urlscan.io logo urlscan.io
SecurityTrails logo

www.assurance-voyage.axa-assistance.fr Open in urlscan Pro
34.149.129.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wwwbiggman.com/
Effective URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On September 07 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 11 HTTP transactions. The main IP is 34.149.129.12, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.assurance-voyage.axa-assistance.fr.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 11th 2023. Valid for: a year.
This is the only time www.assurance-voyage.axa-assistance.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.172.228.26 14061 (DIGITALOC...)
1 2 52.117.247.211 36351 (SOFTLAYER)
1 1 168.119.4.34 24940 (HETZNER-AS)
1 2 35.186.231.97 15169 (GOOGLE)
1 13.224.189.110 16509 (AMAZON-02)
1 1 108.128.125.55 16509 (AMAZON-02)
6 34.149.129.12 15169 (GOOGLE)
11 5
1    167.172.228.26 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
wwwbiggman.com
2    52.117.247.211 (United States)

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
myckdom.com
p374591.myckdom.com
1    168.119.4.34 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.34.4.119.168.clients.your-server.de
biddm.com
2    35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com
clk.tradedoubler.com
1    13.224.189.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-110.fra2.r.cloudfront.net
vht.tradedoubler.com
1    108.128.125.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-125-55.eu-west-1.compute.amazonaws.com
redirects.tradedoubler.com
6    34.149.129.12 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 12.129.149.34.bc.googleusercontent.com
www.assurance-voyage.axa-assistance.fr
Apex Domain
Subdomains		 Transfer
6 axa-assistance.fr
www.assurance-voyage.axa-assistance.fr
243 KB
4 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 94176
vht.tradedoubler.com — Cisco Umbrella Rank: 90323
redirects.tradedoubler.com — Cisco Umbrella Rank: 123597
6 KB
2 myckdom.com
myckdom.com — Cisco Umbrella Rank: 196792
p374591.myckdom.com
2 KB
1 biddm.com
biddm.com
584 B
1 wwwbiggman.com
wwwbiggman.com
2 KB
0 googletagmanager.com Failed
www.googletagmanager.com Failed
0 cookielaw.org Failed
cdn.cookielaw.org Failed
11 7
Domain Requested by
6 www.assurance-voyage.axa-assistance.fr www.assurance-voyage.axa-assistance.fr
2 clk.tradedoubler.com 1 redirects p374591.myckdom.com
1 redirects.tradedoubler.com 1 redirects
1 vht.tradedoubler.com clk.tradedoubler.com
1 biddm.com 1 redirects
1 p374591.myckdom.com
1 myckdom.com 1 redirects
1 wwwbiggman.com 1 redirects
0 www.googletagmanager.com Failed www.assurance-voyage.axa-assistance.fr
0 cdn.cookielaw.org Failed www.assurance-voyage.axa-assistance.fr
11 10

This site contains no links.

Subject Issuer Validity Valid
*.myckdom.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-20 -
2024-03-20		 a year crt.sh
*.tradedoubler.com
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
sales-services.axapartners.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-07-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Frame ID: 9B3E3CD4608590BC8FE80EB8EEEC35EC
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://wwwbiggman.com/ HTTP 302
    https://myckdom.com/aS/feedclick?s=a9ixEAiDmlzTKkoqb__nlY8uDhK_8R6j6jUvurVsDL7J9-5EtRimpRG_6U4hq... HTTP 302
    https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBus1Nta6YEjbZLADQXedZD8omtjGuC0Oc... Page URL
  2. https://biddm.com/czszl0k.php?key=ihqcqg45vr7634mntn22&subid=90671602879&bid=0.0008&site=44777... HTTP 302
    https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=50410scmya7rn8nc42 Page URL
  3. https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=50410scmya7rn8nc42 HTTP 302
    http://redirects.tradedoubler.com/projectr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tra... HTTP 302
    https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler... Page URL

