URL: https://connect-recprj.direct-assurance.fr/
Submission: On November 01 via automatic, source certstream-suspicious — Scanned from FR

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 16 HTTP transactions. The main IP is 171.18.127.209, located in France and belongs to AXA-TECH Paris, FR. The main domain is connect-recprj.direct-assurance.fr.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 22nd 2024. Valid for: 9 months.
This is the only time connect-recprj.direct-assurance.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 171.18.127.209 12696 (AXA-TECH ...)
2 13.225.78.119 16509 (AMAZON-02)
1 3.125.247.22 16509 (AMAZON-02)
16 3
Apex Domain
Subdomains
Transfer
15 direct-assurance.fr
connect-recprj.direct-assurance.fr
dd.direct-assurance.fr
2 MB
1 captcha-delivery.com
geo.captcha-delivery.com — Cisco Umbrella Rank: 21683
16 2
Domain Requested by
13 connect-recprj.direct-assurance.fr connect-recprj.direct-assurance.fr
2 dd.direct-assurance.fr connect-recprj.direct-assurance.fr
dd.direct-assurance.fr
1 geo.captcha-delivery.com dd.direct-assurance.fr
16 3

This site contains no links.

Subject Issuer Validity Valid
Secur-recprj.direct-assurance.fr
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-22 -
2024-11-08
9 months crt.sh
dd.direct-assurance.fr
E5
2024-09-21 -
2024-12-20
3 months crt.sh
*.captcha-delivery.com
Amazon RSA 2048 M03
2024-10-21 -
2025-11-19
a year crt.sh

This page contains 2 frames:

Primary Page: https://connect-recprj.direct-assurance.fr/
Frame ID: 0C45409DDD728C8523BCB4A2CF7EBF0C
Requests: 15 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAcMHQc45cVtcAsiGQsA==&cid=qCi7VN5rnW15iJsNkKtXl76zhgDKk~~bLlJtc6F_RlJFuTNUh4md~UFWxdNPwJfTfN4u0wx6upjrw~IZ6eQ3TIcxRlPjpPibwJRlo2qG7yIMxqDvdjoedmfd1zq7NfeC&referer=https%3A%2F%2Fconnect-recprj.direct-assurance.fr%2Fapi%2Faccountspace&hash=C51398CF80B9BB7265AB6C8B0B9AD9&t=fe&s=48397&e=a49555a5dd0b86f85723ede221ac8b1f8e5d42dd7796c8fc59c1b8f9723476e8&dm=jd
Frame ID: 08F48D960ED338A609FF30FABD65061D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Espace AXA

