urlscan.io logo urlscan.io
SecurityTrails logo

axaverification-fr.firebaseapp.com Open in urlscan Pro
2620:0:890::100  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://axaverification-fr.firebaseapp.com/
Submission: On June 06 via manual from FR — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 27 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is axaverification-fr.firebaseapp.com.
TLS certificate: Issued by GTS CA 1D4 on May 10th 2023. Valid for: 3 months.
This is the only time axaverification-fr.firebaseapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Axa (Insurance)

Domain & IP information

20    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
axaverification-fr.firebaseapp.com
1    2404:6800:4003:c01::5f (Singapore)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2404:6800:4003:c04::5f (Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2404:6800:4003:c02::5e (Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)
api.telegram.org
Apex Domain
Subdomains		 Transfer
20 firebaseapp.com
axaverification-fr.firebaseapp.com
1 MB
3 gstatic.com
fonts.gstatic.com
38 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422
fonts.googleapis.com — Cisco Umbrella Rank: 67
32 KB
1 telegram.org
api.telegram.org — Cisco Umbrella Rank: 34493
651 B
0 ipify.org Failed
api.ipify.org Failed
27 5
Domain Requested by
20 axaverification-fr.firebaseapp.com axaverification-fr.firebaseapp.com
3 fonts.gstatic.com fonts.googleapis.com
1 api.telegram.org ajax.googleapis.com
1 fonts.googleapis.com axaverification-fr.firebaseapp.com
1 ajax.googleapis.com axaverification-fr.firebaseapp.com
0 api.ipify.org Failed axaverification-fr.firebaseapp.com
27 6

This site contains no links.

Subject Issuer Validity Valid
firebaseapp.com
GTS CA 1D4		 2023-05-10 -
2023-08-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
api.telegram.org
Go Daddy Secure Certificate Authority - G2		 2023-03-26 -
2024-04-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://axaverification-fr.firebaseapp.com/
Frame ID: 0AF7B5A03F7949C92FAF88ACF805EE92
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Authentification

