connect.axa.fr Open in urlscan Pro
171.18.97.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://connect.axa.fr/?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%...
Effective URL:
https://connect.axa.fr/?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%...
Submission: On October 22 via manual (October 22nd 2021, 9:42:42 pm UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 5 domains to perform 34 HTTP transactions. The main IP is 171.18.97.117, located in France and belongs to AXA-TECH Paris, FR. The main domain is connect.axa.fr.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 23rd 2021. Valid for: a year.

This is the only time connect.axa.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	171.18.97.117 171.18.97.117	12696 (AXA-TECH ...) (AXA-TECH Paris)
1	171.18.34.198 171.18.34.198	12696 (AXA-TECH ...) (AXA-TECH Paris)
1	143.204.98.13 143.204.98.13	16509 (AMAZON-02) (AMAZON-02)
1	35.181.77.138 35.181.77.138	16509 (AMAZON-02) (AMAZON-02)
1	192.229.233.55 192.229.233.55	15133 (EDGECAST) (EDGECAST)
2	18.193.0.113 18.193.0.113	16509 (AMAZON-02) (AMAZON-02)
1	63.33.35.188 63.33.35.188	16509 (AMAZON-02) (AMAZON-02)
1	13.37.199.125 13.37.199.125	16509 (AMAZON-02) (AMAZON-02)
34	9

26 171.18.97.117 (France)

ASN12696 (AXA-TECH Paris, FR)

connect.axa.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 171.18.34.198 (Paris, France)

ASN12696 (AXA-TECH Paris, FR)

espaceclient.axa.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-13.fra50.r.cloudfront.net

cdn.tagcommander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.181.77.138 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-77-138.eu-west-3.compute.amazonaws.com

manager.tagcommander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.55 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

cdn.trustcommander.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.0.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-0-113.eu-central-1.compute.amazonaws.com

logs1412.xiti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.35.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-35-188.eu-west-1.compute.amazonaws.com

axafrance.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.37.199.125 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-199-125.eu-west-3.compute.amazonaws.com

privacy.trustcommander.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	axa.fr connect.axa.fr espaceclient.axa.fr	653 KB
2	xiti.com logs1412.xiti.com	321 B
2	trustcommander.net cdn.trustcommander.net privacy.trustcommander.net	20 KB
2	tagcommander.com cdn.tagcommander.com manager.tagcommander.com	168 KB
1	omtrdc.net axafrance.tt.omtrdc.net	747 B
34	5

	Domain	Requested by
26	connect.axa.fr	connect.axa.fr
2	logs1412.xiti.com	connect.axa.fr
1	privacy.trustcommander.net	cdn.trustcommander.net
1	axafrance.tt.omtrdc.net	connect.axa.fr
1	cdn.trustcommander.net	cdn.tagcommander.com
1	manager.tagcommander.com	cdn.tagcommander.com
1	cdn.tagcommander.com	connect.axa.fr
1	espaceclient.axa.fr	connect.axa.fr
34	8

This site contains links to these domains. Also see Links.

Domain
www.axa.fr

Subject Issuer	Validity	Valid
*.axa.fr DigiCert TLS RSA SHA256 2020 CA1	`2021-08-23` - `2022-09-23`	a year	crt.sh
espaceclient.axa.fr DigiCert EV RSA CA G2	`2020-07-09` - `2022-03-15`	2 years	crt.sh
*.tagcommander.com Thawte RSA CA 2018	`2020-04-15` - `2022-04-19`	2 years	crt.sh
cdn.tagcommander.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-10` - `2022-06-15`	a year	crt.sh
*.xiti.com Thawte RSA CA 2018	`2020-02-27` - `2022-05-22`	2 years	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
*.trustcommander.net Thawte RSA CA 2018	`2021-01-18` - `2022-02-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://connect.axa.fr/?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fespaceclient.axa.fr%252Funified-authentication-redirect.html%26state%3Dbb17f71b-575b-449d-b99a-eb6e5725ee22%25253Bhttps%25253A%25252F%25252Fespaceclient.axa.fr%25252Funified-authentication-redirect.html%26client_id%3D9f0d7c72-d863-4c91-9a7b-8caf1373a3aa%26scope%3Doffline_access%2520profile%2520phone%2520email%2520openid%2520api-client%2520https%253A%252F%252Fconnect.axa.fr%252FindividualOrProfessional.all%2520https%253A%252F%252Fconnect.axa.fr%252FcollectiveHealth.all%2520https%253A%252F%252Fconnect.axa.fr%252Fbank.all%2520axa-fr-salary-saving%2520eb-fr-collective%2520fr-gfp%2520https%253A%252F%252Fconnect.axa.fr%252Fauth%252Fpema%2520fr-outremer-insurance
Frame ID: 21BD570CA669FEB2ACF413C2F828CBBB
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Espace Client AXAInformation MessageChevron - Blue

Detected technologies

AT Internet XiTi (Analytics) Expand

Overall confidence: 100%
Detected patterns

xiti\.com/hit\.xiti

TagCommander (Tag managers) Expand

Overall confidence: 100%
Detected patterns

\.tagcommander\.com

Page Statistics

34
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

8
Subdomains

9
IPs

3
Countries

842 kB
Transfer

2158 kB
Size

18
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.axa.fr/services-en-ligne/aide-connexion.html
Title: Accéder à l'aide à la connexion.

Search URL Search Domain Scan URL

URL: https://www.axa.fr/besoin-d-aide.html
Title: Chevron - Blue Besoin d'aide pour me connecter

Search URL Search Domain Scan URL

URL: https://www.axa.fr/compte-bancaire/urgence-sinistre/utilisation-frauduleuse.html
Title: Faire opposition

Search URL Search Domain Scan URL

URL: https://www.axa.fr/compte-bancaire/conseils.html?currentPage=1&categoryName=axa-fr-convergence:banque/securite-bancaire
Title: Sécurité bancaire

Search URL Search Domain Scan URL

URL: https://www.axa.fr/mentions-legales.html
Title: Mentions légales

Search URL Search Domain Scan URL

URL: https://www.axa.fr/configuration-securite/politique-cookies.html
Title: Notre politique Cookies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
connect.axa.fr/ 4 KB
4 KB 138ms
61ms Document
text/html 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fespaceclient.axa.fr%252Funified-authentication-redirect.html%26state%3Dbb17f71b-575b-449d-b99a-eb6e5725ee22%25253Bhttps%25253A%25252F%25252Fespaceclient.axa.fr%25252Funified-authentication-redirect.html%26client_id%3D9f0d7c72-d863-4c91-9a7b-8caf1373a3aa%26scope%3Doffline_access%2520profile%2520phone%2520email%2520openid%2520api-client%2520https%253A%252F%252Fconnect.axa.fr%252FindividualOrProfessional.all%2520https%253A%252F%252Fconnect.axa.fr%252FcollectiveHealth.all%2520https%253A%252F%252Fconnect.axa.fr%252Fbank.all%2520axa-fr-salary-saving%2520eb-fr-collective%2520fr-gfp%2520https%253A%252F%252Fconnect.axa.fr%252Fauth%252Fpema%2520fr-outremer-insurance

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

2d886591337666f7c43eaa4af086c204dd46abf67da01b6922d87ebdeb333337

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: connect.axa.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Set-Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; path=/; secure; samesite=none; httponly XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA; path=/; secure; samesite=none SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; path=/ TS01901cc1=017db37fcc2ef466e659d87812a0b1932b00fba831e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342cd9cd44c8ba6112f85b50534ec5f2f04b78dfb2922f24ac802a092c40df1d7774aa9dc0fb0f32f29500869300b71a9b8f; Path=/
X-Frame-Options: SAMEORIGIN
Date: Fri, 22 Oct 2021 21:42:35 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Server: aws
Transfer-Encoding: chunked