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

1779 kB
Transfer

3609 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
connect-recprj.direct-assurance.fr/
2 KB
4 KB
Document
General
Full URL
https://connect-recprj.direct-assurance.fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
3157e2f66b5dbbf124e63a4e580298f8716fc4192eb23359a64d5150626bd621
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' dd.direct-assurance.fr https://localhost:7263 https://localhost:5184 http://localhost:7263 http://localhost:5184 https://iardformsinistre-recprj.direct-assurance.fr http://localhost:3009 https://localhost:3008 http://localhost:3005 https://localhost:3004 https://secur-recprj.direct-assurance.fr;object-src 'none'; base-uri 'self'; script-src 'unsafe-eval' *.tagcommander.com/ *.googletagmanager.com *.doubleclick.net *.aticdn.net *.trustcommander.net *.datadome.co *.google.com *.gstatic.com https://dd.direct-assurance.fr https://connect-recprj.direct-assurance.fr 'unsafe-inline' https://ct.captcha-delivery.com https://cdn.trustcommander.net/
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Cache-Control
no-store,no-cache
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' dd.direct-assurance.fr https://localhost:7263 https://localhost:5184 http://localhost:7263 http://localhost:5184 https://iardformsinistre-recprj.direct-assurance.fr http://localhost:3009 https://localhost:3008 http://localhost:3005 https://localhost:3004 https://secur-recprj.direct-assurance.fr;object-src 'none'; base-uri 'self'; script-src 'unsafe-eval' *.tagcommander.com/ *.googletagmanager.com *.doubleclick.net *.aticdn.net *.trustcommander.net *.datadome.co *.google.com *.gstatic.com https://dd.direct-assurance.fr https://connect-recprj.direct-assurance.fr 'unsafe-inline' https://ct.captcha-delivery.com https://cdn.trustcommander.net/
Content-Type
text/html; charset=utf-8
Date
Fri, 01 Nov 2024 03:38:57 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
aws
Strict-Transport-Security
max-age=31622400
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DataDome
protected
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
tags.js
dd.direct-assurance.fr/
168 KB
32 KB
Script
General
Full URL
https://dd.direct-assurance.fr/tags.js
Requested by
Host: connect-recprj.direct-assurance.fr
URL: https://connect-recprj.direct-assurance.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-119.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44b5896f4a4360bc08c70cf6e5890aa872e50f9d65d0597013c8565752277a82
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
3leCM9jGAq2_7z1hJqQMAiZ.vKvvZDqu
etag
W/"86b848e45746db7159d1fbb589ce0f3f"
age
724
x-cache
Hit from cloudfront
x-amz-cf-id
oJPmf8xojepQs2z04syRyv9E8cdK47P1A9b_7wkZU0158KDKs4J0sw==
date
Fri, 01 Nov 2024 03:28:48 GMT
content-type
text/javascript
vary
accept-encoding, Origin
last-modified
Thu, 17 Oct 2024 12:43:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=3600, public
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
runtime.4a1250b7261ff66d22bd.bundle.min.js
connect-recprj.direct-assurance.fr/
14 KB
5 KB
Script
General
Full URL
https://connect-recprj.direct-assurance.fr/runtime.4a1250b7261ff66d22bd.bundle.min.js
Requested by
Host: connect-recprj.direct-assurance.fr
URL: https://connect-recprj.direct-assurance.fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
3a7ab991a85ea337b61953871ca60efd8f992227a6e4a511760315a734571b37
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31622400
Cache-Control
public, max-age=36288000
Content-Encoding
gzip
ETag
"1db25fdeff03e69"
Age
44364
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Date
Fri, 01 Nov 2024 03:38:57 GMT
Content-Type
text/javascript
Last-Modified
Thu, 24 Oct 2024 10:17:32 GMT
Vary
Accept-Encoding
Server
aws
vendors.558b2ef750027568cc92.bundle.min.js
connect-recprj.direct-assurance.fr/
2 MB
593 KB
Script
General
Full URL
https://connect-recprj.direct-assurance.fr/vendors.558b2ef750027568cc92.bundle.min.js
Requested by
Host: connect-recprj.direct-assurance.fr
URL: https://connect-recprj.direct-assurance.fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
