global.americas.axa.travel Open in urlscan Pro
152.199.21.175  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response global.americas.axa.travel/	522 B 1 KB	1012ms 82ms	Document text/html	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://global.americas.axa.travel/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6CA5) / Resource Hash ee8b891bce1ca9c60c9c8711ff662b1c460b3c3741619a663696b11a866a48f2 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-origin * age 211820 cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 content-length 522 content-md5 CtdyBcL+BShopKwTJRlaTQ== content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; content-type text/html date Sat, 30 Nov 2024 21:38:22 GMT etag 0x8DD0F8B2159501F last-modified Thu, 28 Nov 2024 09:00:39 GMT referrer-policy no-referrer-when-downgrade server ECAcc (mil/6CA5) strict-transport-security max-age=2592000; includeSubDomains x-cache HIT x-content-type-options nosniff x-frame-options sameorigin x-ms-blob-type BlockBlob x-ms-lease-status unlocked x-ms-request-id 4d4e8fcc-601e-002a-3682-415cb6000000 x-ms-version 2009-09-19 x-xss-protection 1; mode=block
GET H2	200	fonts.css global.americas.axa.travel/assets/fonts/	1 KB 1 KB	196ms 196ms	Stylesheet text/css	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://global.americas.axa.travel/assets/fonts/fonts.css Requested by Host: global.americas.axa.travel URL: https://global.americas.axa.travel/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6C5A) / Resource Hash df15590085581dbb5c7f5ed0b459fdbdd0ea25200feffaaaada8b36f3e917b03 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/ Response headers content-md5 BHuD2CgROXiz+dY6D3m7MA== x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DD0F8B215CCEB2 age 211956 x-content-type-options nosniff x-cache HIT date Sat, 30 Nov 2024 21:38:22 GMT content-type text/css last-modified Thu, 28 Nov 2024 09:00:39 GMT x-frame-options sameorigin strict-transport-security max-age=2592000; includeSubDomains content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 referrer-policy no-referrer-when-downgrade x-ms-request-id a7a72999-a01e-0051-4d82-413706000000 accept-ranges bytes access-control-allow-origin * content-length 1150 x-xss-protection 1; mode=block x-ms-blob-type BlockBlob server ECAcc (mil/6C5A)
GET H2	200	main.02db33f8.js Show response global.americas.axa.travel/static/js/	11 MB 11 MB	82ms 82ms	Script application/x-javascript	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://global.americas.axa.travel/static/js/main.02db33f8.js Requested by Host: global.americas.axa.travel URL: https://global.americas.axa.travel/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6CDA) / Resource Hash b3c4301152048a368428c6146a412d8e7a855d8da28c3a857449edc98f334ec0 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/ Response headers content-md5 F3VvAjlFEAYHvcgNwHg41Q== x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DD0F8B21B4EBC4 age 211956 x-content-type-options nosniff x-cache HIT date Sat, 30 Nov 2024 21:38:22 GMT content-type application/x-javascript last-modified Thu, 28 Nov 2024 09:00:39 GMT x-frame-options sameorigin strict-transport-security max-age=2592000; includeSubDomains content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 referrer-policy no-referrer-when-downgrade x-ms-request-id c753da9e-c01e-0005-4682-41dd8c000000 accept-ranges bytes access-control-allow-origin * content-length 11156608 x-xss-protection 1; mode=block x-ms-blob-type BlockBlob server ECAcc (mil/6CDA)
GET H2	200	main.630d2f81.css global.americas.axa.travel/static/css/	13 KB 13 KB	66ms 66ms	Stylesheet text/css	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://global.americas.axa.travel/static/css/main.630d2f81.css Requested by Host: global.americas.axa.travel URL: https://global.americas.axa.travel/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6C35) / Resource Hash 5b88367e3081e7a8792400034ea0fbc701d4b0a26c1784c6b612d89dee299f90 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/ Response headers content-md5 TPpVN1xj+ztcUP6aJxGXrw== x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DD0F8B21902800 age 215259 x-content-type-options nosniff x-cache HIT date Sat, 30 Nov 2024 21:38:22 GMT content-type text/css last-modified Thu, 28 Nov 2024 09:00:39 GMT x-frame-options sameorigin strict-transport-security max-age=2592000; includeSubDomains content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 referrer-policy no-referrer-when-downgrade x-ms-request-id 138a124a-101e-006a-4a7a-417558000000 accept-ranges bytes access-control-allow-origin * content-length 12837 x-xss-protection 1; mode=block x-ms-blob-type BlockBlob server ECAcc (mil/6C35)
