corporate-v2-be-sta.erescueglobal.com Open in urlscan Pro
2606:2800:233:1cb7:261b:1f9c:2074:3c Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://corporate-v2-be-sta.erescueglobal.com/
Submission: On February 15 via automatic, source certstream-suspicious (February 15th 2024, 8:52:46 am UTC) — Scanned from DE

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 39 HTTP transactions. The main IP is 2606:2800:233:1cb7:261b:1f9c:2074:3c, located in United States and belongs to EDGECAST, US. The main domain is corporate-v2-be-sta.erescueglobal.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 15th 2024. Valid for: a year.

This is the only time corporate-v2-be-sta.erescueglobal.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Axa (Insurance)

Domain & IP information

	IP Address	AS Autonomous System
11	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
5	52.3.172.99 52.3.172.99	14618 (AMAZON-AES) (AMAZON-AES)
6	2600:9000:225... 2600:9000:2251:3200:15:1def:a40:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:225... 2600:9000:2251:7400:15:1def:a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.50.88.244 20.50.88.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
39	11

11 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

corporate-v2-be-sta.erescueglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.3.172.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-172-99.compute-1.amazonaws.com

aa-holding-homemanager.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2251:3200:15:1def:a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

aa-holding-erescue-business.cdn.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2251:7400:15:1def:a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

aa-holding-erescue-technical.cdn.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.244 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	prismic.io aa-holding-homemanager.prismic.io aa-holding-erescue-business.cdn.prismic.io aa-holding-erescue-technical.cdn.prismic.io	40 KB
11	erescueglobal.com corporate-v2-be-sta.erescueglobal.com	3 MB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 934 c.clarity.ms — Cisco Umbrella Rank: 1449 r.clarity.ms — Cisco Umbrella Rank: 8372	27 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 754	206 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	156 KB
2	gstatic.com www.gstatic.com	18 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 280	764 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2000	269 B
39	8

	Domain	Requested by
11	corporate-v2-be-sta.erescueglobal.com	corporate-v2-be-sta.erescueglobal.com
6	aa-holding-erescue-technical.cdn.prismic.io	corporate-v2-be-sta.erescueglobal.com
6	aa-holding-erescue-business.cdn.prismic.io	corporate-v2-be-sta.erescueglobal.com
5	aa-holding-homemanager.prismic.io	corporate-v2-be-sta.erescueglobal.com
2	c.clarity.ms	1 redirects
2	dc.services.visualstudio.com	corporate-v2-be-sta.erescueglobal.com
2	www.clarity.ms	corporate-v2-be-sta.erescueglobal.com www.clarity.ms
2	www.googletagmanager.com	corporate-v2-be-sta.erescueglobal.com www.googletagmanager.com
2	www.gstatic.com	corporate-v2-be-sta.erescueglobal.com
1	r.clarity.ms	corporate-v2-be-sta.erescueglobal.com
1	c.bing.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
39	12

This site contains no links.

Subject Issuer	Validity	Valid
sni358bfgl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-15` - `2025-02-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.prismic.io Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.cdn.prismic.io Amazon RSA 2048 M03	`2023-08-16` - `2024-09-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 07	`2024-02-12` - `2025-02-06`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://corporate-v2-be-sta.erescueglobal.com/
Frame ID: C58449FA39B2DFDD3491E4175A29C4B6
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AXA Corporate

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

39
Requests

97 %
HTTPS

67 %
IPv6

8
Domains

12
Subdomains

11
IPs

4
Countries

3762 kB
Transfer

4226 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CD206D58B57545F0AFCC4FDD93F292D2&RedC=c.clarity.ms&MXFR=300495296F37612D3662810F6B376FF3 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CD206D58B57545F0AFCC4FDD93F292D2&MUID=05347F54D5386CBC189D6B72D4536D12

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
corporate-v2-be-sta.erescueglobal.com/ 984 B
1 KB 171ms
44ms Document
text/html 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://corporate-v2-be-sta.erescueglobal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

3b058fb13484991b57c9f74a12d660718e2a47a62ba4c241c3d88da482b9968d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://erescue-iframe.vercel.app;
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
content-length: 984
content-md5: Z09QihrK6Cq791dKZxO/wQ==
content-security-policy: frame-ancestors https://erescue-iframe.vercel.app;
content-type: text/html; charset=UTF-8
date: Thu, 15 Feb 2024 08:52:41 GMT
etag: 0x8DC2C8E695D988F
last-modified: Tue, 13 Feb 2024 12:22:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=3600; includeSubDomains
x-frame-options: sameorigin
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 87b26516-601e-0081-6dec-5f2717000000
x-ms-version: 2009-09-19
x-xss-protection: 1; mode=block

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.22.1/ 20 KB
7 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.22.1/firebase-app.js

Requested by

Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25742a8128595fa2deaaf19d4ccd3382fe6f330ed0bdb4ff675b59e1ec2fc80a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6666
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 17:48:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 08:48:22 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/7.22.1/ 40 KB
11 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.22.1/firebase-messaging.js

Requested by

Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38df5c8cb08b4293084cb7138a88598e0aed51e21596f7a92334346c3dcfcf05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 06:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11051
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 17:48:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 06:58:50 GMT

GET
H2 200 main.7c83eb80.js Show response
corporate-v2-be-sta.erescueglobal.com/static/js/ 3 MB
3 MB 99ms
99ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js

Requested by

Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

1fbc4a891d76e33aa36b382be164ddfcdc128bd0e4ddaa3fd4ba2bc51d6d59df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://erescue-iframe.vercel.app;
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
content-security-policy: frame-ancestors https://erescue-iframe.vercel.app;
date: Thu, 15 Feb 2024 08:52:41 GMT
strict-transport-security: max-age=3600; includeSubDomains
content-md5: cy1DLhiNofT0m5+5/exxUg==
content-length: 2847384
x-xss-protection: 1; mode=block
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 12:22:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC2C8E6B56AD59
x-frame-options: sameorigin
content-type: text/javascript; charset=UTF-8
x-ms-request-id: 5b30e779-e01e-0054-10ec-5fc89a000000
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
x-ms-version: 2009-09-19