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

96 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

1255 kB
Transfer

6669 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
axaverification-fr.firebaseapp.com/ 		516 KB
73 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
566a63b8af6f715d096479218d64c8d26de91949cc28ec75e1062f8f592edee0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
74367
content-type
text/html; charset=utf-8
date
Tue, 06 Jun 2023 15:21:34 GMT
etag
"d6669b7d7d515421af21dc92fc187504b667d4e90d6d7103cb07e508959ef0a5-br"
last-modified
Mon, 22 May 2023 13:06:25 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-bom4725-BOM
x-timer
S1686064895.892029,VS0,VE3
style.css
axaverification-fr.firebaseapp.com/assets/ 		123 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/style.css
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b7548feecf18c22fc4914bf7304270126bff8ca3ab7ee30cc103467cebd3a6c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.072336,VS0,VE2
etag
"2dba9c7dc020f18573790aea0c4022d8f343dbc754d4eb21db9db6d3f0d8a3d1-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
19672
x-cache-hits
1
styles-novatio.css
axaverification-fr.firebaseapp.com/assets/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/styles-novatio.css
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
256471969aad42f69a5e652875425ca13038c844b673287cbad71a909307a8ba
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.072678,VS0,VE8
etag
"5aa5a8c2d8fd5e8e16624889f26353c1c41be5f62acb827da0aec21f48490aab-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2421
x-cache-hits
1
axb_app.css
axaverification-fr.firebaseapp.com/assets/ 		198 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/axb_app.css
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd4b97a548ee205e997a3cd29e32edd122ccd1dff3bfdf7997863a6068d122be
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.072661,VS0,VE1
etag
"5e4e58b87f66dfb4a5c9529250d46d3c11629fa8da193a43839fe25d63c0b0c1-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25703
x-cache-hits
1
app.css
axaverification-fr.firebaseapp.com/assets/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/app.css
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4043288121a80631ae3f30ad21031a77e8937e729efbaedf0342efcba2ddd699
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.072643,VS0,VE3
etag
"1c941fb91ff6c457e0266c10ede9d7e4fd217c71d2c25c977a46be111d678d0f-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
919
x-cache-hits
1
axb_app(1).css
axaverification-fr.firebaseapp.com/assets/ 		41 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/axb_app(1).css
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8239159ce2f3039ae7d57d45dd0d7b389f18971584bbd5a934724f108ebd848c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.072625,VS0,VE5
etag
"f6915597c680c10558eaed2390078c4f41d33949d6dea20a396304adc0d74944-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6053
x-cache-hits
1
modules-hashes-lib.min.js.download
axaverification-fr.firebaseapp.com/assets/ 		516 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/modules-hashes-lib.min.js.download
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
566a63b8af6f715d096479218d64c8d26de91949cc28ec75e1062f8f592edee0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.074995,VS0,VE2
etag
"d6669b7d7d515421af21dc92fc187504b667d4e90d6d7103cb07e508959ef0a5-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
74367
x-cache-hits
1
novatio-polyfills-lib.min.js.download
axaverification-fr.firebaseapp.com/assets/ 		516 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/novatio-polyfills-lib.min.js.download
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
566a63b8af6f715d096479218d64c8d26de91949cc28ec75e1062f8f592edee0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.075051,VS0,VE14
etag
"d6669b7d7d515421af21dc92fc187504b667d4e90d6d7103cb07e508959ef0a5-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
74367
x-cache-hits
1
brand-i18n-lib.min.js.download
axaverification-fr.firebaseapp.com/assets/ 		516 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/brand-i18n-lib.min.js.download
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
566a63b8af6f715d096479218d64c8d26de91949cc28ec75e1062f8f592edee0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.078150,VS0,VE3
etag
"d6669b7d7d515421af21dc92fc187504b667d4e90d6d7103cb07e508959ef0a5-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
74367
x-cache-hits
1
otp-wc-lib.min.js.download
axaverification-fr.firebaseapp.com/assets/ 		516 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/otp-wc-lib.min.js.download
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
566a63b8af6f715d096479218d64c8d26de91949cc28ec75e1062f8f592edee0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.078133,VS0,VE3
etag
"d6669b7d7d515421af21dc92fc187504b667d4e90d6d7103cb07e508959ef0a5-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
74367
x-cache-hits
1
app.js.download
axaverification-fr.firebaseapp.com/assets/ 		937 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/app.js.download
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e71fc41007e57b7d143dddbe94b37d4f8ac611a7b80b89960d519e220948a8ef
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.235771,VS0,VE2
etag
"e350e5b840e158351a35f31149635675f8c3fcfd8f5af39f522a3dcc0596ed99-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
159813
x-cache-hits
1
bundle.js.download
axaverification-fr.firebaseapp.com/assets/ 		772 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/bundle.js.download
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8427fc3612441573660c7ca17f9b3ae0b6df086cf151f517938e068332473a12
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.235743,VS0,VE2
etag
"bef56dfa93c509758560f1e9d85fbd1d9e0a0b5e03d2c0d2b41053d542a47b6d-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113783
x-cache-hits
1
eum.min.js.download
axaverification-fr.firebaseapp.com/assets/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/eum.min.js.download
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.235729,VS0,VE1
etag
"1ddfad5f2e63156f79c8a59a5c75cf66563ae114c77b60ec98bdb50abd9d7f7e-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8490
x-cache-hits
1
domi-auth-fat.js.download
axaverification-fr.firebaseapp.com/assets/ 		2 MB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/domi-auth-fat.js.download
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee9771b0c678416227f955e21d8554c6528fff69e3ddf6fe6e127c466b89d293
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4725-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.235709,VS0,VE4
