oct 2022 11:21:37 GMT
server: AmazonS3
etag: "278321edc4a28fc3f2441b1472e9347a"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: xr9j2BTAqJuoir_wcUpY8lyeMFMPA5exA0HSODzkTUDpFiecjXttng==

GET
H2 200 opensans-semibold-webfont.woff2
sw-assets.ekomiapps.de/resources/ 19 KB
19 KB 347ms
346ms Font
image/png 143.204.215.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sw-assets.ekomiapps.de/resources/opensans-semibold-webfont.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-57.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d6e4381fc19b67932d247814a16bde5b26a26bbf7ef181c0d404365017047e8

Request headers

Referer: https://www.assurance-voyage.axa-assistance.fr/
Origin: https://www.assurance-voyage.axa-assistance.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 19 May 2023 07:56:50 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 9600897
x-cache: Hit from cloudfront
content-length: 19004
last-modified: Mon, 07 Feb 2022 19:50:06 GMT
server: AmazonS3
etag: "32fdf0989cad8e43dbd1177d17e7331f"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: A97uy4D6BLvfma1uLzVUQxn4gFeTq6skrS8t-WnkFpvr_LtVQIn5FA==

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 9 KB
3 KB 384ms
383ms Fetch
application/json 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4e0b51db940e096731fbe30fb3b9367be7f56e67005d654ad088512e1811ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Sep 2023 10:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: C7yn6FBms+PtRGwjvvXVDw==
age: 50370
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2640
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:46 GMT
server: cloudflare
etag: 0x8DB55BF31D40BC1
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 969126e2-d01e-0093-2742-884ead000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 802e66013ab53caa-CDG

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/ 61 KB
12 KB 449ms
448ms Fetch
application/json 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Sep 2023 10:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: obw5M94dAr0Gi2p2lbQQ/g==
age: 50370
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:48 GMT
server: cloudflare
etag: 0x8DB55BF32AEE4B7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b50b37d8-701e-0016-6912-881978000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 802e66013ab73caa-CDG

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 21 KB
4 KB 516ms
516ms Fetch
text/css 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Sep 2023 10:51:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 50370
x-ms-lease-status: unlocked
last-modified: Tue, 16 May 2023 03:39:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 017e723b-101e-0042-3e12-88f3f2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 802e66013ab93caa-CDG

GET
H2 200 piano-analytics.js Show response
tag.aticdn.net/ 73 KB
22 KB 1454ms
1038ms Script
application/javascript 18.66.147.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.aticdn.net/piano-analytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6JJDR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e79e44a9b1140d3980ddb96b9c8644ae4fc0d479082a6aeebab1c13b24759fcb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: cCx8c_FU34lwSqcVUqNH4cLTn_1olNd3
content-encoding: br
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
date: Thu, 07 Sep 2023 10:23:25 GMT
x-amz-cf-pop: FRA60-P4
age: 1703
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 25 May 2023 09:06:12 GMT
server: AmazonS3
etag: W/"254be8cc5ba50e23ccd5ba1a0c62b5e8"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
x-amz-cf-id: e36kwn8cpmwH2M7Wn5Opj4iqtat6XtvNxcfmqt72gmX_g6tiXVLMkQ==

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
516 B 131ms
131ms Fetch
image/svg+xml 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Sep 2023 10:51:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 6122
x-ms-lease-status: unlocked
last-modified: Wed, 06 Sep 2023 10:00:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 13614b32-001e-003f-30ee-e0f120000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 802e66039ca83caa-CDG

GET
H2 200 axa_logo_0.png
cdn.cookielaw.org/logos/58aad042-a197-4800-bc2b-ff1ee3acebe6/6fdc152b-677d-4774-821e-a7fcbc0f7153/b799b8dd-b88e-4526-98e6-5e82389f7437/ 2 KB
2 KB 406ms
406ms Image
image/png 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/58aad042-a197-4800-bc2b-ff1ee3acebe6/6fdc152b-677d-4774-821e-a7fcbc0f7153/b799b8dd-b88e-4526-98e6-5e82389f7437/axa_logo_0.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd3bdc66d79e1223c0a5cea58bd98436b90795b302b157e0dd6b99848ca55a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Sep 2023 10:51:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: W7aGOU5YbxTvf9aDjIui9A==
age: 4428
content-length: 2218
x-ms-lease-status: unlocked
last-modified: Wed, 15 Mar 2023 15:01:46 GMT
server: cloudflare
etag: 0x8DB2566327647C9
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 09d166fa-801e-016a-4df8-afc218000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 802e66040f133ce0-CDG

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 321ms
321ms Image
image/svg+xml 104.18.131.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.assurance-voyage.axa-assistance.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Sep 2023 10:51:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 68479
x-ms-lease-status: unlocked
last-modified: Tue, 05 Sep 2023 02:40:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: d70f66bf-f01e-003b-5223-e07c27000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 802e66040f163ce0-CDG

