ing.be.axa.travel Open in urlscan Pro
152.199.21.175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth-test.ing.be.axa.travel/
Effective URL:
https://ing.be.axa.travel/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 05 via api (November 5th 2024, 7:50:17 pm UTC) from IT — Scanned from IT

Summary HTTP 19 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 152.199.21.175, located in Germany and belongs to EDGECAST, US. The main domain is ing.be.axa.travel.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 20th 2024. Valid for: a year.

This is the only time ing.be.axa.travel was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.19.153.19 104.19.153.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	152.199.21.175 152.199.21.175	15133 (EDGECAST) (EDGECAST)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
2	104.18.87.42 104.18.87.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	4

1 104.19.153.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth-test.ing.be.axa.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 152.199.21.175 (Germany)

ASN15133 (EDGECAST, US)

ing.be.axa.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.87.42 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	axa.travel 1 redirects auth-test.ing.be.axa.travel ing.be.axa.travel	11 MB
2	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	8 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
0	googletagmanager.com Failed www.googletagmanager.com Failed
0	gstatic.com Failed www.gstatic.com Failed
19	5

	Domain	Requested by
8	ing.be.axa.travel	ing.be.axa.travel
2	cdn.cookielaw.org	cdn.cookielaw.org
1	www.google.com
1	auth-test.ing.be.axa.travel	1 redirects
0	www.googletagmanager.com Failed	ing.be.axa.travel
0	www.gstatic.com Failed	www.google.com
19	6

This site contains links to these domains. Also see Links.

Domain
www.axapartners.co.uk

Subject Issuer	Validity	Valid
ing.be.axa.travel DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-20` - `2025-03-20`	a year	crt.sh
www.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ing.be.axa.travel/
Frame ID: 9845AA09CC675927495C901AF5CFE2F0
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FREND

Page URL History Show full URLs

https://auth-test.ing.be.axa.travel/ HTTP 302
https://ing.be.axa.travel/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

19
Requests

58 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

11118 kB
Transfer

11124 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.axapartners.co.uk/en/privacy-policy
Title: Terms and Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth-test.ing.be.axa.travel/ HTTP 302
https://ing.be.axa.travel/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ing.be.axa.travel/
Redirect Chain

https://auth-test.ing.be.axa.travel/
https://ing.be.axa.travel/

522 B
1 KB

780ms
70ms

Document
text/html

152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ing.be.axa.travel/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , Germany, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6CA5) /

Resource Hash

0781da64008d3a6a42307944ca7c0b06dd09789b87a493e41ad931a76e151e34

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 32809
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
content-length: 522
content-md5: 4Z5ebZ300/TczUmEh/lA5Q==
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
content-type: text/html
date: Tue, 05 Nov 2024 19:49:46 GMT
etag: 0x8DCF7FDA5BD8632
last-modified: Tue, 29 Oct 2024 09:39:55 GMT
referrer-policy: no-referrer-when-downgrade
server: ECAcc (mil/6CA5)
strict-transport-security: max-age=2592000; includeSubDomains
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: sameorigin
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 1608fcd3-e01e-0056-516f-2fc183000000
x-ms-version: 2009-09-19
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
cf-cache-status: DYNAMIC
cf-ray: 8ddf5e6fbcf859dd-MXP
content-type: text/html; charset=utf-8
date: Tue, 05 Nov 2024 19:49:45 GMT
location: https://ing.be.axa.travel/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-auth0-l: 0.003
x-auth0-requestid: 8781cfe92ba60c851fb6
x-content-type-options: nosniff

GET
H2 200 fonts.css
ing.be.axa.travel/assets/fonts/ 1 KB
1 KB 1768ms
1766ms Stylesheet
text/css 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ing.be.axa.travel/assets/fonts/fonts.css

Requested by

Host: ing.be.axa.travel
URL: https://ing.be.axa.travel/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , Germany, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C5A) /

Resource Hash

df15590085581dbb5c7f5ed0b459fdbdd0ea25200feffaaaada8b36f3e917b03

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ing.be.axa.travel/

Response headers

content-md5: BHuD2CgROXiz+dY6D3m7MA==
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8DCF7FDA5B9E0CA
age: 32808
x-content-type-options: nosniff
x-cache: HIT
date: Tue, 05 Nov 2024 19:49:46 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 09:39:55 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy: no-referrer-when-downgrade
x-ms-request-id: 8207e125-501e-0083-326f-2f895e000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1150
x-xss-protection: 1; mode=block
x-ms-blob-type: BlockBlob
server: ECAcc (mil/6C5A)