adce8329afb63391f14076cf6eb6860e0fdc056c07a0cf563479efd52dd2a773
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31622400
Cache-Control
public, max-age=36288000
Content-Encoding
gzip
ETag
"1db25fdefec111e"
Age
44364
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Date
Fri, 01 Nov 2024 03:38:57 GMT
Content-Type
text/javascript
Last-Modified
Thu, 24 Oct 2024 10:17:32 GMT
Vary
Accept-Encoding
Server
aws
frontoffice.290a0d1afe840245e659.bundle.min.js
connect-recprj.direct-assurance.fr/
537 KB
126 KB
Script
General
Full URL
https://connect-recprj.direct-assurance.fr/frontoffice.290a0d1afe840245e659.bundle.min.js
Requested by
Host: connect-recprj.direct-assurance.fr
URL: https://connect-recprj.direct-assurance.fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
b571861587206015d8652ead8a5563405392adf26b0642b4b7bb989ab8dd46fe
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31622400
Cache-Control
public, max-age=36288000
Content-Encoding
gzip
ETag
"1db25fdeff862a5"
Age
44364
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Date
Fri, 01 Nov 2024 03:38:57 GMT
Content-Type
text/javascript
Last-Modified
Thu, 24 Oct 2024 10:17:32 GMT
Vary
Accept-Encoding
Server
aws
frontoffice.c6a970ad7b3c313fcf76.css
connect-recprj.direct-assurance.fr/css/
134 KB
51 KB
Stylesheet
General
Full URL
https://connect-recprj.direct-assurance.fr/css/frontoffice.c6a970ad7b3c313fcf76.css
Requested by
Host: connect-recprj.direct-assurance.fr
URL: https://connect-recprj.direct-assurance.fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
00039b75daaa56fc5eb54eba99cdf5570211d56ee785e1b2cdcde6b68c83b766
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31622400
Cache-Control
public, max-age=36288000
Content-Encoding
gzip
ETag
"1db25fdeff21155"
Age
44364
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Date
Fri, 01 Nov 2024 03:38:57 GMT
Content-Type
text/css
Last-Modified
Thu, 24 Oct 2024 10:17:32 GMT
Vary
Accept-Encoding
Server
aws
/
dd.direct-assurance.fr/js/
240 B
624 B
XHR
General
Full URL
https://dd.direct-assurance.fr/js/
Requested by
Host: dd.direct-assurance.fr
URL: https://dd.direct-assurance.fr/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-119.fra2.r.cloudfront.net
Software
DataDome /
Resource Hash
350a78dd3c0a25ca644f8ba4147d7f41977eaf0c22f8c1384c2797e59a1d2dab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
expires
0
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
240
x-amz-cf-id
qq7LWf-cbm9todRlpxXTDRG8O-YLGf73V66hweADx144U_8e5MmteQ==
date
Fri, 01 Nov 2024 03:38:58 GMT
content-type
application/json;charset=utf-8
x-amz-cf-pop
FRA2-C2
server
DataDome
accountspace
connect-recprj.direct-assurance.fr/api/
422 B
3 KB
XHR
General
Full URL
https://connect-recprj.direct-assurance.fr/api/accountspace
Requested by
Host: connect-recprj.direct-assurance.fr
URL: https://connect-recprj.direct-assurance.fr/vendors.558b2ef750027568cc92.bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
3b9f2dda9cef6e8f6b2b25b951740b61c7663f5aae242a2131bfccadb5491db8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' dd.direct-assurance.fr https://localhost:7263 https://localhost:5184 http://localhost:7263 http://localhost:5184 https://iardformsinistre-recprj.direct-assurance.fr http://localhost:3009 https://localhost:3008 http://localhost:3005 https://localhost:3004 https://secur-recprj.direct-assurance.fr;object-src 'none'; base-uri 'self'; script-src 'unsafe-eval' *.tagcommander.com/ *.googletagmanager.com *.doubleclick.net *.aticdn.net *.trustcommander.net *.datadome.co *.google.com *.gstatic.com https://dd.direct-assurance.fr https://connect-recprj.direct-assurance.fr 'unsafe-inline' https://ct.captcha-delivery.com https://cdn.trustcommander.net/
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-XSRF-TOKEN
CfDJ8MZTPMvBgcxItbzmkrpXkrThfQ3PXmUxU5ByF3hSGtLzXuUcWnCcxrTQhw74ON5T6OI2Ck2cMgLoEohfYoGlm7DFe4XwxUY5vu4VaNozyaPOzEE7ROJjgqiaxEABEMs6tSV1wl0ZHKcXtxgVS8v4WLQ
Referer
axa-feature
id=001a12dc-61e6-449f-a6aa-69bea61c2dc4,name=ACON_DEFAULT_FEATURE
sec-ch-device-memory
8
axa-correlation-id
e2c42022-b80c-40d4-b778-76e530d90a0b
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json