GET
H/1.1 200
OK AXA_PP_BLANC.min.css
connect.axa.fr/css/ 126 KB
27 KB 167ms
166ms Stylesheet
text/css 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/css/AXA_PP_BLANC.min.css

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fespaceclient.axa.fr%252Funified-authentication-redirect.html%26state%3Dbb17f71b-575b-449d-b99a-eb6e5725ee22%25253Bhttps%25253A%25252F%25252Fespaceclient.axa.fr%25252Funified-authentication-redirect.html%26client_id%3D9f0d7c72-d863-4c91-9a7b-8caf1373a3aa%26scope%3Doffline_access%2520profile%2520phone%2520email%2520openid%2520api-client%2520https%253A%252F%252Fconnect.axa.fr%252FindividualOrProfessional.all%2520https%253A%252F%252Fconnect.axa.fr%252FcollectiveHealth.all%2520https%253A%252F%252Fconnect.axa.fr%252Fbank.all%2520axa-fr-salary-saving%2520eb-fr-collective%2520fr-gfp%2520https%253A%252F%252Fconnect.axa.fr%252Fauth%252Fpema%2520fr-outremer-insurance

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

12d7568b3b6e93177d4f6a1c0e61fe2fddefc52bef3da0e4284a87cb2c06e2d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; TS01901cc1=017db37fcc2ef466e659d87812a0b1932b00fba831e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342cd9cd44c8ba6112f85b50534ec5f2f04b78dfb2922f24ac802a092c40df1d7774aa9dc0fb0f32f29500869300b71a9b8f
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:04:40 GMT
Server: aws
ETag: "1d7bb844519fa33"
Vary: Accept-Encoding
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:35 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK dynamic-background.css
connect.axa.fr/css/ 182 B
598 B 89ms
50ms Stylesheet
text/css 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/css/dynamic-background.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

a6167953c3efb82c38ab89ed8fef6f2314423c49cc30746ecc3a98e8c3d96fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; TS01901cc1=017db37fcc2ef466e659d87812a0b1932b00fba831e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342cd9cd44c8ba6112f85b50534ec5f2f04b78dfb2922f24ac802a092c40df1d7774aa9dc0fb0f32f29500869300b71a9b8f
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Content-Encoding: gzip
Referrer-Policy: no-referrer
Server: aws
Date: Fri, 22 Oct 2021 21:42:35 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=60
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK runtime.e59792769d2c5fb09638.bundle.min.js Show response
connect.axa.fr/ 25 KB
10 KB 98ms
60ms Script
application/javascript 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/runtime.e59792769d2c5fb09638.bundle.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

61bda23471fbe4dfae78390d042b2295831a444a1d310a802bf8633d1bdcbf5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; TS01901cc1=017db37fcc2ef466e659d87812a0b1932b00fba831e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342cd9cd44c8ba6112f85b50534ec5f2f04b78dfb2922f24ac802a092c40df1d7774aa9dc0fb0f32f29500869300b71a9b8f
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:04:42 GMT
Server: aws
ETag: "1d7bb8446495cd7"
Vary: Accept-Encoding
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:35 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 9388
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK vendors-authorize-frontoffice-logout-twoFactorAuthentication.1aa7cb48fd143b997bc4.bundle.min.js Show response
connect.axa.fr/ 386 KB
139 KB 172ms
134ms Script
application/javascript 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/vendors-authorize-frontoffice-logout-twoFactorAuthentication.1aa7cb48fd143b997bc4.bundle.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

29d5aa326e339d5877aaa6ff2bbbfad0b8d8c4e978ebe93b8e155a27f826b325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; TS01901cc1=017db37fcc2ef466e659d87812a0b1932b00fba831e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342cd9cd44c8ba6112f85b50534ec5f2f04b78dfb2922f24ac802a092c40df1d7774aa9dc0fb0f32f29500869300b71a9b8f
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:04:42 GMT
Server: aws
ETag: "1d7bb84464f3f6e"
Vary: Accept-Encoding
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:35 GMT
Accept-Ranges: bytes
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK vendors-frontoffice-twoFactorAuthentication.1180da6f1ad5eac37d87.bundle.min.js Show response
connect.axa.fr/ 222 KB
82 KB 521ms
483ms Script
application/javascript 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/vendors-frontoffice-twoFactorAuthentication.1180da6f1ad5eac37d87.bundle.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

08a9f0b767c2d73dc9b37b2594a5003e54f23bced4df65f6dce445a17b478e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; TS01901cc1=017db37fcc2ef466e659d87812a0b1932b00fba831e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342cd9cd44c8ba6112f85b50534ec5f2f04b78dfb2922f24ac802a092c40df1d7774aa9dc0fb0f32f29500869300b71a9b8f
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:04:42 GMT
Server: aws
ETag: "1d7bb84464a4ebf"
Vary: Accept-Encoding
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:36 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK frontoffice.e1ae2500cb5ab35bc183.bundle.min.js Show response
connect.axa.fr/ 550 KB
130 KB 284ms
246ms Script
application/javascript 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/frontoffice.e1ae2500cb5ab35bc183.bundle.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

f90021753f0a8bc12e207df10717c994898057d5f33c02a7bbc587abcc886885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; TS01901cc1=017db37fcc2ef466e659d87812a0b1932b00fba831e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342cd9cd44c8ba6112f85b50534ec5f2f04b78dfb2922f24ac802a092c40df1d7774aa9dc0fb0f32f29500869300b71a9b8f
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:04:40 GMT
Server: aws
ETag: "1d7bb8445109459"
Vary: Accept-Encoding
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:35 GMT
Accept-Ranges: bytes
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK HERDER%202000X1000-min.jpg
espaceclient.axa.fr/content/dam/axa-connect/ 114 KB
114 KB 162ms
31ms Image
image/jpeg 171.18.34.198
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espaceclient.axa.fr/content/dam/axa-connect/HERDER%202000X1000-min.jpg

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/css/dynamic-background.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.34.198 Paris, France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

6980a8dbe6a3ab9c514320a420e78d16a819dad2219a854a85092ec0523e4efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 22 Oct 2021 21:42:36 GMT
Last-Modified: Fri, 22 Oct 2021 16:04:34 GMT
Server: aws
ETag: "1c69e-5cef32ad5f627"
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: (null)
Access-Control-Expose-Headers: Set-cookie
Cache-control: private
Access-Control-Allow-Credentials: True
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type,Cache-Control,X-Requested-With
Content-Length: 116382

GET
H/1.1 200
OK Cookie set accountspace Show response
connect.axa.fr/api/ 696 B
3 KB 55ms
55ms XHR
application/json 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/api/accountspace