Page Statistics

11
Requests

82 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

5
IPs

3
Countries

249 kB
Transfer

611 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wwwbiggman.com/ HTTP 302
    https://myckdom.com/aS/feedclick?s=a9ixEAiDmlzTKkoqb__nlY8uDhK_8R6j6jUvurVsDL7J9-5EtRimpRG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI3NDajatOk7jXw4cmSiDMaysLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwNPLmCCvrgRxHekL_DgR1RUuURui4B3gRZFqtpUa1BMwDNowApJLQXl7A4wxHbAwzbipXtCEKYH_RgiMRKUnAb9G8Srpmsthf69LTN-hPhyWhk1Sw0fZkzTCKWOSGWL4muXzT41rVEgf1PuekE_GeqxMEoXuB8_LegVArE7qLJ7Ks4q_6uRgU0agKFQ3OFWtIIRNLE8O87N0eIk_MOOk6MhLC1UC8iiAOnQj-WElFx0_5rs-p4_nAhjoq8PC0PJDZpMRpvef0FtnoPyh6HwBq5u60tjehB70xbj8ouU2FXMjtYWopAccMeI-XUo7mEVfsr9KQiEoBmnHUgHU2Z4da_Fg0sdPor7n0xB1MFUtFbOg70rfzjC_m_r9aOvS92mANqOV8wTkBpqUEWTnN0X0Ef6Pe--rNmbnEcEfvRJP3_5O093vWpTurLtDHBUqtKR3BHg3eFNv2vWkLl3eRzT6o1uiuRYMnkBPX8wXtlx9eBRBwRLURu7RNzeMM1quQsCk94Y82eb_rA2klWXOUraDQri5ogzaiNsIkbZ5F6KfiH9YI6sjdRUgirjXEuw6pdJZBSL1c9cFUTWuzuJS8FaOTxbZNL_sN3qJYRwxh8r78HQAD7M3w7tgN3ao1rz-2k-rxeA9qRgGvqzwTts7Pl5c5Ger73w_fEgDx3E85TnCFvszy6wgErdxrYTqXIMOGWk6Jh9GwoJII7YO3acraJPj2wOy0Y7yAkZzLXeCYLlhdQ7xlxCDP32lrwWFat4j06-Fee8nbydQj5XXu6Bo6gr_eb4dCYw1cparnZh7Wk5sUOhCjRiYdZhGQgc8DCSOYN4on7QJZKtKSEttAwxarlpGROGE4IZSGUHoNou_ey3R8UKvNYHKXkDPUjAzxbTyJ5baIoDedHBnef3hkfFJK1kgzcc82wtwCzU3MJILYK6vRDGEtY3K6zn5Uo15TY6BMnMAL24TLPbPVJDuOTQNc2cfRZq7YOWLroL5e5wAN9fa0E-Wd3OcjyJXOkd7sA5aOd9UuQjxhBq9n24X867UhjQK3ly-qAieE-hrFLPhVQUq_u0hHQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBI3p5qNoq8FWUywVSpu9I9G8Jwrt73HDElHaauiSvts47WwBM7LF7_Z1NIW6aa3NOGSwA0F3nWQ_l9pvAjozaOYXseaHP4W0X2n7LpioIOFyxnM_9nPzGI0S4SheAPBdh05Q1mPv7CZjOBZOWprgzzwD-RtqD0DhJxKiHX1L-AuSqVZ6y3AqpSKR8HPde6EwgG2D4R8i5sQA-plTVWK4qTJs2MUin9Vm31xAFptYsr-Vu8uuu3sqLgi4PjRO8RqAw3Mjsg_D6VqCQAYM6Ia39fp4Yd5VDR2A3h54JnI2Vdoe_mqEWbjckbUKCwy1T5ZpRCjdXpiZ6kOY9ZXQgtAubvTzriWJe5KgGTgnzB0ET-BCn4Pv71T5en28jnIYq19-pqc4X0jF2L2v7tGe10QGZ-4Z4NgUOjw7fNYDgeAHHCIBAoZaumbwGL1t51jBqPLKy6hEpuhu41NI4HJunKpK9iFDiILtu5BNa4TNAgq6r7icZZJCxAdeOqU HTTP 302