Response headers

Access-Control-Expose-Headers
x-dd-b, x-set-cookie
X-DataDome-CID
AHrlqAAAAAMAcMHQc45cVtcAsiGQsA==
X-Content-Type-Options
nosniff
Date
Fri, 01 Nov 2024 03:38:59 GMT
X-DD-B
1
Content-Type
application/json; charset=utf-8
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31622400
Content-Security-Policy
frame-ancestors 'self' dd.direct-assurance.fr https://localhost:7263 https://localhost:5184 http://localhost:7263 http://localhost:5184 https://iardformsinistre-recprj.direct-assurance.fr http://localhost:3009 https://localhost:3008 http://localhost:3005 https://localhost:3004 https://secur-recprj.direct-assurance.fr;object-src 'none'; base-uri 'self'; script-src 'unsafe-eval' *.tagcommander.com/ *.googletagmanager.com *.doubleclick.net *.aticdn.net *.trustcommander.net *.datadome.co *.google.com *.gstatic.com https://dd.direct-assurance.fr https://connect-recprj.direct-assurance.fr 'unsafe-inline' https://ct.captcha-delivery.com https://cdn.trustcommander.net/
Cache-Control
no-store, must-revalidate, no-cache, max-age=0, private
Pragma
no-cache
Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
X-DataDome
protected
Charset
utf-8
Server
aws
feature
connect-recprj.direct-assurance.fr/api/
1014 B
3 KB
XHR
General
Full URL
https://connect-recprj.direct-assurance.fr/api/feature
Requested by
Host: connect-recprj.direct-assurance.fr
URL: https://connect-recprj.direct-assurance.fr/vendors.558b2ef750027568cc92.bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
f159d2db69d2208d2442b4bd5369a591d2e800e69b4a65a1038d95752c51dc96
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' dd.direct-assurance.fr https://localhost:7263 https://localhost:5184 http://localhost:7263 http://localhost:5184 https://iardformsinistre-recprj.direct-assurance.fr http://localhost:3009 https://localhost:3008 http://localhost:3005 https://localhost:3004 https://secur-recprj.direct-assurance.fr;object-src 'none'; base-uri 'self'; script-src 'unsafe-eval' *.tagcommander.com/ *.googletagmanager.com *.doubleclick.net *.aticdn.net *.trustcommander.net *.datadome.co *.google.com *.gstatic.com https://dd.direct-assurance.fr https://connect-recprj.direct-assurance.fr 'unsafe-inline' https://ct.captcha-delivery.com https://cdn.trustcommander.net/
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-XSRF-TOKEN
CfDJ8MZTPMvBgcxItbzmkrpXkrThfQ3PXmUxU5ByF3hSGtLzXuUcWnCcxrTQhw74ON5T6OI2Ck2cMgLoEohfYoGlm7DFe4XwxUY5vu4VaNozyaPOzEE7ROJjgqiaxEABEMs6tSV1wl0ZHKcXtxgVS8v4WLQ
Referer
axa-feature
id=001a12dc-61e6-449f-a6aa-69bea61c2dc4,name=ACON_DEFAULT_FEATURE
sec-ch-device-memory
8
axa-correlation-id
09d2fa7b-ee83-418d-9ad9-dad73c684e38
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
text/plain