GET
H2 200 v2 Show response
aa-holding-homemanager.prismic.io/api/ 2 KB
1 KB 375ms
150ms Fetch
application/json 52.3.172.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-homemanager.prismic.io/api/v2?access_token=MC5ZVG1xa0JBQUFDRUFiTjN5.77-9BO-_ve-_ve-_vQvvv71b77-977-9E--_vRvvv73vv70Y77-977-977-9JGTvv71p77-977-977-977-9IO-_ve-_ve-_vSs
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.172.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-172-99.compute-1.amazonaws.com
Software: /
Resource Hash: 9ce04c4df2c8ebdbdaf58295152a27b8ca698d42cadfbe39fdb7b377810bcd74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 08:52:42 GMT
content-encoding: gzip
x-amzn-requestid: 1c953588-52ca-462b-b0b7-d32f8b2ffea3
x-amzn-trace-id: Root=1-65cdd0da-6e77ea2f291594754f147c41
x-ratelimit-remaining: 199
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, no-store
x-ratelimit-reset: 1707987163
x-ratelimit-limit: 200
x-amz-apigw-id: TK2SMHgToAMFzeA=
x-local-cache: MISS

GET
H2 200 search Show response
aa-holding-homemanager.prismic.io/api/v2/documents/ 39 KB
4 KB 229ms
229ms Fetch
application/json 52.3.172.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-homemanager.prismic.io/api/v2/documents/search?q=%5B%5Bat%28document.tags%2C+%5B%22urls%22%5D%29%5D%5D&pageSize=100&ref=Zc3BNRIAACsAeI2C&access_token=MC5ZVG1xa0JBQUFDRUFiTjN5.77-9BO-_ve-_ve-_vQvvv71b77-977-9E--_vRvvv73vv70Y77-977-977-9JGTvv71p77-977-977-977-9IO-_ve-_ve-_vSs
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.172.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-172-99.compute-1.amazonaws.com
Software: /
Resource Hash: c08ff7d0dbbe68e7a575f670aff49e5831708fbf433d2415affa00b356aea163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:42 GMT
content-encoding: gzip
x-amzn-requestid: 3279666e-cf1f-4ef4-8eb8-a51c0013633d
x-amzn-trace-id: Root=1-65cdd0da-44dcbc1506741a9a0c56b77e
x-ratelimit-remaining: 198
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
x-ratelimit-reset: 1707987163
x-ratelimit-limit: 200
x-amz-apigw-id: TK2SOH31IAMF22g=
x-local-cache: MISS

GET
H2 200 v2 Show response
aa-holding-erescue-business.cdn.prismic.io/api/ 2 KB
981 B 103ms
49ms Fetch
application/json 2600:9000:2251:3200:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-erescue-business.cdn.prismic.io/api/v2?access_token=MC5aUEhVZEJBQUFDUUEwd01B.77-9EO-_ve-_ve-_ve-_ve-_vVjvv73vv73vv73vv73vv70X77-977-9HWF-YHEjDC4N77-9Cinvv713axE
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3200:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: d6006b7666b358effb9988c9c5357e3415f13c3929da7ec613cfaad67c0a26c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:42 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-prismic-version: 6
x-prismic-region: eu-west-2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, no-store
x-amz-cf-id: WyuFvIeHy_ETyKAHkgc4Fr4-8E7Ih1AHFZzDp4siSp4Nn_IsiC1afQ==

GET
H2 200 v2 Show response
aa-holding-erescue-business.cdn.prismic.io/api/ 2 KB
982 B 103ms
50ms Fetch
application/json 2600:9000:2251:3200:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-erescue-business.cdn.prismic.io/api/v2?access_token=MC5aUEhVZEJBQUFDUUEwd01B.77-9EO-_ve-_ve-_ve-_ve-_vVjvv73vv73vv73vv73vv70X77-977-9HWF-YHEjDC4N77-9Cinvv713axE
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3200:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: d6006b7666b358effb9988c9c5357e3415f13c3929da7ec613cfaad67c0a26c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:42 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-prismic-version: 6
x-prismic-region: eu-west-2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, no-store
x-amz-cf-id: pL2qqnJfy0Gen3RMUIKiSroFuPx1hCddaohXXBZhuSwGc3VW_8aKdQ==

GET
H2 200 v2 Show response
aa-holding-erescue-business.cdn.prismic.io/api/ 2 KB
982 B 102ms
48ms Fetch
application/json 2600:9000:2251:3200:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-erescue-business.cdn.prismic.io/api/v2?access_token=MC5aUEhVZEJBQUFDUUEwd01B.77-9EO-_ve-_ve-_ve-_ve-_vVjvv73vv73vv73vv73vv70X77-977-9HWF-YHEjDC4N77-9Cinvv713axE
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3200:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: d6006b7666b358effb9988c9c5357e3415f13c3929da7ec613cfaad67c0a26c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:42 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-prismic-version: 6
x-prismic-region: eu-west-2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, no-store
x-amz-cf-id: _0WMc5CggbgyOdbZbT_flLTEe23w50hN06u-wjZq9NfXLBV-8FrbHw==

GET
H2 200 v2 Show response
aa-holding-erescue-technical.cdn.prismic.io/api/ 2 KB
999 B 99ms
45ms Fetch
application/json 2600:9000:2251:7400:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-erescue-technical.cdn.prismic.io/api/v2?access_token=MC5aUEhVOUJJQUFDSUFzQmhm.77-977-9MO-_ve-_ve-_ve-_ve-_ve-_vV_vv71h77-9Xe-_vSbvv71rH--_ve-_ve-_ve-_vVMEd--_vWrvv73vv70aFg
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7400:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a99328f8c815e3cd7861eda08d5a71fe8a70c99286b6c36744264d9a59ee27a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:42 GMT
content-encoding: gzip
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-prismic-version: 6
x-prismic-region: eu-west-2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, no-store
x-amz-cf-id: fKIM8RnDXF31yf2UGPRq1Ls0VAHCTrjZHl8V-ZTZ4OcI2mMQsh9rTw==