POST
H2 204 event
logws1309.ati-host.net/ 0
344 B 507ms
158ms Ping
text/plain 13.32.117.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logws1309.ati-host.net/event?s=636609&idclient=lm91thlmm6lgc9sa

Requested by

Host: tag.aticdn.net
URL: https://tag.aticdn.net/piano-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.117.182 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-117-182.fra60.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.assurance-voyage.axa-assistance.fr/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 10:51:48 GMT
strict-transport-security: max-age=15768000
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
access-control-max-age: 600
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.assurance-voyage.axa-assistance.fr
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: Xz9fOcuyVnUJ5MTmVqUXEBHSqSUDDMCgW3ignwQM_gzDsQ-6h6W6-A==

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.myckdom.com/	1970-01-20 18:53:55	Name: rhid Value: 83612588982
.myckdom.com/	1970-01-20 14:34:47	Name: loi Value: ad_1647281_off_1089936_aff_88987_cid_374591-WWWALCORIX.COM_ts_1694083895
biddm.com/	1970-01-20 14:36:10	Name: uclick Value: scsca4526o
biddm.com/	1970-01-20 14:36:10	Name: uclickhash Value: scsca4526o-scsca4526o-ntuq-0-ntuq-gx4kbl-wha1-88ceeb
.tradedoubler.com/	1970-01-20 23:20:19	Name: EH_0 Value: 1z11z1z12wz2QdQqBz1EKayaPGL1ObyFCEBr%7a3XiOI%79%79sONnOGx%79h9wXXOM.LA%7aLfs3WAcFA_scgpE%7aA6MZP2YQLHfwUc8oTE7MrgsF7Kfks
.tradedoubler.com/	1970-01-20 23:20:19	Name: GUID Value: 1z11zz12wz2LPPvkzf71e45f736da79ff5672a44f9ed91038
redirects.tradedoubler.com/	1970-01-20 14:34:43	Name: AWSELB Value: FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C92448B5DC41B6DF8F1BB665B74D1DBC44CACB35A8119CA374522E5CD51D3AB65B8C1BA03E231E71D15DBA2CF9A7C59ACA2
www.assurance-voyage.axa-assistance.fr/	1969-12-31 23:59:59	Name: JSESSIONID Value: BA9A0682004B7BDEB3234D207E9CABA1
www.assurance-voyage.axa-assistance.fr/	1970-01-20 23:20:19	Name: COOKIE_SUPPORT Value: true
www.assurance-voyage.axa-assistance.fr/	1970-01-20 23:20:19	Name: GUEST_LANGUAGE_ID Value: fr_FR
www.assurance-voyage.axa-assistance.fr/	1969-12-31 23:59:59	Name: SERVER_ID Value: 1e580ba20f565990
www.assurance-voyage.axa-assistance.fr/	1970-01-21 00:04:58	Name: ATConsent Value: optin
.assurance-voyage.axa-assistance.fr/	1970-01-20 18:53:55	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Sep+07+2023+12%3A51%3A47+GMT%2B0200+(Central+European+Summer+Time)&version=202303.2.0&browserGpcFlag=0&isIABGlobal=false&consentId=c63fa3f2-40dc-4b4b-9fac-5c32bce6ecb4&interactionCount=0&landingPath=https%3A%2F%2Fwww.assurance-voyage.axa-assistance.fr%2F%3Fat_medium%3DAffiliation%26at_campaign%3DAff_TD-FR_Travel%26at_platform%3DTradedoubler_bidvertiser.com+fr&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0&hosts=H695%3A1%2CH3%3A1%2CH771%3A0%2CH396%3A0%2CH696%3A0%2CH13%3A0&genVendors=
www.assurance-voyage.axa-assistance.fr/	1970-01-21 00:03:31	Name: _pprv Value: eyJjb25zZW50Ijp7IjAiOnsibW9kZSI6ImVzc2VudGlhbCJ9LCIxIjp7Im1vZGUiOiJvcHQtaW4ifSwiMiI6eyJtb2RlIjoib3B0LWluIn0sIjMiOnsibW9kZSI6Im9wdC1pbiJ9LCI0Ijp7Im1vZGUiOiJvcHQtaW4ifSwiNSI6eyJtb2RlIjoib3B0LWluIn0sIjYiOnsibW9kZSI6Im9wdC1pbiJ9LCI3Ijp7Im1vZGUiOiJvcHQtaW4ifX19
www.assurance-voyage.axa-assistance.fr/	1970-01-21 00:03:31	Name: _pcid Value: %7B%22browserId%22%3A%22lm91thlmm6lgc9sa%22%7D
www.assurance-voyage.axa-assistance.fr/	1970-01-21 00:03:31	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXQF8g