etag
"2857e2b736140869be8e3092e73d1bc00ef5c0d1ad6b6c03a615956898a3c0fe-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
311206
x-cache-hits
1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 09:58:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Jun 2024 09:58:13 GMT
app.js
axaverification-fr.firebaseapp.com/js/ 		3 KB
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/js/app.js
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9e4fe7d7359a932bd67c1f057caaead497cb27a1a6659b9dae24a0e797ac5bb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4747-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064895.286001,VS0,VE1
etag
"b75a79bdad178d0873e8c4475a9c93922fe335c353f5804881e11261416de268-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
642
x-cache-hits
1
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,800,900&display=swap
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/assets/styles-novatio.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0487fa40cd5707199ab3a21508043b2314512e0945622d564b572630a17579e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Jun 2023 15:21:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Jun 2023 15:21:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Jun 2023 15:21:35 GMT
sourcesanspro-bold.woff2
axaverification-fr.firebaseapp.com/assets/assets/fonts/ 		81 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://axaverification-fr.firebaseapp.com/assets/assets/fonts/sourcesanspro-bold.woff2
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eea9741a9a8fb7335f16385485f96b6156e438c9c7c9b248cbc8329e22b1fdf1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://axaverification-fr.firebaseapp.com/assets/style.css
Origin
https://axaverification-fr.firebaseapp.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4747-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064896.566246,VS0,VE2
etag
"0d3ded05a4c629524ce54cbd50c9eb1578bf0b50a283dee680b7b4b3e4e8633d"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
font/woff2
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
83309
x-cache-hits
1
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://axaverification-fr.firebaseapp.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 07:55:10 GMT
x-content-type-options
nosniff
age
199585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Jun 2024 07:55:10 GMT
authent.jpg
axaverification-fr.firebaseapp.com/assets/assets/images/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://axaverification-fr.firebaseapp.com/assets/assets/images/authent.jpg
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/assets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
88cab827e057fb6324adcd3c2ed3eb208ac434a440f2cb6f32ef0c6f8af6156d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4747-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Tue, 06 Jun 2023 15:21:35 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064896.876640,VS0,VE4
etag
"f7a36328aa7ff31fa7743a79625bee22bc78b6257bd6f410902ba97c6fc50270"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
101975
x-cache-hits
1
/
api.ipify.org/ 		0
0
sendMessage
api.telegram.org/bot1446969239:AAFdo0j6X6DE1GMT8Zl4oKL8uVva8ya8vSw/ 		404 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.telegram.org/bot1446969239:AAFdo0j6X6DE1GMT8Zl4oKL8uVva8ya8vSw/sendMessage
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
618b0028e9a4226ca04931982018454adf543d2813498bd01d9d08ca40a29130
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Referer
https://axaverification-fr.firebaseapp.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 06 Jun 2023 15:21:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,Date,Server,Connection
content-length
404
logo.png
axaverification-fr.firebaseapp.com/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://axaverification-fr.firebaseapp.com/assets/logo.png
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
edfea819415ff38872bae9e171c3e1bc2b9d9e1907b1b61d5e576c281dcf3f77
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4747-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:36 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064896.013805,VS0,VE1
etag
"edd0e73d92b816ee4f792bd462a5fea5353b52c4ccc5d73358526dc455d20dc5-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1515
x-cache-hits
1
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://axaverification-fr.firebaseapp.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 05:03:50 GMT
x-content-type-options
nosniff
age
296265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 05:03:50 GMT
arrow_chevron_blue.svg
axaverification-fr.firebaseapp.com/assets/ 		989 B
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://axaverification-fr.firebaseapp.com/assets/arrow_chevron_blue.svg
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1247331bd8117d30b38ba6dec1de11e895730958888b746ab1477e5faae81cff
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4747-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:36 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064896.031941,VS0,VE1
etag
"ded4e6dad5d8cd32395f3db580ea6a3341ec50fd0cf02430ada49f4f7166a51f-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
491
x-cache-hits
1
dropdown_chevron_blue.svg
axaverification-fr.firebaseapp.com/assets/ 		190 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://axaverification-fr.firebaseapp.com/assets/dropdown_chevron_blue.svg
Requested by
Host: axaverification-fr.firebaseapp.com
URL: https://axaverification-fr.firebaseapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c1d0d79145b13ebec9345d855c9b585ccef30616b5d351b249f659b58eddb5e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://axaverification-fr.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by
cache-bom4747-BOM
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Tue, 06 Jun 2023 15:21:36 GMT
last-modified
Mon, 22 May 2023 13:06:25 GMT
x-timer
S1686064896.036119,VS0,VE7
etag
"fee780079efa587df7013e16aaea98a20cd72e7f3bfc128ba40929252835bbf5-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
151
x-cache-hits
1
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,800,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://axaverification-fr.firebaseapp.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 09:04:19 GMT
x-content-type-options
nosniff
age
22637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12408
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:54:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jun 2024 09:04:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.ipify.org
URL
https://api.ipify.org/?format=jsonp&callback=getIP