    https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBus1Nta6YEjbZLADQXedZD8omtjGuC0OcRr0xbD5Kc52fisO_OrjD1veYWwfKa4_K0jQ5Zd-KwuJj418N8uMD8DUeCC0nH4L4AxthP53tZhiAOTrG4GlGQz6CROakyXf7cl0HRszdT3M2qMKnXT3hY2RUsEzPajGH7TQTpijXjNYAomT24TqhoCxEUwzDH3cj2XYL7YeyeyRN3MFC_gq5mqTSZ_PJVWT9wW2EPX3lzlhOP4Y9yygj9tfb5FQeZl75NtmHa-sXA6Bn1DbzMgbGtzu0Z7XRAZn7kv7EJ8xQviaeyZeB4t_suqnOF9Ixdi9r-7RntdEBmfuJPjBUjMHixT4iiQpmMVBnoQYB6caNqz3WMjz-NG7AuKdJNtNwRhCgtGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkCzkvlz9Y250OTCdI68b6D8qj1HVaOgt_lw&ui=a9ixEAiDmlzTKkoqb__nlfbWwvziNp_1xLgNeF8Zj-jDUYPeRqtpB5Ge88JognoZhUTPixHCn9Y16zRZXC5Ig-q7SArkCcEF-HMWtfL2j79LPxBzoWl22w&si=1&oref=d4f73c3771d8517b6593ce700b01443b&optunit=dfPiVMfPgwDQNGg7YS0XgA&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0 Page URL
  2. https://biddm.com/czszl0k.php?key=ihqcqg45vr7634mntn22&subid=90671602879&bid=0.0008&site=447770824&os=Windows+10&browser=Chrome+116&carrier=UNKNOWN&device=Desktop&geo=FR&language=@@LANGUAGE@@&keyword=wwwbiggman.com+RO+bed+bugs+bee+removal+rodent+control+Garden+termites+wasp+nest+flea+control+pest+repeller+exterminator+mouse+exterminator+Home&campaign_name=TD13+-+AXA+Assistance+FR++Win HTTP 302
    https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=50410scmya7rn8nc42 Page URL
  3. https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=50410scmya7rn8nc42 HTTP 302
    http://redirects.tradedoubler.com/projectr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr&_td_deeplink=https://www.assurance-voyage.axa-assistance.fr/ HTTP 302
    https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wwwbiggman.com/ HTTP 302
  • https://myckdom.com/aS/feedclick?s=a9ixEAiDmlzTKkoqb__nlY8uDhK_8R6j6jUvurVsDL7J9-5EtRimpRG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI3NDajatOk7jXw4cmSiDMaysLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwNPLmCCvrgRxHekL_DgR1RUuURui4B3gRZFqtpUa1BMwDNowApJLQXl7A4wxHbAwzbipXtCEKYH_RgiMRKUnAb9G8Srpmsthf69LTN-hPhyWhk1Sw0fZkzTCKWOSGWL4muXzT41rVEgf1PuekE_GeqxMEoXuB8_LegVArE7qLJ7Ks4q_6uRgU0agKFQ3OFWtIIRNLE8O87N0eIk_MOOk6MhLC1UC8iiAOnQj-WElFx0_5rs-p4_nAhjoq8PC0PJDZpMRpvef0FtnoPyh6HwBq5u60tjehB70xbj8ouU2FXMjtYWopAccMeI-XUo7mEVfsr9KQiEoBmnHUgHU2Z4da_Fg0sdPor7n0xB1MFUtFbOg70rfzjC_m_r9aOvS92mANqOV8wTkBpqUEWTnN0X0Ef6Pe--rNmbnEcEfvRJP3_5O093vWpTurLtDHBUqtKR3BHg3eFNv2vWkLl3eRzT6o1uiuRYMnkBPX8wXtlx9eBRBwRLURu7RNzeMM1quQsCk94Y82eb_rA2klWXOUraDQri5ogzaiNsIkbZ5F6KfiH9YI6sjdRUgirjXEuw6pdJZBSL1c9cFUTWuzuJS8FaOTxbZNL_sN3qJYRwxh8r78HQAD7M3w7tgN3ao1rz-2