Response headers

Access-Control-Expose-Headers
x-dd-b, x-set-cookie
X-DataDome-CID
AHrlqAAAAAMAcMHQc45cVtcAsiGQsA==
X-Content-Type-Options
nosniff
Date
Fri, 01 Nov 2024 03:38:59 GMT
X-DD-B
1
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31622400
Content-Security-Policy
frame-ancestors 'self' dd.direct-assurance.fr https://localhost:7263 https://localhost:5184 http://localhost:7263 http://localhost:5184 https://iardformsinistre-recprj.direct-assurance.fr http://localhost:3009 https://localhost:3008 http://localhost:3005 https://localhost:3004 https://secur-recprj.direct-assurance.fr;object-src 'none'; base-uri 'self'; script-src 'unsafe-eval' *.tagcommander.com/ *.googletagmanager.com *.doubleclick.net *.aticdn.net *.trustcommander.net *.datadome.co *.google.com *.gstatic.com https://dd.direct-assurance.fr https://connect-recprj.direct-assurance.fr 'unsafe-inline' https://ct.captcha-delivery.com https://cdn.trustcommander.net/
Cache-Control
no-store, must-revalidate, no-cache, max-age=0, private
Pragma
no-cache
Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
X-DataDome
protected
Charset
utf-8
Server
aws
isConnected
connect-recprj.direct-assurance.fr/api/navigation/
434 B
3 KB
XHR
General
Full URL
https://connect-recprj.direct-assurance.fr/api/navigation/isConnected
Requested by
Host: connect-recprj.direct-assurance.fr
URL: https://connect-recprj.direct-assurance.fr/vendors.558b2ef750027568cc92.bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
f8ee1ffc2fc536b5369f9d999b49deffe7d4d9d00a2529553d9cda5f6a434fc2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' dd.direct-assurance.fr https://localhost:7263 https://localhost:5184 http://localhost:7263 http://localhost:5184 https://iardformsinistre-recprj.direct-assurance.fr http://localhost:3009 https://localhost:3008 http://localhost:3005 https://localhost:3004 https://secur-recprj.direct-assurance.fr;object-src 'none'; base-uri 'self'; script-src 'unsafe-eval' *.tagcommander.com/ *.googletagmanager.com *.doubleclick.net *.aticdn.net *.trustcommander.net *.datadome.co *.google.com *.gstatic.com https://dd.direct-assurance.fr https://connect-recprj.direct-assurance.fr 'unsafe-inline' https://ct.captcha-delivery.com https://cdn.trustcommander.net/
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-XSRF-TOKEN
CfDJ8MZTPMvBgcxItbzmkrpXkrThfQ3PXmUxU5ByF3hSGtLzXuUcWnCcxrTQhw74ON5T6OI2Ck2cMgLoEohfYoGlm7DFe4XwxUY5vu4VaNozyaPOzEE7ROJjgqiaxEABEMs6tSV1wl0ZHKcXtxgVS8v4WLQ
Referer
axa-feature
id=001a12dc-61e6-449f-a6aa-69bea61c2dc4,name=ACON_DEFAULT_FEATURE
sec-ch-device-memory
8
axa-correlation-id
ac2fdf8a-3786-4385-9873-cbe0de61c6fa
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json