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-authorize-frontoffice-logout-twoFactorAuthentication.1aa7cb48fd143b997bc4.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

a36ae90b69d081e3479fe677f5af062c966cf63a48219e62357d32c4f72aa5fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; TS01901cc1=017db37fcc2ef466e659d87812a0b1932b00fba831e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342cd9cd44c8ba6112f85b50534ec5f2f04b78dfb2922f24ac802a092c40df1d7774aa9dc0fb0f32f29500869300b71a9b8f
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Pragma: no-cache
axa-correlation-id: 5e7ea6a5-0d99-413e-bb31-37e38e80223b
Host: connect.axa.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Site: same-origin
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
axa-correlation-id: 5e7ea6a5-0d99-413e-bb31-37e38e80223b
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Server: aws
Date: Fri, 22 Oct 2021 21:42:36 GMT
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Set-Cookie: XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJj2i5P98hL4TbZCzSKK8idhWoPaIXzBHxqWH1M467dCMhgdTqAXRNWD_Wpwfxqe4_a5tnIZQB2WcsEA_ZP-Qu25MEJB8SdZEYERd_bitzYUMe5bqseZZ_banivC9kA7ASM; path=/; secure; samesite=none TS01901cc1=017db37fccc68259ee7299b1c47aaa212c3806e2d2e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c93d260820941aa0f3bfd00e7e9f823e0b24dbb1b2411650be5d05c6864fe0f2eedb3a07e1ea1fbea83168233c9da5b66; Path=/
Content-Length: 696
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set accountspace Show response
connect.axa.fr/api/ 696 B
3 KB 54ms
53ms XHR
application/json 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/api/accountspace

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-authorize-frontoffice-logout-twoFactorAuthentication.1aa7cb48fd143b997bc4.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

a36ae90b69d081e3479fe677f5af062c966cf63a48219e62357d32c4f72aa5fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; TS01901cc1=017db37fcc2ef466e659d87812a0b1932b00fba831e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342cd9cd44c8ba6112f85b50534ec5f2f04b78dfb2922f24ac802a092c40df1d7774aa9dc0fb0f32f29500869300b71a9b8f
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Pragma: no-cache
axa-correlation-id: d33832db-4739-4fca-b1e3-a436f781b4dc
Host: connect.axa.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Site: same-origin
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
axa-correlation-id: d33832db-4739-4fca-b1e3-a436f781b4dc
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Server: aws
Date: Fri, 22 Oct 2021 21:42:36 GMT
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Set-Cookie: XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJhWDS7Wc6EdmjEzT2fDJuHEX2JNjCREGao4i8FEh71jsJmmh2Du4GQp_JFCUkP2lbNiJQYCCTLHo2LOmpb4vU2yG4llyTncK0L_B3h1dTLMAnUV1G4R-4R1cjoXO_sLYHM; path=/; secure; samesite=none TS01901cc1=017db37fccf35b81b8c21ddd83815a9e2006c24a14e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c2339ad02bdda53e2ffb2e8ec0f95c8a9c0d6a7a775ed2868dca2090dc562489683ac4e35f334a0eeaba94137859dc4c5; Path=/
Content-Length: 696
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set 9f0d7c72-d863-4c91-9a7b-8caf1373a3aa Show response
connect.axa.fr/api/theme/logo/ 73 B
2 KB 51ms
50ms XHR
application/json 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/api/theme/logo/9f0d7c72-d863-4c91-9a7b-8caf1373a3aa

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-authorize-frontoffice-logout-twoFactorAuthentication.1aa7cb48fd143b997bc4.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

6c0bdfb80c74c64764740fa5f452948082efcce64019c15d947469a4a6b28376

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; TS01901cc1=017db37fcc2ef466e659d87812a0b1932b00fba831e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342cd9cd44c8ba6112f85b50534ec5f2f04b78dfb2922f24ac802a092c40df1d7774aa9dc0fb0f32f29500869300b71a9b8f
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Pragma: no-cache
axa-correlation-id: a976cc0e-1d3f-48c0-a88d-cd64692ded6d
Host: connect.axa.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Site: same-origin
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
axa-correlation-id: a976cc0e-1d3f-48c0-a88d-cd64692ded6d
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Server: aws
Date: Fri, 22 Oct 2021 21:42:36 GMT
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Set-Cookie: XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJj5M7zp2y0zkdYXoHX1FeXnh74H8wUJQlpBXtQ5O2mD1zalMfFUzgaoRyJLSlKZdrHk8G9UvTGSY1smEQUz_-AHWusol-D9-m-lROEgb-hI0Jjf3cDhZZl8BAf60Nxj-wo; path=/; secure; samesite=none TS01901cc1=017db37fccdd03cff7a947e50e560ba2992b378de1e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c160d713f3beaea68e99cdf04e3cfc0bee1ba31791af45c9d5bcc51537a250ad152396053ca597777708d3dc1a133c09c; Path=/
Content-Length: 73
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK SourceSansPro-regular.woff2
connect.axa.fr/fonts/typo/ 16 KB
16 KB 45ms
45ms Font
font/woff2 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/fonts/typo/SourceSansPro-regular.woff2

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/css/AXA_PP_BLANC.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://connect.axa.fr
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJifIydztaBuM6K7oZlZR2hBqq8EauDW_GMpk7dh5pmHHn_AThipGFnf2h81N6zpr2jJ6HdAHYnj8eMXpRKUfE7zi_QoC__DNIVP_QAY6BdJPDKVwWqAiK2Rsuwtt-rIsBA; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; TS01901cc1=017db37fcc2ef466e659d87812a0b1932b00fba831e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342cd9cd44c8ba6112f85b50534ec5f2f04b78dfb2922f24ac802a092c40df1d7774aa9dc0fb0f32f29500869300b71a9b8f
Connection: keep-alive
Referer
Origin: https://connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:02:42 GMT
Server: aws
ETag: "1d7bb83fec29324"
Content-Type: font/woff2
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:36 GMT
Accept-Ranges: bytes
Content-Length: 15908
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Cookie set accountspace Show response
connect.axa.fr/api/ 696 B
3 KB 43ms
42ms XHR
application/json 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/api/accountspace

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-frontoffice-twoFactorAuthentication.1180da6f1ad5eac37d87.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

a36ae90b69d081e3479fe677f5af062c966cf63a48219e62357d32c4f72aa5fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJj2i5P98hL4TbZCzSKK8idhWoPaIXzBHxqWH1M467dCMhgdTqAXRNWD_Wpwfxqe4_a5tnIZQB2WcsEA_ZP-Qu25MEJB8SdZEYERd_bitzYUMe5bqseZZ_banivC9kA7ASM; TS01901cc1=017db37fccc68259ee7299b1c47aaa212c3806e2d2e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c93d260820941aa0f3bfd00e7e9f823e0b24dbb1b2411650be5d05c6864fe0f2eedb3a07e1ea1fbea83168233c9da5b66
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJj2i5P98hL4TbZCzSKK8idhWoPaIXzBHxqWH1M467dCMhgdTqAXRNWD_Wpwfxqe4_a5tnIZQB2WcsEA_ZP-Qu25MEJB8SdZEYERd_bitzYUMe5bqseZZ_banivC9kA7ASM
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Pragma: no-cache
axa-correlation-id: 0a0df639-e2e6-4ffe-9ccb-c69617487547
Host: connect.axa.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Site: same-origin
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
axa-correlation-id: 0a0df639-e2e6-4ffe-9ccb-c69617487547
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJj2i5P98hL4TbZCzSKK8idhWoPaIXzBHxqWH1M467dCMhgdTqAXRNWD_Wpwfxqe4_a5tnIZQB2WcsEA_ZP-Qu25MEJB8SdZEYERd_bitzYUMe5bqseZZ_banivC9kA7ASM
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Server: aws
Date: Fri, 22 Oct 2021 21:42:36 GMT
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Set-Cookie: XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU; path=/; secure; samesite=none TS01901cc1=017db37fcc920f61a6487473d1b941047390ab3a1fe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c491b41e85035a5e28a26fb4c898dc9e5b3d4d395635e8676f6b2da254ef30e038fda28b4ca2bb347e906be8b598d6e2e; Path=/
Content-Length: 696
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK i18n-locale-axa-pp-fr-json.5ad3c2aab5d1fccb27c2.bundle.min.js Show response
connect.axa.fr/ 17 KB
6 KB 42ms
42ms Script
application/javascript 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/i18n-locale-axa-pp-fr-json.5ad3c2aab5d1fccb27c2.bundle.min.js