k-rxeA9qRgGvqzwTts7Pl5c5Ger73w_fEgDx3E85TnCFvszy6wgErdxrYTqXIMOGWk6Jh9GwoJII7YO3acraJPj2wOy0Y7yAkZzLXeCYLlhdQ7xlxCDP32lrwWFat4j06-Fee8nbydQj5XXu6Bo6gr_eb4dCYw1cparnZh7Wk5sUOhCjRiYdZhGQgc8DCSOYN4on7QJZKtKSEttAwxarlpGROGE4IZSGUHoNou_ey3R8UKvNYHKXkDPUjAzxbTyJ5baIoDedHBnef3hkfFJK1kgzcc82wtwCzU3MJILYK6vRDGEtY3K6zn5Uo15TY6BMnMAL24TLPbPVJDuOTQNc2cfRZq7YOWLroL5e5wAN9fa0E-Wd3OcjyJXOkd7sA5aOd9UuQjxhBq9n24X867UhjQK3ly-qAieE-hrFLPhVQUq_u0hHQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBI3p5qNoq8FWUywVSpu9I9G8Jwrt73HDElHaauiSvts47WwBM7LF7_Z1NIW6aa3NOGSwA0F3nWQ_l9pvAjozaOYXseaHP4W0X2n7LpioIOFyxnM_9nPzGI0S4SheAPBdh05Q1mPv7CZjOBZOWprgzzwD-RtqD0DhJxKiHX1L-AuSqVZ6y3AqpSKR8HPde6EwgG2D4R8i5sQA-plTVWK4qTJs2MUin9Vm31xAFptYsr-Vu8uuu3sqLgi4PjRO8RqAw3Mjsg_D6VqCQAYM6Ia39fp4Yd5VDR2A3h54JnI2Vdoe_mqEWbjckbUKCwy1T5ZpRCjdXpiZ6kOY9ZXQgtAubvTzriWJe5KgGTgnzB0ET-BCn4Pv71T5en28jnIYq19-pqc4X0jF2L2v7tGe10QGZ-4Z4NgUOjw7fNYDgeAHHCIBAoZaumbwGL1t51jBqPLKy6hEpuhu41NI4HJunKpK9iFDiILtu5BNa4TNAgq6r7icZZJCxAdeOqU HTTP 302
  • https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBus1Nta6YEjbZLADQXedZD8omtjGuC0OcRr0xbD5Kc52fisO_OrjD1veYWwfKa4_K0jQ5Zd-KwuJj418N8uMD8DUeCC0nH4L4AxthP53tZhiAOTrG4GlGQz6CROakyXf7cl0HRszdT3M2qMKnXT3hY2RUsEzPajGH7TQTpijXjNYAomT24TqhoCxEUwzDH3cj2XYL7YeyeyRN3MFC_gq5mqTSZ_PJVWT9wW2EPX3lzlhOP4Y9yygj9tfb5FQeZl75NtmHa-sXA6Bn1DbzMgbGtzu0Z7XRAZn7kv7EJ8xQviaeyZeB4t_suqnOF9Ixdi9r-7RntdEBmfuJPjBUjMHixT4iiQpmMVBnoQYB6caNqz3WMjz-NG7AuKdJNtNwRhCgtGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkCzkvlz9Y250OTCdI68b6D8qj1HVaOgt_lw&ui=a9ixEAiDmlzTKkoqb__nlfbWwvziNp_1xLgNeF8Zj-jDUYPeRqtpB5Ge88JognoZhUTPixHCn9Y16zRZXC5Ig-q7SArkCcEF-HMWtfL2j79LPxBzoWl22w&si=1&oref=d4f73c3771d8517b6593ce700b01443b&optunit=dfPiVMfPgwDQNGg7YS0XgA&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Request Chain 1
  • https://biddm.com/czszl0k.php?key=ihqcqg45vr7634mntn22&subid=90671602879&bid=0.0008&site=447770824&os=Windows+10&browser=Chrome+116&carrier=UNKNOWN&device=Desktop&geo=FR&language=@@LANGUAGE@@&keyword=wwwbiggman.com+RO+bed+bugs+bee+removal+rodent+control+Garden+termites+wasp+nest+flea+control+pest+repeller+exterminator+mouse+exterminator+Home&campaign_name=TD13+-+AXA+Assistance+FR++Win HTTP 302
  • https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=50410scmya7rn8nc42