GET
H2 200 main.375bcef7.js Show response
ing.be.axa.travel/static/js/ 11 MB
11 MB 68ms
67ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ing.be.axa.travel/static/js/main.375bcef7.js

Requested by

Host: ing.be.axa.travel
URL: https://ing.be.axa.travel/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , Germany, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C41) /

Resource Hash

d4ec59493663682ed21ba4929c72198b2fb58f7f6cd25485b79f2d7be10449f7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ing.be.axa.travel/

Response headers

content-md5: IYQ0/6kloHYxVT9odAtlEA==
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8DCF7FDA6144550
age: 29553
x-content-type-options: nosniff
x-cache: HIT
date: Tue, 05 Nov 2024 19:49:46 GMT
content-type: application/x-javascript
last-modified: Tue, 29 Oct 2024 09:39:56 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy: no-referrer-when-downgrade
x-ms-request-id: a29c18d6-d01e-005e-0f77-2fdaf0000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11134715
x-xss-protection: 1; mode=block
x-ms-blob-type: BlockBlob
server: ECAcc (mil/6C41)

GET
H2 200 main.630d2f81.css
ing.be.axa.travel/static/css/ 13 KB
13 KB 1767ms
1766ms Stylesheet
text/css 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ing.be.axa.travel/static/css/main.630d2f81.css

Requested by

Host: ing.be.axa.travel
URL: https://ing.be.axa.travel/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , Germany, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C8B) /

Resource Hash

5b88367e3081e7a8792400034ea0fbc701d4b0a26c1784c6b612d89dee299f90

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ing.be.axa.travel/

Response headers

content-md5: TPpVN1xj+ztcUP6aJxGXrw==
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8DCF7FDA5ED133E
age: 32808
x-content-type-options: nosniff
x-cache: HIT
date: Tue, 05 Nov 2024 19:49:46 GMT
content-type: text/css
last-modified: Tue, 29 Oct 2024 09:39:56 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy: no-referrer-when-downgrade
x-ms-request-id: 49f7891d-901e-003f-6d6f-2f9e2f000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12837
x-xss-protection: 1; mode=block
x-ms-blob-type: BlockBlob
server: ECAcc (mil/6C8B)

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 673ms
75ms Script
text/javascript 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfsmPkUAAAAAIfBhAqnCuN154pTlqLbjNZCxBCK

Requested by

Host:
URL: index.tsx%7Cb786ad234703ea52bda28838876ef590

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

ESF /

Resource Hash

25629fbbee87e6604a77e16c6b3797a917c38af5a6426eb63780f42c00037e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ing.be.axa.travel/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 19:50:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Tue, 05 Nov 2024 19:50:14 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 urls.json Show response
ing.be.axa.travel/ 9 KB
10 KB 71ms
71ms Fetch
application/json 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ing.be.axa.travel/urls.json

Requested by

Host:
URL: index.tsx%7Cb786ad234703ea52bda28838876ef590

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , Germany, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C1D) /

Resource Hash

f8d4b3a37d6e727a72f21c35f1291be42273233e9e28fbaf2bbc2063078cab40

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ing.be.axa.travel/

Response headers

content-md5: ISt6Hn2Z2kaXS/6NuGEpCg==
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8DCF7FDA5B9E0CA
age: 32835
x-content-type-options: nosniff
x-cache: HIT
date: Tue, 05 Nov 2024 19:50:13 GMT
content-type: application/json
last-modified: Tue, 29 Oct 2024 09:39:55 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy: no-referrer-when-downgrade
x-ms-request-id: 57a636f6-d01e-0055-076f-2fc284000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9579
x-xss-protection: 1; mode=block
x-ms-blob-type: BlockBlob
server: ECAcc (mil/6C1D)

GET
H2 200 ing-be-prod.json Show response
ing.be.axa.travel/config/domain/ 607 B
749 B 173ms
173ms Fetch
application/json 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ing.be.axa.travel/config/domain/ing-be-prod.json