Response headers

Access-Control-Expose-Headers
x-dd-b, x-set-cookie
X-DataDome-CID
AHrlqAAAAAMAcMHQc45cVtcAsiGQsA==
X-Content-Type-Options
nosniff
Date
Fri, 01 Nov 2024 03:38:59 GMT
X-DD-B
1
Content-Type
application/json; charset=utf-8
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31622400
Content-Security-Policy
frame-ancestors 'self' dd.direct-assurance.fr https://localhost:7263 https://localhost:5184 http://localhost:7263 http://localhost:5184 https://iardformsinistre-recprj.direct-assurance.fr http://localhost:3009 https://localhost:3008 http://localhost:3005 https://localhost:3004 https://secur-recprj.direct-assurance.fr;object-src 'none'; base-uri 'self'; script-src 'unsafe-eval' *.tagcommander.com/ *.googletagmanager.com *.doubleclick.net *.aticdn.net *.trustcommander.net *.datadome.co *.google.com *.gstatic.com https://dd.direct-assurance.fr https://connect-recprj.direct-assurance.fr 'unsafe-inline' https://ct.captcha-delivery.com https://cdn.trustcommander.net/
Cache-Control
no-store, must-revalidate, no-cache, max-age=0, private
Pragma
no-cache
Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
X-DataDome
protected
Charset
utf-8
Server
aws
accountspace
connect-recprj.direct-assurance.fr/api/
422 B
3 KB
XHR
General
Full URL
https://connect-recprj.direct-assurance.fr/api/accountspace
Requested by
Host: connect-recprj.direct-assurance.fr
URL: https://connect-recprj.direct-assurance.fr/vendors.558b2ef750027568cc92.bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
da399b590b5e32245a94dabf97e0cca8d96a01d8ffdb38a69f8748c1abd8496c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' dd.direct-assurance.fr https://localhost:7263 https://localhost:5184 http://localhost:7263 http://localhost:5184 https://iardformsinistre-recprj.direct-assurance.fr http://localhost:3009 https://localhost:3008 http://localhost:3005 https://localhost:3004 https://secur-recprj.direct-assurance.fr;object-src 'none'; base-uri 'self'; script-src 'unsafe-eval' *.tagcommander.com/ *.googletagmanager.com *.doubleclick.net *.aticdn.net *.trustcommander.net *.datadome.co *.google.com *.gstatic.com https://dd.direct-assurance.fr https://connect-recprj.direct-assurance.fr 'unsafe-inline' https://ct.captcha-delivery.com https://cdn.trustcommander.net/
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-XSRF-TOKEN
CfDJ8MZTPMvBgcxItbzmkrpXkrThfQ3PXmUxU5ByF3hSGtLzXuUcWnCcxrTQhw74ON5T6OI2Ck2cMgLoEohfYoGlm7DFe4XwxUY5vu4VaNozyaPOzEE7ROJjgqiaxEABEMs6tSV1wl0ZHKcXtxgVS8v4WLQ
Referer
axa-feature
id=001a12dc-61e6-449f-a6aa-69bea61c2dc4,name=ACON_DEFAULT_FEATURE
sec-ch-device-memory
8
axa-correlation-id
a23d7347-b762-46c0-8bb4-b61a1c834200
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json

Response headers

Access-Control-Expose-Headers
x-dd-b, x-set-cookie
X-DataDome-CID
AHrlqAAAAAMAcMHQc45cVtcAsiGQsA==
X-Content-Type-Options
nosniff
Date
Fri, 01 Nov 2024 03:38:59 GMT
X-DD-B
1
Content-Type
application/json; charset=utf-8
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31622400
Content-Security-Policy
frame-ancestors 'self' dd.direct-assurance.fr https://localhost:7263 https://localhost:5184 http://localhost:7263 http://localhost:5184 https://iardformsinistre-recprj.direct-assurance.fr http://localhost:3009 https://localhost:3008 http://localhost:3005 https://localhost:3004 https://secur-recprj.direct-assurance.fr;object-src 'none'; base-uri 'self'; script-src 'unsafe-eval' *.tagcommander.com/ *.googletagmanager.com *.doubleclick.net *.aticdn.net *.trustcommander.net *.datadome.co *.google.com *.gstatic.com https://dd.direct-assurance.fr https://connect-recprj.direct-assurance.fr 'unsafe-inline' https://ct.captcha-delivery.com https://cdn.trustcommander.net/
Cache-Control
no-store, must-revalidate, no-cache, max-age=0, private
Pragma
no-cache
Accept-CH
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Access-Control-Allow-Credentials
true
Referrer-Policy
no-referrer
Access-Control-Allow-Origin
*
X-XSS-Protection
1; mode=block
X-DataDome
protected
Charset
utf-8
Server
aws
8c8b3829ff7a6fb8e4f3.png
connect-recprj.direct-assurance.fr/assets/
934 KB
934 KB
Image
General
Full URL
https://connect-recprj.direct-assurance.fr/assets/8c8b3829ff7a6fb8e4f3.png
Requested by
Host: connect-recprj.direct-assurance.fr
URL: https://connect-recprj.direct-assurance.fr/css/frontoffice.c6a970ad7b3c313fcf76.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
048cc77896d2e2a6b5fcc40cee3550cfd02c381ffd4d2f77e6d0660e2f5c1097
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer