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
domainClick
p374591.myckdom.com/adServe/
Redirect Chain
  • http://wwwbiggman.com/
  • https://myckdom.com/aS/feedclick?s=a9ixEAiDmlzTKkoqb__nlY8uDhK_8R6j6jUvurVsDL7J9-5EtRimpRG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI3NDajatOk7jXw4cmSiDMaysLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwNP...
  • https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBus1Nta6YEjbZLADQXedZD8omtjGuC0OcRr0xbD5Kc52fisO_OrjD1veYWwfKa4_K0jQ5Zd-KwuJj418N8uMD8DUeCC0nH4L4AxthP53tZhiAOTrG4GlGQz6CROaky...
583 B
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBus1Nta6YEjbZLADQXedZD8omtjGuC0OcRr0xbD5Kc52fisO_OrjD1veYWwfKa4_K0jQ5Zd-KwuJj418N8uMD8DUeCC0nH4L4AxthP53tZhiAOTrG4GlGQz6CROakyXf7cl0HRszdT3M2qMKnXT3hY2RUsEzPajGH7TQTpijXjNYAomT24TqhoCxEUwzDH3cj2XYL7YeyeyRN3MFC_gq5mqTSZ_PJVWT9wW2EPX3lzlhOP4Y9yygj9tfb5FQeZl75NtmHa-sXA6Bn1DbzMgbGtzu0Z7XRAZn7kv7EJ8xQviaeyZeB4t_suqnOF9Ixdi9r-7RntdEBmfuJPjBUjMHixT4iiQpmMVBnoQYB6caNqz3WMjz-NG7AuKdJNtNwRhCgtGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkCzkvlz9Y250OTCdI68b6D8qj1HVaOgt_lw&ui=a9ixEAiDmlzTKkoqb__nlfbWwvziNp_1xLgNeF8Zj-jDUYPeRqtpB5Ge88JognoZhUTPixHCn9Y16zRZXC5Ig-q7SArkCcEF-HMWtfL2j79LPxBzoWl22w&si=1&oref=d4f73c3771d8517b6593ce700b01443b&optunit=dfPiVMfPgwDQNGg7YS0XgA&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 12:50:38 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Thu, 07 Sep 2023 12:50:38 GMT
location
https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBus1Nta6YEjbZLADQXedZD8omtjGuC0OcRr0xbD5Kc52fisO_OrjD1veYWwfKa4_K0jQ5Zd-KwuJj418N8uMD8DUeCC0nH4L4AxthP53tZhiAOTrG4GlGQz6CROakyXf7cl0HRszdT3M2qMKnXT3hY2RUsEzPajGH7TQTpijXjNYAomT24TqhoCxEUwzDH3cj2XYL7YeyeyRN3MFC_gq5mqTSZ_PJVWT9wW2EPX3lzlhOP4Y9yygj9tfb5FQeZl75NtmHa-sXA6Bn1DbzMgbGtzu0Z7XRAZn7kv7EJ8xQviaeyZeB4t_suqnOF9Ixdi9r-7RntdEBmfuJPjBUjMHixT4iiQpmMVBnoQYB6caNqz3WMjz-NG7AuKdJNtNwRhCgtGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkCzkvlz9Y250OTCdI68b6D8qj1HVaOgt_lw&ui=a9ixEAiDmlzTKkoqb__nlfbWwvziNp_1xLgNeF8Zj-jDUYPeRqtpB5Ge88JognoZhUTPixHCn9Y16zRZXC5Ig-q7SArkCcEF-HMWtfL2j79LPxBzoWl22w&si=1&oref=d4f73c3771d8517b6593ce700b01443b&optunit=dfPiVMfPgwDQNGg7YS0XgA&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
server
nginx
click
clk.tradedoubler.com/
Redirect Chain
  • https://biddm.com/czszl0k.php?key=ihqcqg45vr7634mntn22&subid=90671602879&bid=0.0008&site=447770824&os=Windows+10&browser=Chrome+116&carrier=UNKNOWN&device=Desktop&geo=FR&language=@@LANGUAGE@@&keywo...
  • https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=50410scmya7rn8nc42
852 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=50410scmya7rn8nc42
Requested by
Host: p374591.myckdom.com
URL: https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlFJDNqNiPfBus1Nta6YEjbZLADQXedZD8omtjGuC0OcRr0xbD5Kc52fisO_OrjD1veYWwfKa4_K0jQ5Zd-KwuJj418N8uMD8DUeCC0nH4L4AxthP53tZhiAOTrG4GlGQz6CROakyXf7cl0HRszdT3M2qMKnXT3hY2RUsEzPajGH7TQTpijXjNYAomT24TqhoCxEUwzDH3cj2XYL7YeyeyRN3MFC_gq5mqTSZ_PJVWT9wW2EPX3lzlhOP4Y9yygj9tfb5FQeZl75NtmHa-sXA6Bn1DbzMgbGtzu0Z7XRAZn7kv7EJ8xQviaeyZeB4t_suqnOF9Ixdi9r-7RntdEBmfuJPjBUjMHixT4iiQpmMVBnoQYB6caNqz3WMjz-NG7AuKdJNtNwRhCgtGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkCzkvlz9Y250OTCdI68b6D8qj1HVaOgt_lw&ui=a9ixEAiDmlzTKkoqb__nlfbWwvziNp_1xLgNeF8Zj-jDUYPeRqtpB5Ge88JognoZhUTPixHCn9Y16zRZXC5Ig-q7SArkCcEF-HMWtfL2j79LPxBzoWl22w&si=1&oref=d4f73c3771d8517b6593ce700b01443b&optunit=dfPiVMfPgwDQNGg7YS0XgA&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.231.186.35.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
d51cd4017d9f8f99024c5b9d04ea4d905d37feb60da0ae0708af425f4b19b211