GET
H2 200 v2 Show response
aa-holding-erescue-technical.cdn.prismic.io/api/ 2 KB
999 B 97ms
44ms Fetch
application/json 2600:9000:2251:7400:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-erescue-technical.cdn.prismic.io/api/v2?access_token=MC5aUEhVOUJJQUFDSUFzQmhm.77-977-9MO-_ve-_ve-_ve-_ve-_ve-_vV_vv71h77-9Xe-_vSbvv71rH--_ve-_ve-_ve-_vVMEd--_vWrvv73vv70aFg
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7400:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a99328f8c815e3cd7861eda08d5a71fe8a70c99286b6c36744264d9a59ee27a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:42 GMT
content-encoding: gzip
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-prismic-version: 6
x-prismic-region: eu-west-2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, no-store
x-amz-cf-id: mO5pVRJxgEvTHDU6Bm9KU1t_ibU8br1vQW_Au4EbJS1Sw7vgIYfOTg==

GET
H2 200 v2 Show response
aa-holding-erescue-technical.cdn.prismic.io/api/ 2 KB
999 B 99ms
46ms Fetch
application/json 2600:9000:2251:7400:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-erescue-technical.cdn.prismic.io/api/v2?access_token=MC5aUEhVOUJJQUFDSUFzQmhm.77-977-9MO-_ve-_ve-_ve-_ve-_ve-_vV_vv71h77-9Xe-_vSbvv71rH--_ve-_ve-_ve-_vVMEd--_vWrvv73vv70aFg
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7400:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a99328f8c815e3cd7861eda08d5a71fe8a70c99286b6c36744264d9a59ee27a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:42 GMT
content-encoding: gzip
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
x-prismic-version: 6
x-prismic-region: eu-west-2
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, no-store
x-amz-cf-id: h1vGtpUSRMYyxOJSO7gSp9WjBE7St6oHMcfw8mivvrfTvFYx-I7hnA==

GET
H2 200 search Show response
aa-holding-homemanager.prismic.io/api/v2/documents/ 20 KB
7 KB 322ms
322ms Fetch
application/json 52.3.172.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-homemanager.prismic.io/api/v2/documents/search?q=%5B%5Bat%28document.tags%2C+%5B%22axa-corporate-be%22%2C+%22sta%22%5D%29%5D%5D&pageSize=100&ref=Zc3BNRIAACsAeI2C&access_token=MC5ZVG1xa0JBQUFDRUFiTjN5.77-9BO-_ve-_ve-_vQvvv71b77-977-9E--_vRvvv73vv70Y77-977-977-9JGTvv71p77-977-977-977-9IO-_ve-_ve-_vSs
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.172.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-172-99.compute-1.amazonaws.com
Software: /
Resource Hash: b56490c7e70c7a987d5d115b838c785726cfdfdafe0716e3cb960056a269835c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:43 GMT
content-encoding: gzip
x-amzn-requestid: bcb7d3d2-687f-4131-a3ef-1b88cae8f3f9
x-amzn-trace-id: Root=1-65cdd0da-43947f4d3b2cbff17e994e72
x-ratelimit-remaining: 195
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
x-ratelimit-reset: 1707987163
x-ratelimit-limit: 200
x-amz-apigw-id: TK2SQENxIAMFQEg=
x-local-cache: MISS

GET
H2 200 search Show response
aa-holding-homemanager.prismic.io/api/v2/documents/ 21 KB
7 KB 321ms
321ms Fetch
application/json 52.3.172.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-homemanager.prismic.io/api/v2/documents/search?q=%5B%5Bat%28document.tags%2C+%5B%22motor-be%22%2C+%22sta%22%5D%29%5D%5D&pageSize=100&ref=Zc3BNRIAACsAeI2C&access_token=MC5ZVG1xa0JBQUFDRUFiTjN5.77-9BO-_ve-_ve-_vQvvv71b77-977-9E--_vRvvv73vv70Y77-977-977-9JGTvv71p77-977-977-977-9IO-_ve-_ve-_vSs
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.172.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-172-99.compute-1.amazonaws.com
Software: /
Resource Hash: 6c1b0cb5c9dbee363074bc5ccfb9e7ce40c70d8de97768860b3db446664fbf66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:43 GMT
content-encoding: gzip
x-amzn-requestid: ecdb6df4-e043-4018-9cca-12f6c043a661
x-amzn-trace-id: Root=1-65cdd0da-75b3b19a124b7da61628d367
x-ratelimit-remaining: 196
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
x-ratelimit-reset: 1707987163
x-ratelimit-limit: 200
x-amz-apigw-id: TK2SQEK7IAMFREw=
x-local-cache: MISS

GET
H2 200 search Show response
aa-holding-homemanager.prismic.io/api/v2/documents/ 20 KB
7 KB 225ms
224ms Fetch
application/json 52.3.172.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-homemanager.prismic.io/api/v2/documents/search?q=%5B%5Bat%28document.tags%2C+%5B%22global%22%2C+%22sta%22%5D%29%5D%5D&pageSize=100&ref=Zc3BNRIAACsAeI2C&access_token=MC5ZVG1xa0JBQUFDRUFiTjN5.77-9BO-_ve-_ve-_vQvvv71b77-977-9E--_vRvvv73vv70Y77-977-977-9JGTvv71p77-977-977-977-9IO-_ve-_ve-_vSs
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.172.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-172-99.compute-1.amazonaws.com
Software: /
Resource Hash: 7676c749767e2131ea49b0c48cfa1038a4ff0983696dcd2cfb3b94507e7dc46f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:43 GMT
content-encoding: gzip
x-amzn-requestid: 39eff6f7-cf44-46da-98f5-e04b616776b9
x-amzn-trace-id: Root=1-65cdd0da-45daf2ec3d76baf23a386268
x-ratelimit-remaining: 197
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
x-ratelimit-reset: 1707987163
x-ratelimit-limit: 200
x-amz-apigw-id: TK2SQF7moAMFcbw=
x-local-cache: MISS