Response headers

Strict-Transport-Security
max-age=31622400
Cache-Control
public, max-age=36288000
ETag
"1db25fdeffe90ad"
Age
44364
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
956077
X-XSS-Protection
1; mode=block
Date
Fri, 01 Nov 2024 03:38:59 GMT
Content-Type
image/png
Last-Modified
Thu, 24 Oct 2024 10:17:32 GMT
Server
aws
96b158827eaacc5f7912.woff2
connect-recprj.direct-assurance.fr/assets/
16 KB
16 KB
Font
General
Full URL
https://connect-recprj.direct-assurance.fr/assets/96b158827eaacc5f7912.woff2
Requested by
Host: connect-recprj.direct-assurance.fr
URL: https://connect-recprj.direct-assurance.fr/css/frontoffice.c6a970ad7b3c313fcf76.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://connect-recprj.direct-assurance.fr
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-device-memory
8

Response headers

Strict-Transport-Security
max-age=31622400
Cache-Control
public, max-age=36288000
ETag
"1db25fdeff03824"
Age
44364
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
15908
X-XSS-Protection
1; mode=block
Date
Fri, 01 Nov 2024 03:38:59 GMT
Content-Type
font/woff2
Last-Modified
Thu, 24 Oct 2024 10:17:32 GMT
Server
aws
/
geo.captcha-delivery.com/captcha/ Frame 08F4
0
0
Document
General
Full URL
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAcMHQc45cVtcAsiGQsA==&cid=qCi7VN5rnW15iJsNkKtXl76zhgDKk~~bLlJtc6F_RlJFuTNUh4md~UFWxdNPwJfTfN4u0wx6upjrw~IZ6eQ3TIcxRlPjpPibwJRlo2qG7yIMxqDvdjoedmfd1zq7NfeC&referer=https%3A%2F%2Fconnect-recprj.direct-assurance.fr%2Fapi%2Faccountspace&hash=C51398CF80B9BB7265AB6C8B0B9AD9&t=fe&s=48397&e=a49555a5dd0b86f85723ede221ac8b1f8e5d42dd7796c8fc59c1b8f9723476e8&dm=jd
Requested by
Host: dd.direct-assurance.fr
URL: https://dd.direct-assurance.fr/tags.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.125.247.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-247-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Fri, 01 Nov 2024 03:38:58 GMT
Transfer-Encoding
chunked
favicon.png
connect-recprj.direct-assurance.fr/
2 KB
3 KB
Other
General
Full URL
https://connect-recprj.direct-assurance.fr/favicon.png?v=YwGLvO_aXbgnUYsgQTZeAw6DoIxnxOYZCD_xN1FCAoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
63018bbcefda5db827518b2041365e030e83a08c67c4e619083ff13751420287
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31622400
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
X-XSS-Protection
1; mode=block
Date
Fri, 01 Nov 2024 03:39:00 GMT
Content-Type
image/png
Server
aws
favicon.png
connect-recprj.direct-assurance.fr/
2 KB
3 KB
Other
General
Full URL
https://connect-recprj.direct-assurance.fr/favicon.png?v=YwGLvO_aXbgnUYsgQTZeAw6DoIxnxOYZCD_xN1FCAoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.18.127.209 , France, ASN12696 (AXA-TECH Paris, FR),
Reverse DNS
Software
aws /
Resource Hash
63018bbcefda5db827518b2041365e030e83a08c67c4e619083ff13751420287
Security Headers
Name Value
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-device-memory
8
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31622400
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
X-XSS-Protection
1; mode=block
Date
Fri, 01 Nov 2024 03:39:00 GMT
Content-Type
image/png
Server
aws

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| ddjskey object| ddoptions boolean| dataDomeProcessed object| dataDomeOptions object| webpackChunkaf_axaconnect_frontoffice_web object| angular object| __core-js_shared__ object| Offline number| ng339 boolean| DataDomeCaptchaDisplayed boolean| DataDomeResponseDisplayed