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

biddm.com
cdn.cookielaw.org
clk.tradedoubler.com
logws1309.ati-host.net
myckdom.com
p374591.myckdom.com
redirects.tradedoubler.com
smart-widget-assets.ekomiapps.de
sw-assets.ekomiapps.de
tag.aticdn.net
vht.tradedoubler.com
webserver-salesaxapartners-prd.lfr.cloud
www.assurance-voyage.axa-assistance.fr
www.googletagmanager.com
wwwalcorix.com
104.18.131.236
108.128.125.55
13.224.189.92
13.32.117.182
142.250.185.72
143.204.215.120
143.204.215.57
167.172.228.26
168.119.4.34
18.66.147.91
34.149.129.12
35.186.231.97
52.117.247.211
09c30f603d71a66de601b646e341bcc97169247c313b04d1094de2cbd4c8cdb4
0af3f9ea4c021d5f48ab08b7fe5fc4a70446bc3b319839abe474eebbf9ad69c6
0d75704ed2b6195a0b17f944c90e2c006c86ccbc88717ea6bef4fb045aa87f41
0dc1eee7a96323d808db11fc2b6876cc8339e663fd00a7389556e8e5e210deb1
226d9426cffb6fcfb6dfc6bc90175bf09199bd858cad0dc13aeba11b702fec11
29b13ea64977d90965c76813cf18f40f145c4765d85b34ce0c187201329cc7ff
2acde4141b361a5114c686c1a8dc333c2d331a1b3d00e3ee1413fc02b5a43278
32e1970356bfcfa99cc54aeaec6949785efb0eab022cab894f3c0dd3e9c4449f
3fcac0f4020279d0e32f8c27c13526f45257b03dcc5d84ef8b7bca82cced3f39
46c7a978f851d5a2657b06e795ae04d766fd6800564d6ac3d617c8d6990a67be
57d69a0c22fedb3b9456a9cb153f92aa763c4beb5f210aa052159ba6a593e0cb
596282470f6a49208b060d1c6eed24911abff11352aac51645cd265c3207abb7
59df6220fbd943e8cc4fd226f0174e5ddd07c60f0b30a1312fe797139cdb93b9
5d6e4381fc19b67932d247814a16bde5b26a26bbf7ef181c0d404365017047e8
5f9b62f110c44f7af112362d0768c689a5265883b8c0f7793a7d5f90092db0a1
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
66bedf1ae5a12cc02622a31ebe44e2c671b2d6d7a8b885b3fd638e7e43a49f5d
68968cee2f6a5854a60ac6174c545cf54d73fe63e8bfcfa8544e081a0ec431d5
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
7379ade3f55cccc84c6229d3cdc0475d6ed1e7641a747033b55e6f866857926a
77eaa6a3b1fae1b8ac89890921dc2b807930a491af55aa90abc2cfe18536d42f
94fb8349729a1f55b6463274115d0eb0738407a5a743ff486cb07878e164707e
9a56a77411e71dc71ba776f5c46fdfccacc4227e70b8aca4b49532803e3fcbaf
9bda13ec3922b46d28fa6f19be72952be8cf17cc676e930116877bd9953a852e
a0bd40fe555a0f74b252615c5a5fd35522aa234008d16e7265961f2cec586c3b
a3e9ad849a5adb36e8ee8fd617d516d0e4f4abc37d70d507b8d48840e9da7e0e
b2b881c9d8128c4016dbdddc6fff0c7594db532e2f4ef0c1bf7916906ba7afaf
c383da4a6a8b3ef5a775c42886723aa5653003975a41ac467e9dea416b4667f1
cab81dec82a2a34c078e38c16ce2ea2d0fed56c179579a3d2e5160ba2d463051
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d4e0b51db940e096731fbe30fb3b9367be7f56e67005d654ad088512e1811ecd
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d5ba51a1691a42400fddc4ef5cdd2f11cf955f48d5270db69e60aa4d204e3e68
d64872744533f880e2db04feaad26db4e3d8ea4588be10f479f639c1e9582f4d
d7749beef876cdb9129bd50fa3ebbf2c288830e63a8aa5faf1ed388814c8cf9a
d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3
d8f284c5c340f59de5287a2caba4a774c510a9cd43e3b045ed008ae2b5a2a923
e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79e44a9b1140d3980ddb96b9c8644ae4fc0d479082a6aeebab1c13b24759fcb
f05d8b1021127ec868b6addd35c8dc5c3411753bfd2f858da3471c52ffc53e3b
f51590d5dc8f61cfc0c025dfc89f35c726bef31ec33664ff8bebbb73e4fae660
fd3bdc66d79e1223c0a5cea58bd98436b90795b302b157e0dd6b99848ca55a05

www.assurance-voyage.axa-assistance.fr Open in urlscan Pro 34.149.129.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

0 %IPv6

11 Domains

15 Subdomains

10 IPs

4 Countries

1144 kBTransfer

2457 kBSize

16 Cookies

10 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.assurance-voyage.axa-assistance.fr Open in urlscan Pro
34.149.129.12 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

10
IPs

4
Countries

1144 kB
Transfer

2457 kB
Size

16
Cookies

45 HTTP transactions
0 data transactions