GET
H2 200 search Show response
aa-holding-erescue-technical.cdn.prismic.io/api/v2/documents/ 2 KB
1 KB 10ms
10ms Fetch
application/json 2600:9000:2251:7400:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-erescue-technical.cdn.prismic.io/api/v2/documents/search?q=%5B%5Bat%28document.tags%2C+%5B%22motor-be%22%2C+%22sta%22%5D%29%5D%5D&pageSize=100&ref=Zc3A_hAAACEANZu3&access_token=MC5aUEhVOUJJQUFDSUFzQmhm.77-977-9MO-_ve-_ve-_ve-_ve-_ve-_vV_vv71h77-9Xe-_vSbvv71rH--_ve-_ve-_ve-_vVMEd--_vWrvv73vv70aFg
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7400:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 04e323ca43a4889908d1a794ffa3f717baab433410f389dfacaa9292ec1f41b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:49:10 GMT
content-encoding: gzip
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 213
x-amzn-requestid: c361f60e-8587-40e7-be03-6f184c7321b2
x-cache: Hit from cloudfront
x-amz-apigw-id: TK1xCFXwoAMFasw=
x-amzn-trace-id: Root=1-65cdd006-760f24374c5bec024fcddb54
x-ratelimit-remaining: 198
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
x-ratelimit-reset: 1707986951
x-ratelimit-limit: 200
x-local-cache: MISS
x-amz-cf-id: mYPJuECYwRWlOXH4Q5ruWfO_Fi9svbT_U3cbCBM2YB67JzMSpWPTvA==

GET
H2 200 search Show response
aa-holding-erescue-technical.cdn.prismic.io/api/v2/documents/ 2 KB
1 KB 11ms
11ms Fetch
application/json 2600:9000:2251:7400:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-erescue-technical.cdn.prismic.io/api/v2/documents/search?q=%5B%5Bat%28document.tags%2C+%5B%22axa-corporate-be%22%2C+%22sta%22%5D%29%5D%5D&pageSize=100&ref=Zc3A_hAAACEANZu3&access_token=MC5aUEhVOUJJQUFDSUFzQmhm.77-977-9MO-_ve-_ve-_ve-_ve-_ve-_vV_vv71h77-9Xe-_vSbvv71rH--_ve-_ve-_ve-_vVMEd--_vWrvv73vv70aFg
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7400:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4ecdc0fd329d71085136d3178d195f706922398d04125868a49f9ddfd154119a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:49:10 GMT
content-encoding: gzip
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 213
x-amzn-requestid: 4630e9bf-a486-449c-b3db-7ca6eae0515a
x-cache: Hit from cloudfront
x-amz-apigw-id: TK1xBHLgoAMFZDA=
x-amzn-trace-id: Root=1-65cdd006-47fa6bb67a06cf153982ec05
x-ratelimit-remaining: 199
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
x-ratelimit-reset: 1707986951
x-ratelimit-limit: 200
x-local-cache: MISS
x-amz-cf-id: --9RTX8xNAPKoSnvQvuQ_6CgcKJwM8x4oo6C_8hYNNaGZ3qHrd5oAA==

GET
H2 200 search Show response
aa-holding-erescue-technical.cdn.prismic.io/api/v2/documents/ 5 KB
2 KB 8ms
8ms Fetch
application/json 2600:9000:2251:7400:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-erescue-technical.cdn.prismic.io/api/v2/documents/search?q=%5B%5Bat%28document.tags%2C+%5B%22global%22%2C+%22sta%22%5D%29%5D%5D&pageSize=100&ref=Zc3A_hAAACEANZu3&access_token=MC5aUEhVOUJJQUFDSUFzQmhm.77-977-9MO-_ve-_ve-_ve-_ve-_ve-_vV_vv71h77-9Xe-_vSbvv71rH--_ve-_ve-_ve-_vVMEd--_vWrvv73vv70aFg
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:7400:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0b530bc9eb8bb26750224c6fa126642d98ea84fd939a7530e673022e30793b15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:06:48 GMT
content-encoding: gzip
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 2754
x-amzn-requestid: d9cd3b1c-a6db-4b0e-a140-a28eebc47dbf
x-cache: Hit from cloudfront
x-amz-apigw-id: TKvj7HGhoAMFYGg=
x-amzn-trace-id: Root=1-65cdc618-56a9801014317e791a94b88c
x-ratelimit-remaining: 197
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
x-ratelimit-reset: 1707984409
x-ratelimit-limit: 200
x-local-cache: MISS
x-amz-cf-id: ysUUovJvmn36zEmucQzo1buXmrCOyIZN0156cZpqqg64paPZUii3Lg==