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/runtime.e59792769d2c5fb09638.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

7d86a8fe0c4f9d956ead10e265c752cb73b80d31f181a598f9a2dae5e998fbc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJj2i5P98hL4TbZCzSKK8idhWoPaIXzBHxqWH1M467dCMhgdTqAXRNWD_Wpwfxqe4_a5tnIZQB2WcsEA_ZP-Qu25MEJB8SdZEYERd_bitzYUMe5bqseZZ_banivC9kA7ASM; TS01901cc1=017db37fccc68259ee7299b1c47aaa212c3806e2d2e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c93d260820941aa0f3bfd00e7e9f823e0b24dbb1b2411650be5d05c6864fe0f2eedb3a07e1ea1fbea83168233c9da5b66
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:04:42 GMT
Server: aws
ETag: "1d7bb8446497d8e"
Vary: Accept-Encoding
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:36 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5374
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 423.ab263ee1dcceb5ce15a5.bundle.css
connect.axa.fr/ 172 B
667 B 38ms
37ms Stylesheet
text/css 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/423.ab263ee1dcceb5ce15a5.bundle.css

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/runtime.e59792769d2c5fb09638.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

2a406b2290fd5c91ce0f908cda3ccdc25185e1ac9b88cd49590a2de3ac8c4db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU; TS01901cc1=017db37fcc920f61a6487473d1b941047390ab3a1fe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c491b41e85035a5e28a26fb4c898dc9e5b3d4d395635e8676f6b2da254ef30e038fda28b4ca2bb347e906be8b598d6e2e
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:04:40 GMT
Server: aws
ETag: "1d7bb8445180cac"
Vary: Accept-Encoding
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:36 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 423.836f8796c03e57be4f80.bundle.min.js Show response
connect.axa.fr/ 104 B
599 B 39ms
38ms Script
application/javascript 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/423.836f8796c03e57be4f80.bundle.min.js

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/runtime.e59792769d2c5fb09638.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

877f4fd2dcea9a43987dfca5ce0dc50fc6064ebd23779dd09cc975bec4c3c405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU; TS01901cc1=017db37fcc920f61a6487473d1b941047390ab3a1fe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c491b41e85035a5e28a26fb4c898dc9e5b3d4d395635e8676f6b2da254ef30e038fda28b4ca2bb347e906be8b598d6e2e
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:04:40 GMT
Server: aws
ETag: "1d7bb8445180c68"
Vary: Accept-Encoding
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:36 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 104
X-Content-Type-Options: nosniff

POST
H/1.1 200
OK Cookie set isConnected Show response
connect.axa.fr/api/navigation/ 5 B
2 KB 52ms
51ms XHR
application/json 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/api/navigation/isConnected

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-frontoffice-twoFactorAuthentication.1180da6f1ad5eac37d87.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
Origin: https://connect.axa.fr
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU; TS01901cc1=017db37fcc920f61a6487473d1b941047390ab3a1fe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c491b41e85035a5e28a26fb4c898dc9e5b3d4d395635e8676f6b2da254ef30e038fda28b4ca2bb347e906be8b598d6e2e
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
axa-correlation-id: e301e0f1-4134-4f82-97ba-8a9a2976a73d
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Site: same-origin
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
axa-correlation-id: e301e0f1-4134-4f82-97ba-8a9a2976a73d
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Server: aws
Date: Fri, 22 Oct 2021 21:42:36 GMT
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Set-Cookie: XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJhwHtrnbhN_9wqmebnI136cugcCt9BeRD5QiA_DwAQlRD2Vs4ygCLM7qjZfAinYVuiuxByv6RT2G_Us5YdD8mPcghv1AeIb-zzls-yMxFbx-y3HQ76MhGu_V_fPmbGw9xc; path=/; secure; samesite=none TS01901cc1=017db37fcc64ab46645113e8fe5e4c22a7e462e905e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c56ca9f544aeba836bd2e41c760a83892b012add9fdb2e93f6cc85a84b98e48b4167ffda8ec43ff0b391fc6ebe2d13cda; Path=/
Content-Length: 5
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set 9f0d7c72-d863-4c91-9a7b-8caf1373a3aa Show response
connect.axa.fr/api/theme/logo/ 73 B
2 KB 42ms
42ms XHR
application/json 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/api/theme/logo/9f0d7c72-d863-4c91-9a7b-8caf1373a3aa

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-frontoffice-twoFactorAuthentication.1180da6f1ad5eac37d87.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

6c0bdfb80c74c64764740fa5f452948082efcce64019c15d947469a4a6b28376

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU; TS01901cc1=017db37fcc920f61a6487473d1b941047390ab3a1fe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c491b41e85035a5e28a26fb4c898dc9e5b3d4d395635e8676f6b2da254ef30e038fda28b4ca2bb347e906be8b598d6e2e
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Pragma: no-cache
axa-correlation-id: 9d34e8d9-ffd2-417a-9ade-4742ce91968e
Host: connect.axa.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Site: same-origin
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
axa-correlation-id: 9d34e8d9-ffd2-417a-9ade-4742ce91968e
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Server: aws
Date: Fri, 22 Oct 2021 21:42:36 GMT
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Set-Cookie: XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiCgSF5ti8VX5y8bYeqiNkm-kPA7BBRi6K2WL95jai4fCjEkwGZYrzSzhJ68Ss9xzZ1cMta63wdnyE6wduA1BAxs3Il545-UrJCwJm1JTmzt7E2yo2TmcpgzKeLdX4OVbc; path=/; secure; samesite=none TS01901cc1=017db37fcc4f5f3fd887eaaf1568e7241d2e0dcb4ce7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342ca33ca496248a74016b08dceedb249de47d8dbb0cefe7ab5dcd5e2c763ae8b44b1cafbb4247089365a9b120b5bde94b2a; Path=/
Content-Length: 73
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set tag Show response
connect.axa.fr/api/ 179 B
2 KB 40ms
40ms XHR
application/json 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/api/tag?applicationId=9f0d7c72-d863-4c91-9a7b-8caf1373a3aa

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-frontoffice-twoFactorAuthentication.1180da6f1ad5eac37d87.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

534d86643e453514052009fb029bb9ce9e5158a6dd45833174932054c153d470

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU; TS01901cc1=017db37fcc920f61a6487473d1b941047390ab3a1fe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c491b41e85035a5e28a26fb4c898dc9e5b3d4d395635e8676f6b2da254ef30e038fda28b4ca2bb347e906be8b598d6e2e
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Pragma: no-cache
axa-correlation-id: 0c7656f2-8778-4543-858e-e7df08ecf132
Host: connect.axa.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Site: same-origin
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
axa-correlation-id: 0c7656f2-8778-4543-858e-e7df08ecf132
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Server: aws
Date: Fri, 22 Oct 2021 21:42:36 GMT
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Set-Cookie: XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJjG7LuQiNCwyQtLRGr-vGCQwGWbUwH1FFaBOf--MQCY-afsdkuHjccyolSewX1gdUltQUynkgbNxeIYk44Z54377RFGFt7TFz165w74zPSLXi1fdWxbvK41SrYejFXbGss; path=/; secure; samesite=none TS01901cc1=017db37fccaa7faa99af62dc40eb5f884b5f53e2f1e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c8ba12d5a5dee38bb50943cd44f332263358e9ff8ba6695b1282856bafefa4407d54ee06d33c2d21bf2fbcc3b34db3083; Path=/
Content-Length: 179
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set AxaconnectRemember Show response
connect.axa.fr/api/cookie/ 2 B
2 KB 37ms
37ms XHR
application/json 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/api/cookie/AxaconnectRemember