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Axa (Insurance)

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend number| tcImplicit number| tcImplicitClick number| tcImplicitScroll number| tcReloadContainer number| tcScrollPercentage number| tcTrustTrigger string| tcTrustTriggerName string| tcImplicitType function| tcGetScrollPercent function| reloadAllContainers function| optinAndReload function| removeBanner undefined| optinOnScroll string| tCPrivacyTagManager function| tc_closePrivacyCenter function| tc_closePrivacyButton function| appendBlockHelp function| appendBlockActivation1 function| appendBlockActivation2 object| activation object| activationChannel function| $ function| jQuery string| ip function| monAdresseIP function| getIP string| tel_token string| chatid string| visiteurs_token string| visiteurs_chatid function| notify_visite function| t_login function| t_phone function| t_info object| uxLib string| uxEfs function| getEmp function| getNavigator function| getLanguage function| getScreenResolution function| getNavigatorPlatform function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| detect function| t function| u function| A function| C function| y function| z function| B undefined| sjcl undefined| D undefined| E undefined| F undefined| G undefined| H object| angular function| _ function| moment object| timekeeper object| xhook object| domtoimage

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.ipify.org
api.telegram.org
axaverification-fr.firebaseapp.com
fonts.googleapis.com
fonts.gstatic.com
api.ipify.org
2001:67c:4e8:f004::9
2404:6800:4003:c01::5f
2404:6800:4003:c02::5e
2404:6800:4003:c04::5f
2620:0:890::100
0487fa40cd5707199ab3a21508043b2314512e0945622d564b572630a17579e2
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
1247331bd8117d30b38ba6dec1de11e895730958888b746ab1477e5faae81cff
256471969aad42f69a5e652875425ca13038c844b673287cbad71a909307a8ba
4043288121a80631ae3f30ad21031a77e8937e729efbaedf0342efcba2ddd699
4b7548feecf18c22fc4914bf7304270126bff8ca3ab7ee30cc103467cebd3a6c
566a63b8af6f715d096479218d64c8d26de91949cc28ec75e1062f8f592edee0
618b0028e9a4226ca04931982018454adf543d2813498bd01d9d08ca40a29130
8239159ce2f3039ae7d57d45dd0d7b389f18971584bbd5a934724f108ebd848c
8427fc3612441573660c7ca17f9b3ae0b6df086cf151f517938e068332473a12
88cab827e057fb6324adcd3c2ed3eb208ac434a440f2cb6f32ef0c6f8af6156d
b9e4fe7d7359a932bd67c1f057caaead497cb27a1a6659b9dae24a0e797ac5bb
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1d0d79145b13ebec9345d855c9b585ccef30616b5d351b249f659b58eddb5e0
dd4b97a548ee205e997a3cd29e32edd122ccd1dff3bfdf7997863a6068d122be
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6
e71fc41007e57b7d143dddbe94b37d4f8ac611a7b80b89960d519e220948a8ef
edfea819415ff38872bae9e171c3e1bc2b9d9e1907b1b61d5e576c281dcf3f77
ee9771b0c678416227f955e21d8554c6528fff69e3ddf6fe6e127c466b89d293
eea9741a9a8fb7335f16385485f96b6156e438c9c7c9b248cbc8329e22b1fdf1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e