GET
H2 200 search Show response
aa-holding-erescue-business.cdn.prismic.io/api/v2/documents/ 5 KB
2 KB 12ms
11ms Fetch
application/json 2600:9000:2251:3200:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-erescue-business.cdn.prismic.io/api/v2/documents/search?q=%5B%5Bat%28document.tags%2C+%5B%22global%22%2C+%22sta%22%5D%29%5D%5D&pageSize=100&ref=Zc3AjhIAAC0AXx_u&access_token=MC5aUEhVZEJBQUFDUUEwd01B.77-9EO-_ve-_ve-_ve-_ve-_vVjvv73vv73vv73vv73vv70X77-977-9HWF-YHEjDC4N77-9Cinvv713axE
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3200:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 69dd1b42f3a75e53beb5822ab19ccad49e61d0b000b47600d4edc6312a47f9c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:49:10 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 213
x-amzn-requestid: 0c17a48c-d8b1-45fa-be92-26599f600f14
x-cache: Hit from cloudfront
x-amz-apigw-id: TK1xCHUqIAMFSzg=
x-amzn-trace-id: Root=1-65cdd006-1ec58ca5273c1daf6d7c6fc4
x-ratelimit-remaining: 197
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
x-ratelimit-reset: 1707986951
x-ratelimit-limit: 200
x-robots-tag: noindex, noarchive, nosnippet
x-local-cache: MISS
x-amz-cf-id: jjt9j0eRF_oi5BxwQ_cUrjh-wrTUcBBiO2ZUARFSw0UBQJwUWDXN2Q==

GET
H2 200 search Show response
aa-holding-erescue-business.cdn.prismic.io/api/v2/documents/ 976 B
1 KB 12ms
12ms Fetch
application/json 2600:9000:2251:3200:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-erescue-business.cdn.prismic.io/api/v2/documents/search?q=%5B%5Bat%28document.tags%2C+%5B%22axa-corporate-be%22%2C+%22sta%22%5D%29%5D%5D&pageSize=100&ref=Zc3AjhIAAC0AXx_u&access_token=MC5aUEhVZEJBQUFDUUEwd01B.77-9EO-_ve-_ve-_ve-_ve-_vVjvv73vv73vv73vv73vv70X77-977-9HWF-YHEjDC4N77-9Cinvv713axE
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3200:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f1123fe0a595f50d86a57cce8ab54e6b5b7d108cde9778d006e5ebaa79f84df3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:49:10 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 213
x-amzn-requestid: 2f0e8157-8fa4-4eae-bc6e-1d25a204d909
x-cache: Hit from cloudfront
x-amz-apigw-id: TK1xBHb6oAMF8vg=
content-length: 976
x-amzn-trace-id: Root=1-65cdd006-1df21a706a28ac5100cd129b
x-ratelimit-remaining: 199
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
x-ratelimit-reset: 1707986951
x-ratelimit-limit: 200
x-local-cache: MISS
x-amz-cf-id: HmFnLHSJeN4pueJJfeAxg0FYzJoM2eoQBlc1N3nMW8uZzovAnJUlGg==

GET
H2 200 search Show response
aa-holding-erescue-business.cdn.prismic.io/api/v2/documents/ 1014 B
1 KB 10ms
10ms Fetch
application/json 2600:9000:2251:3200:15:1def:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa-holding-erescue-business.cdn.prismic.io/api/v2/documents/search?q=%5B%5Bat%28document.tags%2C+%5B%22motor-be%22%2C+%22sta%22%5D%29%5D%5D&pageSize=100&ref=Zc3AjhIAAC0AXx_u&access_token=MC5aUEhVZEJBQUFDUUEwd01B.77-9EO-_ve-_ve-_ve-_ve-_vVjvv73vv73vv73vv73vv70X77-977-9HWF-YHEjDC4N77-9Cinvv713axE
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3200:15:1def:a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7f0bd39c7a8c7773d478abd26586384497465ce6acd38305caa513a415ce63e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:49:10 GMT
content-encoding: gzip
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 213
x-amzn-requestid: 5fdd9b91-80b5-4b82-808c-322179c21d90
x-cache: Hit from cloudfront
x-amz-apigw-id: TK1xCFtloAMF3ew=
x-amzn-trace-id: Root=1-65cdd006-7dd0607b63dac7d65348704a
x-ratelimit-remaining: 198
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=315360000
x-ratelimit-reset: 1707986951
x-ratelimit-limit: 200
x-local-cache: MISS
x-amz-cf-id: L4KwLNjet9mlpmMgtq28XrlTtgDuK-PiXZVRM3CKUxp8wpSLm-0FXQ==

GET
H2 200 8163.5d3e47c3.chunk.js Show response
corporate-v2-be-sta.erescueglobal.com/static/js/ 608 KB
608 KB 74ms
74ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://corporate-v2-be-sta.erescueglobal.com/static/js/8163.5d3e47c3.chunk.js

Requested by

Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

1ab71bdde1e61a2f7e33d696af65d73651cfa0c1f5cd489994d29517513dbc1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://erescue-iframe.vercel.app;
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/maintenance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
content-security-policy: frame-ancestors https://erescue-iframe.vercel.app;
date: Thu, 15 Feb 2024 08:52:43 GMT
strict-transport-security: max-age=3600; includeSubDomains
content-md5: JisPd0+OHUOSPMi8Yq/diA==
content-length: 622300
x-xss-protection: 1; mode=block
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 12:22:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC2C8E6B49B6F1
x-frame-options: sameorigin
content-type: text/javascript; charset=UTF-8
x-ms-request-id: e9ba8fb6-001e-004c-7bec-5f17fd000000
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
x-ms-version: 2009-09-19

GET
H2 200 3843.a3ec4291.chunk.js Show response
corporate-v2-be-sta.erescueglobal.com/static/js/ 13 KB
13 KB 98ms
98ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://corporate-v2-be-sta.erescueglobal.com/static/js/3843.a3ec4291.chunk.js

Requested by

Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

240f77147aa664232129246e1a70de59febd49f8a94632b3b4d291da5f18e048

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://erescue-iframe.vercel.app;
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/maintenance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
content-security-policy: frame-ancestors https://erescue-iframe.vercel.app;
date: Thu, 15 Feb 2024 08:52:42 GMT
strict-transport-security: max-age=3600; includeSubDomains
content-md5: pWAbjJZhIy6WyRex6g5uOA==
content-length: 13675
x-xss-protection: 1; mode=block
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 12:22:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC2C8E6B317790
x-frame-options: sameorigin
content-type: text/javascript; charset=UTF-8
x-ms-request-id: 13c0c7ce-501e-001c-60ec-5fd5ad000000
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
x-ms-version: 2009-09-19