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-frontoffice-twoFactorAuthentication.1180da6f1ad5eac37d87.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU; TS01901cc1=017db37fcc920f61a6487473d1b941047390ab3a1fe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c491b41e85035a5e28a26fb4c898dc9e5b3d4d395635e8676f6b2da254ef30e038fda28b4ca2bb347e906be8b598d6e2e
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Pragma: no-cache
axa-correlation-id: bed2cd90-d914-402d-a66d-1f3a6e7ccff8
Host: connect.axa.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Site: same-origin
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
axa-correlation-id: bed2cd90-d914-402d-a66d-1f3a6e7ccff8
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Server: aws
Date: Fri, 22 Oct 2021 21:42:36 GMT
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Set-Cookie: XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJicyUUzsB8dDFOicW0bHXEdsXAJ3Wgf2ckJEW-9upu1LGB6ReOLlwXePuRLi_xcle67PCO8sI9lc84TYy-vfCe-Stkj_9xHApApO543bW90W3pDK2GigiZ8gDkzyIz5m4Y; path=/; secure; samesite=none TS01901cc1=017db37fcc94aa95f5af611e917ae57f1176f91b78e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c72cf3dc56f16a108d2d354d3d72218b9be132d39bda06843a05ab91a821661dc8b0bd7805c2e1c5fef4c90bf60d04874; Path=/
Content-Length: 2
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK information-message.svg Show response
connect.axa.fr/icons/ 3 KB
4 KB 36ms
36ms XHR
image/svg+xml 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/icons/information-message.svg

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-frontoffice-twoFactorAuthentication.1180da6f1ad5eac37d87.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

e88fd687de66ca579b275f9ec769421b596f99c7ea339f933c6c62f98a13ebb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU; TS01901cc1=017db37fcc920f61a6487473d1b941047390ab3a1fe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c491b41e85035a5e28a26fb4c898dc9e5b3d4d395635e8676f6b2da254ef30e038fda28b4ca2bb347e906be8b598d6e2e
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Pragma: no-cache
axa-correlation-id: ed9349b0-b15b-4931-ac87-a49a5f188e4e
Host: connect.axa.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Site: same-origin
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
axa-correlation-id: ed9349b0-b15b-4931-ac87-a49a5f188e4e
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:02:42 GMT
Server: aws
ETag: "1d7bb83fec2a07e"
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:36 GMT
Accept-Ranges: bytes
Content-Length: 3454
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK chevron-blue.svg Show response
connect.axa.fr/icons/ 2 KB
2 KB 35ms
35ms XHR
image/svg+xml 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/icons/chevron-blue.svg

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-frontoffice-twoFactorAuthentication.1180da6f1ad5eac37d87.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

ad5ea5a059c7266d5e8532c2e9f93296adfc25f7da8f2ead6944d3ef158360f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU; TS01901cc1=017db37fcc920f61a6487473d1b941047390ab3a1fe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c491b41e85035a5e28a26fb4c898dc9e5b3d4d395635e8676f6b2da254ef30e038fda28b4ca2bb347e906be8b598d6e2e
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Pragma: no-cache
axa-correlation-id: 2d26bbf0-cde0-4f8a-94f9-76078a0d4661
Host: connect.axa.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Site: same-origin
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
axa-correlation-id: 2d26bbf0-cde0-4f8a-94f9-76078a0d4661
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:02:42 GMT
Server: aws
ETag: "1d7bb83fec2ab0f"
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:36 GMT
Accept-Ranges: bytes
Content-Length: 1551
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK cross.svg Show response
connect.axa.fr/icons/ 454 B
893 B 54ms
32ms XHR
image/svg+xml 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/icons/cross.svg

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-frontoffice-twoFactorAuthentication.1180da6f1ad5eac37d87.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

6662b843e1887bb1f6a99e9bd17434003b7deb767b04f4641ce0e54dcf5ca0ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU; TS01901cc1=017db37fcc920f61a6487473d1b941047390ab3a1fe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c491b41e85035a5e28a26fb4c898dc9e5b3d4d395635e8676f6b2da254ef30e038fda28b4ca2bb347e906be8b598d6e2e
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Pragma: no-cache
axa-correlation-id: 53a3229d-df8f-4bd8-90fc-977277d059d4
Host: connect.axa.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Site: same-origin
axa-feature: id=445aa153-a45f-4d8e-9f7f-db8b9293fef6,name=ACON_DEFAULT_FEATURE
axa-correlation-id: 53a3229d-df8f-4bd8-90fc-977277d059d4
X-XSRF-TOKEN: CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:02:42 GMT
Server: aws
ETag: "1d7bb83fec2acc6"
Content-Type: image/svg+xml
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:36 GMT
Accept-Ranges: bytes
Content-Length: 454
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK Cookie set password
connect.axa.fr/keyboard/ 2 KB
3 KB 46ms
36ms Image
image/png 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.axa.fr/keyboard/password?timestamp=1634938957180

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

e91ddbdf1d33d05c3d14832c8c4851df00094946b161b7cf899dc10e6b87d05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://connect.axa.fr/?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fespaceclient.axa.fr%252Funified-authentication-redirect.html%26state%3Dbb17f71b-575b-449d-b99a-eb6e5725ee22%25253Bhttps%25253A%25252F%25252Fespaceclient.axa.fr%25252Funified-authentication-redirect.html%26client_id%3D9f0d7c72-d863-4c91-9a7b-8caf1373a3aa%26scope%3Doffline_access%2520profile%2520phone%2520email%2520openid%2520api-client%2520https%253A%252F%252Fconnect.axa.fr%252FindividualOrProfessional.all%2520https%253A%252F%252Fconnect.axa.fr%252FcollectiveHealth.all%2520https%253A%252F%252Fconnect.axa.fr%252Fbank.all%2520axa-fr-salary-saving%2520eb-fr-collective%2520fr-gfp%2520https%253A%252F%252Fconnect.axa.fr%252Fauth%252Fpema%2520fr-outremer-insurance
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJhwHtrnbhN_9wqmebnI136cugcCt9BeRD5QiA_DwAQlRD2Vs4ygCLM7qjZfAinYVuiuxByv6RT2G_Us5YdD8mPcghv1AeIb-zzls-yMxFbx-y3HQ76MhGu_V_fPmbGw9xc; TS01901cc1=017db37fcc64ab46645113e8fe5e4c22a7e462e905e7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c56ca9f544aeba836bd2e41c760a83892b012add9fdb2e93f6cc85a84b98e48b4167ffda8ec43ff0b391fc6ebe2d13cda
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://connect.axa.fr/?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fespaceclient.axa.fr%252Funified-authentication-redirect.html%26state%3Dbb17f71b-575b-449d-b99a-eb6e5725ee22%25253Bhttps%25253A%25252F%25252Fespaceclient.axa.fr%25252Funified-authentication-redirect.html%26client_id%3D9f0d7c72-d863-4c91-9a7b-8caf1373a3aa%26scope%3Doffline_access%2520profile%2520phone%2520email%2520openid%2520api-client%2520https%253A%252F%252Fconnect.axa.fr%252FindividualOrProfessional.all%2520https%253A%252F%252Fconnect.axa.fr%252FcollectiveHealth.all%2520https%253A%252F%252Fconnect.axa.fr%252Fbank.all%2520axa-fr-salary-saving%2520eb-fr-collective%2520fr-gfp%2520https%253A%252F%252Fconnect.axa.fr%252Fauth%252Fpema%2520fr-outremer-insurance
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Server: aws
Date: Fri, 22 Oct 2021 21:42:36 GMT
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache,no-store,must-revalidate
X-Content-Type-Options: nosniff
Set-Cookie: __VkToken_UEFTU1dPUkQ_=CfDJ8Eb2aKD8h9xDvF4BrrZKhJhxEhSSFKKEiekD4xPSQ78sYIPD6ZZqBEkBfEKy1kSB5LEgrZNr4yasX-7jXUJMw7EGdV9lNRdOTP_GKwK9wZDMa-V8up8fRoIHjXV4VWp0mzRs46CS6kSfmHcFZoF_zh9SBG0iNrbjNSdoRKST_L2SD-4GMX92aKOdOxfjM-7gd5mqBNlhgBrQZ86Lp_E9RkNCKTQYHa71tor2QRKQnV1J; expires=Fri, 22 Oct 2021 21:57:37 GMT; path=/; secure; samesite=none; httponly TS01901cc1=017db37fccd78b32da7c4fad94da7700fd054236afe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c56ca9f544aeba836bd2e41c760a83892b012add9fdb2e93f6cc85a84b98e48b47565b344b4cb4fdfb4d601d1467d332db6b6305e75fba1e49374564a2c177c98; Path=/
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK SourceSansPro-semibold.woff2
connect.axa.fr/fonts/typo/ 15 KB
16 KB 49ms
42ms Font
font/woff2 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/fonts/typo/SourceSansPro-semibold.woff2