Requested by

Host:
URL: index.tsx%7Cb786ad234703ea52bda28838876ef590

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , Germany, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

d8a8aec0f923c70891e9a9ae6c2713b424e9faa540bdd41b357fc0ba5aefcc64

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ing.be.axa.travel/

Response headers

content-md5: RMFgrA1A42xLtD2x+9nnGQ==
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8DCF7FDA5C9AD84
x-content-type-options: nosniff
date: Tue, 05 Nov 2024 19:50:13 GMT
content-type: application/json
last-modified: Tue, 29 Oct 2024 09:39:56 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy: no-referrer-when-downgrade
x-ms-request-id: 98fa4640-401e-0079-3ebb-2f40b9000000
access-control-allow-origin: *
content-length: 607
x-xss-protection: 1; mode=block
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 1644ms
82ms Script
application/javascript 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host:
URL: ../node_modules/@contact_services/one-trust-cookies/lib/middleware/cookies-init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ing.be.axa.travel/

Response headers

content-md5: qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCFC9F5ED5E337
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 49450
x-content-type-options: nosniff
date: Tue, 05 Nov 2024 19:50:15 GMT
content-type: application/javascript
last-modified: Mon, 04 Nov 2024 07:07:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: ae139fa6-f01e-00d5-73d5-2edb57000000
cf-ray: 8ddf5f2c8f2c375c-MXP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7212
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 404 OtAutoBlock.js
cdn.cookielaw.org/consent/018df07b-d855-71e8-9e24-b3b1ac013597/ 0
0 1728ms
166ms Script
application/javascript 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/018df07b-d855-71e8-9e24-b3b1ac013597/OtAutoBlock.js

Requested by

Host:
URL: ../node_modules/@contact_services/one-trust-cookies/lib/middleware/cookies-init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ing.be.axa.travel/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-cache-status: EXPIRED
content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 19:50:15 GMT
date: Tue, 05 Nov 2024 19:50:15 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: bc95e151-f01e-0030-7bbb-2fc9a0000000
cf-ray: 8ddf5f2c8f2b375c-MXP
access-control-allow-origin: *
server: cloudflare

GET recaptcha__it.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 0
0

GET 018df07b-d855-71e8-9e24-b3b1ac013597.json
cdn.cookielaw.org/consent/018df07b-d855-71e8-9e24-b3b1ac013597/ 0
0

GET js
www.googletagmanager.com/gtag/ 0
0

GET gtm.js
www.googletagmanager.com/ 0
0

GET
H2 200 en_ingbe.json Show response
ing.be.axa.travel/locales/ 174 KB
175 KB 384ms
369ms Fetch
application/json 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ing.be.axa.travel/locales/en_ingbe.json

Requested by

Host:
URL: ../node_modules/@microsoft/applicationinsights-web/dist-esm/applicationinsights-web.js%7Ca2b750bc301171323c8f7b10e015f413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , Germany, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BAD) /

Resource Hash

f39e5843159b1b779a587ae878ed24170d79372c936b88570a0aa706a2ef80ae

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
traceparent: 00-b82821c81db54467b648e6b859972056-9b7901aea5bf42bb-01
Referer: https://ing.be.axa.travel/

Response headers

content-md5: ruwdzlGL/LzbpDJTO9W65Q==
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8DCF7FDA5E22313
age: 36356
x-content-type-options: nosniff
x-cache: HIT
date: Tue, 05 Nov 2024 19:50:15 GMT
content-type: application/json
last-modified: Tue, 29 Oct 2024 09:39:56 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy: no-referrer-when-downgrade
x-ms-request-id: c5351cd5-d01e-0038-6667-2f68aa000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 178485
x-xss-protection: 1; mode=block
x-ms-blob-type: BlockBlob
server: ECAcc (mil/6BAD)

GET
H2 200 axa-logo.png
ing.be.axa.travel/assets/logos/ 29 KB
29 KB 76ms
63ms Image
image/png 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ing.be.axa.travel/assets/logos/axa-logo.png

Requested by

Host: ing.be.axa.travel
URL: https://ing.be.axa.travel/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , Germany, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6CCD) /