GET
H2 200 7261.43232b0f.chunk.js Show response
corporate-v2-be-sta.erescueglobal.com/static/js/ 5 KB
5 KB 100ms
100ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://corporate-v2-be-sta.erescueglobal.com/static/js/7261.43232b0f.chunk.js

Requested by

Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

6b6fe2f1628e0bf5b770c768623705d990869dc504b660f7d702ceac8ebf32e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://erescue-iframe.vercel.app;
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/maintenance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
content-security-policy: frame-ancestors https://erescue-iframe.vercel.app;
date: Thu, 15 Feb 2024 08:52:42 GMT
strict-transport-security: max-age=3600; includeSubDomains
content-md5: Ww8QQWMWqIPkHZy06qeLcA==
content-length: 4760
x-xss-protection: 1; mode=block
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 12:22:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC2C8E6B3DAAC7
x-frame-options: sameorigin
content-type: text/javascript; charset=UTF-8
x-ms-request-id: 75e2179b-b01e-002b-19ec-5f0701000000
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
x-ms-version: 2009-09-19

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 238 KB
76 KB 49ms
29ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NC3NNQJ&l=gtm&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

387709fbf1a502190456f625a32a9fbee86dc663c358dd016c313b3274dea074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77899
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Feb 2024 08:52:43 GMT

GET
H2 200 9gyujvej15 Show response
www.clarity.ms/tag/ 650 B
1013 B 204ms
129ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9gyujvej15
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c148408aa42fb316f7d668aca160b6a637a842ac0f2fbce6fbf4e9ebaf008f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: -1
date: Thu, 15 Feb 2024 08:52:43 GMT
x-azure-ref: 20240215T085243Z-kn4tnhqr2d0ffc03ucz4a4ua8w00000001v0000000006nc4
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 nl-BE.json Show response
corporate-v2-be-sta.erescueglobal.com/locales/synergy/ 34 KB
34 KB 36ms
36ms Fetch
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://corporate-v2-be-sta.erescueglobal.com/locales/synergy/nl-BE.json

Requested by

Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

56183b9883cd89f3fb467b30086ef4acd90e1833a74e1ebc31b1f651afe32ed2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://erescue-iframe.vercel.app;
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/maintenance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
content-security-policy: frame-ancestors https://erescue-iframe.vercel.app;
date: Thu, 15 Feb 2024 08:52:43 GMT
strict-transport-security: max-age=3600; includeSubDomains
content-md5: 5P/P5YQ6bCS87H241QN/nw==
content-length: 34484
x-xss-protection: 1; mode=block
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 12:22:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC2C8E6B24331B
x-frame-options: sameorigin
content-type: text/javascript; charset=UTF-8
x-ms-request-id: 8a727e37-301e-0047-53ec-5fec96000000
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
x-ms-version: 2009-09-19

GET
H2 200 axa_logo_solid_rgb.svg
corporate-v2-be-sta.erescueglobal.com/assets/images/ 2 KB
2 KB 62ms
61ms Image
image/svg+xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporate-v2-be-sta.erescueglobal.com/assets/images/axa_logo_solid_rgb.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

4f15551e8df16365a4eba91f078b16e4dc40959a98f6f8e1de8b2ad895ccc705

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://erescue-iframe.vercel.app;
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/maintenance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
content-security-policy: frame-ancestors https://erescue-iframe.vercel.app;
date: Thu, 15 Feb 2024 08:52:42 GMT
strict-transport-security: max-age=3600; includeSubDomains
content-md5: xagcahECN/0OsznL3xVOUw==
content-length: 2362
x-xss-protection: 1; mode=block
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 12:22:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC2C8E6A0188A5
x-frame-options: sameorigin
content-type: image/svg+xml
x-ms-request-id: 9a8ed5da-601e-004a-2dec-5f2442000000
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
x-ms-version: 2009-09-19

GET
H2 200 SourceSansPro-Semibold.ttf.woff2
corporate-v2-be-sta.erescueglobal.com/assets/fonts/ 15 KB
16 KB 36ms
35ms Font
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://corporate-v2-be-sta.erescueglobal.com/assets/fonts/SourceSansPro-Semibold.ttf.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://erescue-iframe.vercel.app;
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporate-v2-be-sta.erescueglobal.com/maintenance
Origin: https://corporate-v2-be-sta.erescueglobal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
content-security-policy: frame-ancestors https://erescue-iframe.vercel.app;
date: Thu, 15 Feb 2024 08:52:42 GMT
strict-transport-security: max-age=3600; includeSubDomains
content-md5: s4ZtP74jnodU9NtHlc4oFw==
content-length: 15784
x-xss-protection: 1; mode=block
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 12:22:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC2C8E69E21E72
x-frame-options: sameorigin
content-type: application/octet-stream
x-ms-request-id: a5710e21-901e-0013-76ec-5fa3c1000000
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
x-ms-version: 2009-09-19

GET
H2 200 SourceSansPro-Regular.ttf.woff2
corporate-v2-be-sta.erescueglobal.com/assets/fonts/ 16 KB
16 KB 58ms
58ms Font
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://corporate-v2-be-sta.erescueglobal.com/assets/fonts/SourceSansPro-Regular.ttf.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://erescue-iframe.vercel.app;
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporate-v2-be-sta.erescueglobal.com/maintenance
Origin: https://corporate-v2-be-sta.erescueglobal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
content-security-policy: frame-ancestors https://erescue-iframe.vercel.app;
date: Thu, 15 Feb 2024 08:52:42 GMT
strict-transport-security: max-age=3600; includeSubDomains
content-md5: dtjLsElssYTv+GgVK2etRQ==
content-length: 15908
x-xss-protection: 1; mode=block
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 12:22:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC2C8E69DFADC4
x-frame-options: sameorigin
content-type: application/octet-stream
x-ms-request-id: 76d79d02-701e-0069-74ec-5fbe81000000
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
x-ms-version: 2009-09-19