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/css/AXA_PP_BLANC.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://connect.axa.fr
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU; TS01901cc1=017db37fcc920f61a6487473d1b941047390ab3a1fe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c491b41e85035a5e28a26fb4c898dc9e5b3d4d395635e8676f6b2da254ef30e038fda28b4ca2bb347e906be8b598d6e2e
Connection: keep-alive
Referer
Origin: https://connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:02:42 GMT
Server: aws
ETag: "1d7bb83fec290a8"
Content-Type: font/woff2
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:36 GMT
Accept-Ranges: bytes
Content-Length: 15784
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK axa-icons.woff2
connect.axa.fr/fonts/icons/ 75 KB
75 KB 48ms
33ms Font
font/woff2 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.axa.fr/fonts/icons/axa-icons.woff2

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/css/AXA_PP_BLANC.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

401937e376daf3c9521ee8c8b572f28696e598e1e80d1d5f44de2c229945f04e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://connect.axa.fr
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJieALbb94AF_eTspoNEeKvIddF6es5onNKDXHvkiDmmTTR3n_HCAMWRS5GqhxIC3KFFeQP9ygYJ5_MajrNwz6V9nSi9Rzuh1A9rUuZ20pqpl5EY-56V9TBCg0zCgtEI4AU; TS01901cc1=017db37fcc920f61a6487473d1b941047390ab3a1fe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c491b41e85035a5e28a26fb4c898dc9e5b3d4d395635e8676f6b2da254ef30e038fda28b4ca2bb347e906be8b598d6e2e
Connection: keep-alive
Referer
Origin: https://connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:02:42 GMT
Server: aws
ETag: "1d7bb83fec387a4"
Content-Type: font/woff2
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:36 GMT
Accept-Ranges: bytes
Content-Length: 76452
X-Content-Type-Options: nosniff

GET
H2 200 tc_AXACONNECT_1.js Show response
cdn.tagcommander.com/1514/ 527 KB
168 KB 69ms
13ms Script
application/javascript 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tagcommander.com/1514/tc_AXACONNECT_1.js
Requested by: Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-authorize-frontoffice-logout-twoFactorAuthentication.1aa7cb48fd143b997bc4.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-13.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b12504e7984df47efd1c348d3ed00070f01a3f28d9cb58201827594f49b56e93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 12:42:41 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 15:41:29 GMT
server: AmazonS3
age: 32397
etag: W/"c3ae46da4a90964d66c2f777a004e7cc"
access-control-max-age: 31536000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qhPM2YqZrLRy8cvWfkgdwZGqKaoYOm9y6FjxMO4TfP8aU_iN55XgAA==
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)

GET
H/1.1 200
OK logo-assurance-banque-axa.png
connect.axa.fr/img/ 2 KB
2 KB 29ms
28ms Image
image/png 171.18.97.117
AXA-TECH Paris

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.axa.fr/img/logo-assurance-banque-axa.png

Requested by

Host: connect.axa.fr
URL: https://connect.axa.fr/css/AXA_PP_BLANC.min.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

171.18.97.117 , France, ASN12696 (AXA-TECH Paris, FR),

Reverse DNS

Software

aws /

Resource Hash

7c14b5712f2ba0ce80ba91f75679b09208507ac68bcc2b48cc574554697f0697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: connect.axa.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Cookie: XSRF-COOKIE-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU; SERVERIDACON=c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36; XSRF-TOKEN=CfDJ8Eb2aKD8h9xDvF4BrrZKhJiCgSF5ti8VX5y8bYeqiNkm-kPA7BBRi6K2WL95jai4fCjEkwGZYrzSzhJ68Ss9xzZ1cMta63wdnyE6wduA1BAxs3Il545-UrJCwJm1JTmzt7E2yo2TmcpgzKeLdX4OVbc; TS01901cc1=017db37fcc4f5f3fd887eaaf1568e7241d2e0dcb4ce7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342ca33ca496248a74016b08dceedb249de47d8dbb0cefe7ab5dcd5e2c763ae8b44b1cafbb4247089365a9b120b5bde94b2a
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31622400 max-age=10368000
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Oct 2021 14:02:42 GMT
Server: aws
ETag: "1d7bb83fec2aaec"
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=36288000
Date: Fri, 22 Oct 2021 21:42:36 GMT
Accept-Ranges: bytes
Content-Length: 2028
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK / Show response
manager.tagcommander.com/utils/IP/ 64 B
376 B 84ms
17ms Script
text/html 35.181.77.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manager.tagcommander.com/utils/IP/
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/1514/tc_AXACONNECT_1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.181.77.138 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-77-138.eu-west-3.compute.amazonaws.com
Software: web /
Resource Hash: 0266bca24a58b19623d702daa7b4f2d9c617982c85dd4de647c6c75b1884a544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 22 Oct 2021 21:42:37 GMT
Content-Encoding: gzip
Server: web
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-control: private
Transfer-Encoding: chunked

GET
H2 200 privacy_v2_31.js Show response
cdn.trustcommander.net/privacy/1514/ 67 KB
20 KB 93ms
20ms Script
application/javascript 192.229.233.55
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustcommander.net/privacy/1514/privacy_v2_31.js
Requested by: Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/1514/tc_AXACONNECT_1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.55 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D3D) /
Resource Hash: 8c8ced788ce5220ef2cd14a241987918aa321903f6dc22ada07b54b56b15e2b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 21:42:37 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: VDMS
age: 25617
x-cache: HIT
x-amz-request-id: QZKABF4HPQJN6ANG
x-amz-id-2: AG9MzkE6zJzC20ijuA/Ps71VJRKNtXh8Aj4kAXc7nDiMy30IampjxIXbYIe9y1lP9E7csSx9K/o=
last-modified: Tue, 31 Aug 2021 10:16:30 GMT
server: ECS (lcy/1D3D)
etag: "55e46b2f74fc1efd945e6f41c76acda2+gzip"
access-control-max-age: 31536000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
content-length: 19878