6 Cookies

Domain/Path Name / Value
connect-recprj.direct-assurance.fr/ Name: XSRF-COOKIE-TOKEN
Value: CfDJ8MZTPMvBgcxItbzmkrpXkrScuKhUT-D5XHeMvgCbWCcKvYU7iGLkGbeUlu6McNNs5tSSYVgts1yyKmxh8IF1BfjdoDsn1qFhcwSbkzGcdSG8k-005bsD4rwsj6kkOxiZLTKxM3Z9WMF_a2Mzgz8kpkU
connect-recprj.direct-assurance.fr/ Name: SERVERIDACON
Value: 1d9f169154df7b2ab95f5b902d049d73d45c3188cb6faf186a17c9e6a1c8fe49
.connect-recprj.direct-assurance.fr/ Name: TS013a5bee
Value: 01b805b1468e74050d511480fe53918468570e9892b6af52aaedbf09d21ab07d1782a59a28b4607975bcdbe2decbb5110445a0ac28
.direct-assurance.fr/ Name: datadome
Value: BuAL~l~~I10ZLWm_LzTkNvL2ia_xd~9cL~R3fEIsDE8YL_4WMTIKkE6C5~4GKnBbPJg2G7f7LIwEZt~QpLTx2otZaigZNbPFK0YSzcwSn3Rz1UzoRuXwnnJYND3AGmnE
connect-recprj.direct-assurance.fr/ Name: XSRF-TOKEN
Value: CfDJ8MZTPMvBgcxItbzmkrpXkrRF8DWN_wLtPjIyzJB4uMmNjdk_ZGporUv8AxcLB5dpYo32Lc0GFjaGxHcYnlidqQrC5eWWX7PRY5tUzG-55OkSEPD-3EBftWzNqCWnQ8x7bnRJHaCkun8Q8-LqEsdMX4s
connect-recprj.direct-assurance.fr/ Name: TS07ec5520027
Value: 08cd550d03ab2000ad34f0ac22c27e3346040d3f77e27f924b282e2891b47108f5844a643b4c7da208c3375986113000cb8513900bee3c0a82ff9a28c20891032147d86feb3761fbc0fd7e9b75870d808d04841e8dab88a2a176622ea75f13a1

7 Console Messages

Source Level URL
Text
security error URL: https://dd.direct-assurance.fr/tags.js(Line 1)
Message:
Refused to create a worker from 'blob:https://connect-recprj.direct-assurance.fr/431bd8ea-d96a-44eb-8e36-849ca3dbfeb9' because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' *.tagcommander.com/ *.googletagmanager.com *.doubleclick.net *.aticdn.net *.trustcommander.net *.datadome.co *.google.com *.gstatic.com https://dd.direct-assurance.fr https://connect-recprj.direct-assurance.fr 'unsafe-inline' https://ct.captcha-delivery.com https://cdn.trustcommander.net/". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
rendering warning URL: https://connect-recprj.direct-assurance.fr/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A05027117C3B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://connect-recprj.direct-assurance.fr/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F026117C3B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://connect-recprj.direct-assurance.fr/api/accountspace
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://connect-recprj.direct-assurance.fr/api/navigation/isConnected
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://connect-recprj.direct-assurance.fr/api/feature
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://connect-recprj.direct-assurance.fr/api/accountspace
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' dd.direct-assurance.fr https://localhost:7263 https://localhost:5184 http://localhost:7263 http://localhost:5184 https://iardformsinistre-recprj.direct-assurance.fr http://localhost:3009 https://localhost:3008 http://localhost:3005 https://localhost:3004 https://secur-recprj.direct-assurance.fr;object-src 'none'; base-uri 'self'; script-src 'unsafe-eval' *.tagcommander.com/ *.googletagmanager.com *.doubleclick.net *.aticdn.net *.trustcommander.net *.datadome.co *.google.com *.gstatic.com https://dd.direct-assurance.fr https://connect-recprj.direct-assurance.fr 'unsafe-inline' https://ct.captcha-delivery.com https://cdn.trustcommander.net/
Strict-Transport-Security max-age=31622400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block