Request headers

Referer
https://p374591.myckdom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
852
content-type
text/html; charset=ISO-8859-1
date
Thu, 07 Sep 2023 12:51:00 GMT
pragma
no-cache
referrer-policy
origin
server
TXServerHttp
via
1.1 google

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 12:50:57 GMT
Location
https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=50410scmya7rn8nc42
Server
nginx/1.24.0
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=50410scmya7rn8nc42
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-110.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
e88544a0b333b266c598a72cdef1ffb8cefbc24df90efef83c8f046df08967ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
Date
Wed, 06 Sep 2023 12:46:43 GMT
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA2-C1
Age
86660
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3598
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 01 Jun 2023 10:47:07 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
Bo7wNHjg0bQWTA9AFR7XRDP9qzsKaSeR9kfflp_LOx77n3aV2t5IkQ==
Primary Request /
www.assurance-voyage.axa-assistance.fr/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=267636&a=3224772&epi=50410scmya7rn8nc42
  • http://redirects.tradedoubler.com/projectr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr&_td_deeplink=https://www.assurance-voyage.axa-assistance.fr/
  • https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
203 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
7f646e6975dc85d7f94599023cbfdf0294a946dbe191b3cb3980c9ef456dc0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://clk.tradedoubler.com
Referer
https://clk.tradedoubler.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 07 Sep 2023 12:51:05 GMT
etag
W/"881e93ca"
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1