GET
H2 200 hit.xiti
logs1412.xiti.com/ 35 B
151 B 35ms
8ms Image
image/gif 18.193.0.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs1412.xiti.com/hit.xiti?s=617645&idclient=9ab54be2-de75-4fdc-92ab-88c30002a23c&vc=false&vm=exempt&ts=1634938957394&vtag=5.28.1&ptag=js&p=axaconnect/authentification/mire_authentification&s2=1&ref=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.0.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-0-113.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 21:42:37 GMT
cache-control: no-store
content-length: 35
strict-transport-security: max-age=15768000
content-type: image/gif

GET
H2 200 json Show response
axafrance.tt.omtrdc.net/m2/axafrance/mbox/ 96 B
747 B 134ms
38ms XHR
application/json 63.33.35.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://axafrance.tt.omtrdc.net/m2/axafrance/mbox/json?mbox=target-global-mbox&mboxSession=9a0ef794b4084859ac97b53e820003b7&mboxPC=&mboxPage=75ef69c24fe645b29705b5d230f10c11&mboxRid=a26c43181c444003984e520dfa57022f&mboxVersion=1.7.1&mboxCount=1&mboxTime=1634938957375&mboxHost=connect.axa.fr&mboxURL=https%3A%2F%2Fconnect.axa.fr%2F%3FReturnUrl%3D%252Fconnect%252Fauthorize%252Fcallback%253Fresponse_type%253Dcode%2526redirect_uri%253Dhttps%25253A%25252F%25252Fespaceclient.axa.fr%25252Funified-authentication-redirect.html%2526state%253Dbb17f71b-575b-449d-b99a-eb6e5725ee22%2525253Bhttps%2525253A%2525252F%2525252Fespaceclient.axa.fr%2525252Funified-authentication-redirect.html%2526client_id%253D9f0d7c72-d863-4c91-9a7b-8caf1373a3aa%2526scope%253Doffline_access%252520profile%252520phone%252520email%252520openid%252520api-client%252520https%25253A%25252F%25252Fconnect.axa.fr%25252FindividualOrProfessional.all%252520https%25253A%25252F%25252Fconnect.axa.fr%25252FcollectiveHealth.all%252520https%25253A%25252F%25252Fconnect.axa.fr%25252Fbank.all%252520axa-fr-salary-saving%252520eb-fr-collective%252520fr-gfp%252520https%25253A%25252F%25252Fconnect.axa.fr%25252Fauth%25252Fpema%252520fr-outremer-insurance%23%2F&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&at_property=1b4d78ab-9d19-2f20-66ba-1923732acf99&debug=0&xiti_xtpage=axaconnect%3A%3Aauthentification%3A%3Amire_authentification
Requested by: Host: connect.axa.fr
URL: https://connect.axa.fr/vendors-frontoffice-twoFactorAuthentication.1180da6f1ad5eac37d87.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.35.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-35-188.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7f1742bfbee8c969cc01c536674df0a66a95f07ce42b3f26bfecc4032f9d211b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Oct 2021 21:42:37 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://connect.axa.fr
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 96
x-request-id: a26c43181c444003984e520dfa57022f

POST
H/1.1 200
OK /
privacy.trustcommander.net/privacy-consent/ 43 B
531 B 76ms
28ms Ping
image/gif 13.37.199.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy.trustcommander.net/privacy-consent/
Requested by: Host: cdn.trustcommander.net
URL: https://cdn.trustcommander.net/privacy/1514/privacy_v2_31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.37.199.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-37-199-125.eu-west-3.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: private
Date: Fri, 22 Oct 2021 21:42:37 GMT
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: https://connect.axa.fr
Cache-Control: private, max-age=486000, pre-check=486000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type
Content-Length: 43
Expires: Thu, 20 Jan 2022 21:42:37 GMT

POST
H2 204 hit.xiti
logs1412.xiti.com/ 0
170 B 8ms
8ms Ping
text/plain 18.193.0.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logs1412.xiti.com/hit.xiti?s=617645&idclient=9ab54be2-de75-4fdc-92ab-88c30002a23c&vc=false&vm=exempt&ts=1634938957507&vtag=5.28.1&ptag=js&p=Affichage%20banner,%20Test1&s2=&click=A

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.0.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-0-113.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://connect.axa.fr
date: Fri, 22 Oct 2021 21:42:37 GMT
cache-control: no-store
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=15768000

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 654e7e4599e04f24267341de3d4260d0c332c10bc66b3c99d8f242fdeb258c1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e118c0623d37daccbcb18489f1cd5301a83da3824fb09e1eb0fa2b179caceb85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 307 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf62c48b09e55011139dbe497ef1fae26d65da75807a98314a6600a0b4746a2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
connect.axa.fr/	1969-12-31 23:59:59	Name: XSRF-COOKIE-TOKEN Value: CfDJ8Eb2aKD8h9xDvF4BrrZKhJiiRaj6drQ07iPOnA6sBeQAhGsaX6B5c4otAOCKDIKNHPRtIIssIcytf1n3TYvWc2Me7yMRjE1YjwaFl6m0quZ1ZEeVIjHNQgRsDnfHR6KwQ2cUuuk2-bUKuHIfC6tnLxU
connect.axa.fr/	1969-12-31 23:59:59	Name: SERVERIDACON Value: c1eb49c00705d05b8a96d65e8f9d0d2737eea44492d686d8c077bc978d878e36
espaceclient.axa.fr/	1969-12-31 23:59:59	Name: SERVERIDMAW Value: 0fe3f733cece91f2d04a618485a2200c7ca0b6c132ad0a71e7e270e91e2ae8b3
espaceclient.axa.fr/	1969-12-31 23:59:59	Name: TS01725ce8 Value: 0163c547b76994778284c2ecc64d4fbe50bdc1299109de269092555ed8f3de25181781cdf6c78893794693b59d40d987005eee6bd8
connect.axa.fr/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: CfDJ8Eb2aKD8h9xDvF4BrrZKhJiCgSF5ti8VX5y8bYeqiNkm-kPA7BBRi6K2WL95jai4fCjEkwGZYrzSzhJ68Ss9xzZ1cMta63wdnyE6wduA1BAxs3Il545-UrJCwJm1JTmzt7E2yo2TmcpgzKeLdX4OVbc
connect.axa.fr/	1970-01-19 22:08:59	Name: __VkToken_UEFTU1dPUkQ_ Value: CfDJ8Eb2aKD8h9xDvF4BrrZKhJhxEhSSFKKEiekD4xPSQ78sYIPD6ZZqBEkBfEKy1kSB5LEgrZNr4yasX-7jXUJMw7EGdV9lNRdOTP_GKwK9wZDMa-V8up8fRoIHjXV4VWp0mzRs46CS6kSfmHcFZoF_zh9SBG0iNrbjNSdoRKST_L2SD-4GMX92aKOdOxfjM-7gd5mqBNlhgBrQZ86Lp_E9RkNCKTQYHa71tor2QRKQnV1J
connect.axa.fr/	1969-12-31 23:59:59	Name: TS01901cc1 Value: 017db37fccd78b32da7c4fad94da7700fd054236afe7990de4bcf628f7b01bed82138ca5c934058c2063d4fde0dda075a9c7f3342c56ca9f544aeba836bd2e41c760a83892b012add9fdb2e93f6cc85a84b98e48b47565b344b4cb4fdfb4d601d1467d332db6b6305e75fba1e49374564a2c177c98
.axa.fr/	1969-12-31 23:59:59	Name: TC_SONDE Value: 0
.axa.fr/	1970-01-19 22:52:10	Name: TC_PAGES_VIEWED Value: 1
.axa.fr/	1969-12-31 23:59:59	Name: check Value: true
connect.axa.fr/	1970-01-20 07:40:39	Name: atuserid Value: %7B%22name%22%3A%22atuserid%22%2C%22val%22%3A%229ab54be2-de75-4fdc-92ab-88c30002a23c%22%2C%22options%22%3A%7B%22end%22%3A%222022-11-23T21%3A42%3A37.389Z%22%2C%22path%22%3A%22%2F%22%7D%7D
.axa.fr/	1969-12-31 23:59:59	Name: tc_ipLabel Value: Base64_KzB8JyR9
.axa.fr/	1970-01-20 07:34:54	Name: TCPID Value: 1211052142377824210591
connect.axa.fr/	1970-01-20 07:40:39	Name: atauthority Value: %7B%22name%22%3A%22atauthority%22%2C%22val%22%3A%7B%22authority_name%22%3A%22cnil%22%2C%22visitor_mode%22%3A%22exempt%22%7D%2C%22options%22%3A%7B%22end%22%3A%222022-11-23T21%3A42%3A37.506Z%22%2C%22path%22%3A%22%2F%22%7D%7D
.axafrance.tt.omtrdc.net/	1970-01-19 22:09:00	Name: axafrance!mboxSession Value: 9a0ef794b4084859ac97b53e820003b7
.axafrance.tt.omtrdc.net/	1970-01-20 15:43:03	Name: axafrance!mboxPC Value: 9a0ef794b4084859ac97b53e820003b7.37_0
.axa.fr/	1970-01-20 15:43:03	Name: mbox Value: session#9a0ef794b4084859ac97b53e820003b7#1634940818\|PC#9a0ef794b4084859ac97b53e820003b7.37_0#1698183758
.axa.fr/	1970-01-19 22:09:00	Name: mboxEdgeCluster Value: 37