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-531D8DX299&l=gtm&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC3NNQJ&l=gtm&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18a00044489eb3a1a8003a6eb7209ab2b16ab6bb95f726fa7e02cf6c410efb70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81381
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Feb 2024 08:52:43 GMT

GET
H2 200 puzzleBuilding.svg
corporate-v2-be-sta.erescueglobal.com/assets/backgrounds/ 27 KB
27 KB 70ms
70ms Image
image/svg+xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corporate-v2-be-sta.erescueglobal.com/assets/backgrounds/puzzleBuilding.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

2ee8b85cb7c54f13bb75c3b7e7c542dd34d43e27bfc23bbf9d6df8d3fe353e7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://erescue-iframe.vercel.app;
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/maintenance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
content-security-policy: frame-ancestors https://erescue-iframe.vercel.app;
date: Thu, 15 Feb 2024 08:52:42 GMT
strict-transport-security: max-age=3600; includeSubDomains
content-md5: H/XwOtqwwgV9qoqtyM//vA==
content-length: 27834
x-xss-protection: 1; mode=block
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 12:22:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC2C8E698F2897
x-frame-options: sameorigin
content-type: image/svg+xml
x-ms-request-id: 94f6b263-001e-005c-2dec-5fd295000000
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
x-ms-version: 2009-09-19

GET
H2 200 SourceSansPro-Bold.ttf.woff2
corporate-v2-be-sta.erescueglobal.com/assets/fonts/ 15 KB
15 KB 51ms
50ms Font
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://corporate-v2-be-sta.erescueglobal.com/assets/fonts/SourceSansPro-Bold.ttf.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://erescue-iframe.vercel.app;
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporate-v2-be-sta.erescueglobal.com/maintenance
Origin: https://corporate-v2-be-sta.erescueglobal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
content-security-policy: frame-ancestors https://erescue-iframe.vercel.app;
date: Thu, 15 Feb 2024 08:52:43 GMT
strict-transport-security: max-age=3600; includeSubDomains
content-md5: 8ERBz8Eiv4ThzyQFj926hw==
content-length: 15480
x-xss-protection: 1; mode=block
x-ms-lease-status: unlocked
last-modified: Tue, 13 Feb 2024 12:22:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DC2C8E69DE2767
x-frame-options: sameorigin
content-type: application/octet-stream
x-ms-request-id: a2d0ac8c-601e-0075-60ec-5fece1000000
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
x-ms-version: 2009-09-19

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 175ms
29ms Preflight 20.50.88.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://corporate-v2-be-sta.erescueglobal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Thu, 15 Feb 2024 08:52:42 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 98 B
206 B 41ms
41ms XHR
application/json 20.50.88.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

9f7cd8222edca74bb874ab777187982cbc99cdc943ed471c43e27fed80c515fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporate-v2-be-sta.erescueglobal.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Thu, 15 Feb 2024 08:52:42 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-length: 98
content-type: application/json; charset=utf-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
269 B 34ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-531D8DX299&gtm=45je42c0v9133370246z8830936452za200&_p=1707987163290&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&ul=nl-be&cid=1843631746.1707987163&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dt=landing%20page&sid=1707987163&sct=1&seg=0&dl=https%3A%2F%2Fcorporate-v2-be-sta.erescueglobal.com%2Fmaintenance&en=page_view&_fv=1&_nsi=1&_ss=1&ep.subsidiary_name=axa_partners&ep.business_unit=customer_and_solutions&ep.digital_business_process=follow_up&ep.global_digital_asset=erescue&ep.main_linked_system=motor-be&ep.partner_id=axa-corporate-be&ep.partner_name=AXA%20Corporate&ep.country=BE&ep.instance_environment=STA&ep.business_line=motor_and_home_solutions&ep.page_name=landing%20page&ep.funnel_step=1&ep.step_name=landing%20page&tfd=1613
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-531D8DX299&l=gtm&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 08:52:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corporate-v2-be-sta.erescueglobal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 31ms
31ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9gyujvej15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:52:43 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2024 14:33:55 GMT
etag: W/"0x8DC1CE97EB406F9"
vary: Accept-Encoding
x-azure-ref: 20240215T085243Z-kn4tnhqr2d0ffc03ucz4a4ua8w00000001v0000000006nd7
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 00ad7b1a-201e-0051-67a8-5db357000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CD206D58B57545F0AFCC4FDD93F292D2&RedC=c.clarity.ms&MXFR=300495296F37612D3662810F6B376FF3
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CD206D58B57545F0AFCC4FDD93F292D2&MUID=05347F54D5386CBC189D6B72D4536D12