Resource Hash

2aac33bc7fbaa8637b17e3773511920a1a91baca71dddde2fb81b9b2255a40b6

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ing.be.axa.travel/

Response headers

content-md5: MPPR8gErJyGH1sBaULoQiQ==
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8DCF7FDA5C1A047
age: 36356
x-content-type-options: nosniff
x-cache: HIT
date: Tue, 05 Nov 2024 19:50:15 GMT
content-type: image/png
last-modified: Tue, 29 Oct 2024 09:39:55 GMT
x-frame-options: sameorigin
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control: nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy: no-referrer-when-downgrade
x-ms-request-id: 366d62da-601e-0065-4d67-2f98ae000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29463
x-xss-protection: 1; mode=block
x-ms-blob-type: BlockBlob
server: ECAcc (mil/6CCD)

GET SourceSansPro-Bold.ttf
ing.be.axa.travel/assets/fonts/ 0
0

GET PublicoHeadline.woff2
ing.be.axa.travel/assets/fonts/ 0
0

GET SourceSansPro-Regular.ttf
ing.be.axa.travel/assets/fonts/ 0
0

GET SourceSansPro-SemiBold.ttf
ing.be.axa.travel/assets/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__it.js

Domain: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/018df07b-d855-71e8-9e24-b3b1ac013597/018df07b-d855-71e8-9e24-b3b1ac013597.json

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QKHD6H3&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Domain: ing.be.axa.travel
URL: https://ing.be.axa.travel/assets/fonts/SourceSansPro-Bold.ttf

Domain: ing.be.axa.travel
URL: https://ing.be.axa.travel/assets/fonts/PublicoHeadline.woff2

Domain: ing.be.axa.travel
URL: https://ing.be.axa.travel/assets/fonts/SourceSansPro-Regular.ttf

Domain: ing.be.axa.travel
URL: https://ing.be.axa.travel/assets/fonts/SourceSansPro-SemiBold.ttf

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.auth-test.ing.be.axa.travel/	1970-01-21 00:47:17	Name: __cf_bm Value: XrB3XBdO_8X3B9NCND.6het3QoY4Pap5ucubkxY_lQc-1730836185-1.0.1.1-k0AMKypKHBBH9qkCgyyqfUVZU73xrhR6yvQQY5Whg5pF8P83zXpXSoXAHer.TVFM
ing.be.axa.travel/	1970-01-21 09:32:52	Name: ai_user Value: RxZdqe2lTpWJeeQsEcUnZX\|2024-11-05T19:50:15.872Z
ing.be.axa.travel/	1970-01-21 00:47:18	Name: ai_session Value: 41LkaOiZOW8js0G+962xPW\|1730836215907\|1730836215907

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.cookielaw.org/consent/018df07b-d855-71e8-9e24-b3b1ac013597/OtAutoBlock.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth-test.ing.be.axa.travel
cdn.cookielaw.org
ing.be.axa.travel
www.google.com
www.googletagmanager.com
www.gstatic.com
cdn.cookielaw.org
ing.be.axa.travel
www.googletagmanager.com
www.gstatic.com
104.18.87.42
104.19.153.19
142.250.185.228
152.199.21.175
0781da64008d3a6a42307944ca7c0b06dd09789b87a493e41ad931a76e151e34
25629fbbee87e6604a77e16c6b3797a917c38af5a6426eb63780f42c00037e7b
2aac33bc7fbaa8637b17e3773511920a1a91baca71dddde2fb81b9b2255a40b6
5b88367e3081e7a8792400034ea0fbc701d4b0a26c1784c6b612d89dee299f90
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
d4ec59493663682ed21ba4929c72198b2fb58f7f6cd25485b79f2d7be10449f7
d8a8aec0f923c70891e9a9ae6c2713b424e9faa540bdd41b357fc0ba5aefcc64
df15590085581dbb5c7f5ed0b459fdbdd0ea25200feffaaaada8b36f3e917b03
f39e5843159b1b779a587ae878ed24170d79372c936b88570a0aa706a2ef80ae
f8d4b3a37d6e727a72f21c35f1291be42273233e9e28fbaf2bbc2063078cab40

ing.be.axa.travel Open in urlscan Pro 152.199.21.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

58 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

4 IPs

3 Countries

11118 kBTransfer

11124 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

ing.be.axa.travel Open in urlscan Pro
152.199.21.175 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

58 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

11118 kB
Transfer

11124 kB
Size

3
Cookies

19 HTTP transactions
0 data transactions