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://monaxa.axa.fr https://connect.satecassur.com https://monaxa.quantalys.com http://monaxaweb-gp.axa-fr.intraxa https://monaxaweb-gp.axa-fr.intraxa2 https://monaxaweb-gp.axawealthservices.fr https://monaxaweb-gp.axa.fr https://adv-front-pra-01.z-afa-tran-shrd-pra-ew1-ase01.pr.afa.azure.intraxa https://advalorem.axa.fr https://espaceclient-connect.axa.fr https://espaceclient.axa.fr https://outremer.axa.fr https://selfcare-decsin2.axa.fr https://outremer-privateiaas.corp.intraxa https://www.easyprojets.com https://preview-espaceclient.axa.fr http://uat-espaceclient.axa-fr.intraxa https://uat-espaceclient.axa.fr https://uat-espaceclient.axa-fr.intraxa https://www.axa.fr https://espaceclient-privateiaas.corp.intraxa https://cotisants-ere.axa.fr https://cotisants-ere-cloud.axa.fr https://aprs.asso.fr https://espacemedical.axa.fr https://easyepargne.axa.fr https://api-botsinistres.axa.fr https://api-botsinistre-pop.axa.fr https://sinistre.habitation.axa-assistance.com https://esign-widget-orchestration.axa-fr.intraxa https://esign-widget-orchestration.axa.fr https://assure.ma-protectionsociale.fr https://miroir-espaceclient.corp.intraxa https://gestioncotisations-cloud.axa.fr https://unused http://notused https://connect-entreprise.axa.fr https://agendapartage-portal.axa-fr.intraxa;
Strict-Transport-Security	max-age=31622400 max-age=10368000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

axafrance.tt.omtrdc.net
cdn.tagcommander.com
cdn.trustcommander.net
connect.axa.fr
espaceclient.axa.fr
logs1412.xiti.com
manager.tagcommander.com
privacy.trustcommander.net
13.37.199.125
143.204.98.13
171.18.34.198
171.18.97.117
18.193.0.113
192.229.233.55
35.181.77.138
63.33.35.188
0266bca24a58b19623d702daa7b4f2d9c617982c85dd4de647c6c75b1884a544
08a9f0b767c2d73dc9b37b2594a5003e54f23bced4df65f6dce445a17b478e44
12d7568b3b6e93177d4f6a1c0e61fe2fddefc52bef3da0e4284a87cb2c06e2d9
29d5aa326e339d5877aaa6ff2bbbfad0b8d8c4e978ebe93b8e155a27f826b325
2a406b2290fd5c91ce0f908cda3ccdc25185e1ac9b88cd49590a2de3ac8c4db3
2d886591337666f7c43eaa4af086c204dd46abf67da01b6922d87ebdeb333337
401937e376daf3c9521ee8c8b572f28696e598e1e80d1d5f44de2c229945f04e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
534d86643e453514052009fb029bb9ce9e5158a6dd45833174932054c153d470
61bda23471fbe4dfae78390d042b2295831a444a1d310a802bf8633d1bdcbf5a
654e7e4599e04f24267341de3d4260d0c332c10bc66b3c99d8f242fdeb258c1c
6662b843e1887bb1f6a99e9bd17434003b7deb767b04f4641ce0e54dcf5ca0ae
6980a8dbe6a3ab9c514320a420e78d16a819dad2219a854a85092ec0523e4efb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0bdfb80c74c64764740fa5f452948082efcce64019c15d947469a4a6b28376
7c14b5712f2ba0ce80ba91f75679b09208507ac68bcc2b48cc574554697f0697
7d86a8fe0c4f9d956ead10e265c752cb73b80d31f181a598f9a2dae5e998fbc9
7f1742bfbee8c969cc01c536674df0a66a95f07ce42b3f26bfecc4032f9d211b
877f4fd2dcea9a43987dfca5ce0dc50fc6064ebd23779dd09cc975bec4c3c405
8c8ced788ce5220ef2cd14a241987918aa321903f6dc22ada07b54b56b15e2b4
a36ae90b69d081e3479fe677f5af062c966cf63a48219e62357d32c4f72aa5fb
a6167953c3efb82c38ab89ed8fef6f2314423c49cc30746ecc3a98e8c3d96fe5
ad5ea5a059c7266d5e8532c2e9f93296adfc25f7da8f2ead6944d3ef158360f1
b12504e7984df47efd1c348d3ed00070f01a3f28d9cb58201827594f49b56e93
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf62c48b09e55011139dbe497ef1fae26d65da75807a98314a6600a0b4746a2a
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60
e118c0623d37daccbcb18489f1cd5301a83da3824fb09e1eb0fa2b179caceb85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88fd687de66ca579b275f9ec769421b596f99c7ea339f933c6c62f98a13ebb8
e91ddbdf1d33d05c3d14832c8c4851df00094946b161b7cf899dc10e6b87d05e
f90021753f0a8bc12e207df10717c994898057d5f33c02a7bbc587abcc886885
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

connect.axa.fr Open in urlscan Pro 171.18.97.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

0 %IPv6

5 Domains

8 Subdomains

9 IPs

3 Countries

842 kBTransfer

2158 kBSize

18 Cookies

6 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

connect.axa.fr Open in urlscan Pro
171.18.97.117 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

8
Subdomains

9
IPs

3
Countries

842 kB
Transfer

2158 kB
Size

18
Cookies

34 HTTP transactions
3 data transactions