Redirect headers

Cache-control
no-cache="set-cookie"
Connection
keep-alive
Content-Length
1
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 12:51:03 GMT
Location
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Server
Apache/2.4.57 (Ubuntu)
index.js
www.assurance-voyage.axa-assistance.fr/o/frontend-js-svg4everybody-web/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/frontend-js-svg4everybody-web/index.js
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
32e1970356bfcfa99cc54aeaec6949785efb0eab022cab894f3c0dd3e9c4449f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 06:22:29 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Fri, 29 Apr 2022 06:01:44 GMT
age
23317
etag
"86a92ce7"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3096
x-xss-protection
1
neo.css
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/ 		206 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/neo.css?t=1694003122000
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
f05d8b1021127ec868b6addd35c8dc5c3411753bfd2f858da3471c52ffc53e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
last-modified
Wed, 06 Sep 2023 12:25:22 GMT
age
1038
etag
W/"1b6619e6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23930
x-xss-protection
1
override.css
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/ 		1 KB
590 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/css/override.css?t=1694003122000
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
d8f284c5c340f59de5287a2caba4a774c510a9cd43e3b045ed008ae2b5a2a923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:30:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
last-modified
Wed, 06 Sep 2023 12:25:22 GMT
age
1248
etag
W/"f469e1b3"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
459
x-xss-protection
1
lazysizes.js
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/js/lazysizes.js?t=1694003122000
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
68968cee2f6a5854a60ac6174c545cf54d73fe63e8bfcfa8544e081a0ec431d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:36:50 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 06 Sep 2023 12:25:22 GMT
age
856
etag
"d8e9185c"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8254
x-xss-protection
1
neo.js
www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/js/ 		179 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.assurance-voyage.axa-assistance.fr/o/neo-travel-axa-theme/js/neo.js?t=1694003122000
Requested by
Host: www.assurance-voyage.axa-assistance.fr
URL: https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.129.12 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
12.129.149.34.bc.googleusercontent.com
Software
/
Resource Hash
66bedf1ae5a12cc02622a31ebe44e2c671b2d6d7a8b885b3fd638e7e43a49f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.assurance-voyage.axa-assistance.fr/?at_medium=Affiliation&at_campaign=Aff_TD-FR_Travel&at_platform=Tradedoubler_bidvertiser.com+fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:36:50 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Wed, 06 Sep 2023 12:25:22 GMT
age
856
etag
"5b96b8ac"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
182995
x-xss-protection
1
OtAutoBlock.js
cdn.cookielaw.org/consent/72ddb531-517f-470c-b237-dfef93481d9b/ 		0
0
gtm.js
www.googletagmanager.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.cookielaw.org
URL
https://cdn.cookielaw.org/consent/72ddb531-517f-470c-b237-dfef93481d9b/OtAutoBlock.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-K6JJDR

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| cookieExist object| dataLayer function| pushDataLayerCTA function| defaultPianoCookie function| svg4everybody

11 Cookies

Domain/Path Name / Value
.myckdom.com/ Name: rhid
Value: 83612816206
.myckdom.com/ Name: loi
Value: ad_1647281_off_1089936_aff_88987_cid_374591-WWWBIGGMAN.COM_ts_1694091038
biddm.com/ Name: uclick
Value: scmya7rn8n
biddm.com/ Name: uclickhash
Value: scmya7rn8n-scmya7rn8n-ntuq-0-ntuq-gx4kbl-wha1-20eff8
.tradedoubler.com/ Name: EH_0
Value: 1z11z1z12wz10hk8Qz1EKayaPGsAmuyFC7P9Tnq%79atKkVFbvKG9WPrn9G6PauXTb1dSKxoQXBJerhrj.B39RoxFx3_H_nXLg.VCmU5nYF5bb
.tradedoubler.com/ Name: GUID
Value: 1z11zz12wz23Z2Q2z832a527616e67f26f63d9cb46de31d2e
redirects.tradedoubler.com/ Name: AWSELB
Value: FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C92448B5DC41B6DF8F1BB665B74D1DBC44C6284783DD3A44B4296A014025AD53248C1BA03E231E71D15DBA2CF9A7C59ACA2
www.assurance-voyage.axa-assistance.fr/ Name: JSESSIONID
Value: 99CA4519ADE3F92C53C42D7F060FA57E
www.assurance-voyage.axa-assistance.fr/ Name: COOKIE_SUPPORT
Value: true
www.assurance-voyage.axa-assistance.fr/ Name: GUEST_LANGUAGE_ID
Value: fr_FR
www.assurance-voyage.axa-assistance.fr/ Name: SERVER_ID
Value: eed665fd56cd9bdc