42 B
443 B

31ms
31ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CD206D58B57545F0AFCC4FDD93F292D2&MUID=05347F54D5386CBC189D6B72D4536D12
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corporate-v2-be-sta.erescueglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 08:52:43 GMT
last-modified: Fri, 09 Feb 2024 19:55:32 GMT
server: Microsoft-IIS/10.0
etag: "2155d7f0915bda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 15 Feb 2024 08:52:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC95457E748F409BA5845125745D40DE Ref B: FRAEDGE1121 Ref C: 2024-02-15T08:52:43Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CD206D58B57545F0AFCC4FDD93F292D2&MUID=05347F54D5386CBC189D6B72D4536D12
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
317 B 327ms
120ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: corporate-v2-be-sta.erescueglobal.com
URL: https://corporate-v2-be-sta.erescueglobal.com/static/js/main.7c83eb80.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://corporate-v2-be-sta.erescueglobal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://corporate-v2-be-sta.erescueglobal.com
Date: Thu, 15 Feb 2024 08:52:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Axa (Insurance)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
corporate-v2-be-sta.erescueglobal.com/	1970-01-21 03:12:03	Name: ai_user Value: Ph2FU1lS2+DATIqUftBnas\|2024-02-15T08:52:43.287Z
corporate-v2-be-sta.erescueglobal.com/	1970-01-20 18:26:28	Name: ai_session Value: SfLSxZ2hiDFw6WM7VAs09N\|1707987163290\|1707987163290
.erescueglobal.com/	1970-01-21 04:02:27	Name: _ga Value: GA1.1.1843631746.1707987163
.erescueglobal.com/	1970-01-21 04:02:27	Name: _ga_531D8DX299 Value: GS1.1.1707987163.1.1.1707987163.0.0.0
www.clarity.ms/	1970-01-21 03:12:03	Name: CLID Value: 536397a298244f1e8889c2af5080c1d6.20240215.20250214
.erescueglobal.com/	1970-01-21 03:12:03	Name: _clck Value: 1ql0n86%7C2%7Cfja%7C0%7C1506
.bing.com/	1970-01-21 03:48:03	Name: MUID Value: 05347F54D5386CBC189D6B72D4536D12
.c.bing.com/	1970-01-20 18:36:31	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:48:03	Name: SRM_B Value: 05347F54D5386CBC189D6B72D4536D12
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:48:03	Name: MUID Value: 05347F54D5386CBC189D6B72D4536D12
.c.clarity.ms/	1970-01-20 18:36:31	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:26:27	Name: ANONCHK Value: 0
.erescueglobal.com/	1970-01-20 18:27:53	Name: _clsk Value: 1jx5fy3%7C1707987163974%7C1%7C1%7Cr.clarity.ms%2Fcollect

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://corporate-v2-be-sta.erescueglobal.com/maintenance Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://erescue-iframe.vercel.app;
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa-holding-erescue-business.cdn.prismic.io
aa-holding-erescue-technical.cdn.prismic.io
aa-holding-homemanager.prismic.io
c.bing.com
c.clarity.ms
corporate-v2-be-sta.erescueglobal.com
dc.services.visualstudio.com
r.clarity.ms
region1.google-analytics.com
www.clarity.ms
www.googletagmanager.com
www.gstatic.com
20.119.174.243
20.50.88.244
2001:4860:4802:34::36
2600:9000:2251:3200:15:1def:a40:93a1
2600:9000:2251:7400:15:1def:a40:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:812::2008
52.3.172.99
68.219.88.97
04e323ca43a4889908d1a794ffa3f717baab433410f389dfacaa9292ec1f41b7
0b530bc9eb8bb26750224c6fa126642d98ea84fd939a7530e673022e30793b15
18a00044489eb3a1a8003a6eb7209ab2b16ab6bb95f726fa7e02cf6c410efb70
1ab71bdde1e61a2f7e33d696af65d73651cfa0c1f5cd489994d29517513dbc1b
1fbc4a891d76e33aa36b382be164ddfcdc128bd0e4ddaa3fd4ba2bc51d6d59df
240f77147aa664232129246e1a70de59febd49f8a94632b3b4d291da5f18e048
25742a8128595fa2deaaf19d4ccd3382fe6f330ed0bdb4ff675b59e1ec2fc80a
2ee8b85cb7c54f13bb75c3b7e7c542dd34d43e27bfc23bbf9d6df8d3fe353e7d
387709fbf1a502190456f625a32a9fbee86dc663c358dd016c313b3274dea074
38df5c8cb08b4293084cb7138a88598e0aed51e21596f7a92334346c3dcfcf05
3b058fb13484991b57c9f74a12d660718e2a47a62ba4c241c3d88da482b9968d
4ecdc0fd329d71085136d3178d195f706922398d04125868a49f9ddfd154119a
4f15551e8df16365a4eba91f078b16e4dc40959a98f6f8e1de8b2ad895ccc705
56183b9883cd89f3fb467b30086ef4acd90e1833a74e1ebc31b1f651afe32ed2
5c148408aa42fb316f7d668aca160b6a637a842ac0f2fbce6fbf4e9ebaf008f2
69dd1b42f3a75e53beb5822ab19ccad49e61d0b000b47600d4edc6312a47f9c1
6b6fe2f1628e0bf5b770c768623705d990869dc504b660f7d702ceac8ebf32e6
6c1b0cb5c9dbee363074bc5ccfb9e7ce40c70d8de97768860b3db446664fbf66
7676c749767e2131ea49b0c48cfa1038a4ff0983696dcd2cfb3b94507e7dc46f
7f0bd39c7a8c7773d478abd26586384497465ce6acd38305caa513a415ce63e2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ce04c4df2c8ebdbdaf58295152a27b8ca698d42cadfbe39fdb7b377810bcd74
9f7cd8222edca74bb874ab777187982cbc99cdc943ed471c43e27fed80c515fb
a99328f8c815e3cd7861eda08d5a71fe8a70c99286b6c36744264d9a59ee27a7
b56490c7e70c7a987d5d115b838c785726cfdfdafe0716e3cb960056a269835c
c08ff7d0dbbe68e7a575f670aff49e5831708fbf433d2415affa00b356aea163
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d6006b7666b358effb9988c9c5357e3415f13c3929da7ec613cfaad67c0a26c1
d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1123fe0a595f50d86a57cce8ab54e6b5b7d108cde9778d006e5ebaa79f84df3

corporate-v2-be-sta.erescueglobal.com Open in urlscan Pro 2606:2800:233:1cb7:261b:1f9c:2074:3c Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

97 %HTTPS

67 %IPv6

8 Domains

12 Subdomains

11 IPs

4 Countries

3762 kBTransfer

4226 kBSize

14 Cookies

0 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

corporate-v2-be-sta.erescueglobal.com Open in urlscan Pro
2606:2800:233:1cb7:261b:1f9c:2074:3c Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

67 %
IPv6

8
Domains

12
Subdomains

11
IPs

4
Countries

3762 kB
Transfer

4226 kB
Size

14
Cookies

39 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!