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	573ms 81ms	Script text/javascript	216.58.206.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LfsmPkUAAAAAIfBhAqnCuN154pTlqLbjNZCxBCK Requested by Host: URL: index.tsx%7C16e60433dfbd9eec16b13db07d3ce65b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS tzfraa-aa-in-f4.1e100.net Software ESF / Resource Hash cc7b5ea3bb9325a6526be023b3d506eb3217ce1173ed1f346867484038b2608c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/ Response headers cache-control private, max-age=300 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} x-content-type-options nosniff expires Sat, 30 Nov 2024 21:38:25 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" date Sat, 30 Nov 2024 21:38:25 GMT x-xss-protection 0 content-type text/javascript; charset=utf-8 server ESF x-frame-options SAMEORIGIN
GET H2	200	urls.json Show response global.americas.axa.travel/	10 KB 10 KB	65ms 64ms	Fetch application/json	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://global.americas.axa.travel/urls.json Requested by Host: URL: index.tsx%7C16e60433dfbd9eec16b13db07d3ce65b Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6C1D) / Resource Hash 31016b3f4eb3b48e25d6e946be50d396133c93cd2261a50cf94b26fd94f50096 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/ Response headers content-md5 /iFrvRb0gnprCDKRDl6F3Q== x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DD0F8B21633010 age 211957 x-content-type-options nosniff x-cache HIT date Sat, 30 Nov 2024 21:38:25 GMT content-type application/json last-modified Thu, 28 Nov 2024 09:00:39 GMT x-frame-options sameorigin strict-transport-security max-age=2592000; includeSubDomains content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 referrer-policy no-referrer-when-downgrade x-ms-request-id c647a2c6-f01e-0006-3d82-41de8b000000 accept-ranges bytes access-control-allow-origin * content-length 10006 x-xss-protection 1; mode=block x-ms-blob-type BlockBlob server ECAcc (mil/6C1D)
GET H2	200	global-americas-prod.json Show response global.americas.axa.travel/config/domain/	574 B 740 B	163ms 163ms	Fetch application/json	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://global.americas.axa.travel/config/domain/global-americas-prod.json Requested by Host: URL: index.tsx%7C16e60433dfbd9eec16b13db07d3ce65b Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 7ed4cbd279750584ad0c9d5a42b75a304f353ba2fb807a660c86100293351334 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/ Response headers content-md5 5d7Ftug6IQEUfVCUj1lWvw== x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DD0F8B216FF2F5 x-content-type-options nosniff date Sat, 30 Nov 2024 21:38:24 GMT content-type application/json last-modified Thu, 28 Nov 2024 09:00:39 GMT x-frame-options sameorigin strict-transport-security max-age=2592000; includeSubDomains content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 referrer-policy no-referrer-when-downgrade x-ms-request-id e4df5fb3-f01e-0024-4b70-43b0bd000000 access-control-allow-origin * content-length 574 x-xss-protection 1; mode=block x-ms-blob-type BlockBlob server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	22 KB 8 KB	560ms 72ms	Script application/javascript	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: URL: ../node_modules/@contact_services/one-trust-cookies/lib/middleware/cookies-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/ Response headers content-md5 I15No2k5QFmqh89BwOau4g== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DD0F9105A60415 x-ms-lease-status unlocked cf-cache-status HIT age 54254 x-content-type-options nosniff date Sat, 30 Nov 2024 21:38:26 GMT content-type application/javascript last-modified Thu, 28 Nov 2024 09:42:49 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 625ec09f-001e-002e-0e10-42134d000000 cf-ray 8eadfc01a8f5975f-FRA accept-ranges bytes access-control-allow-origin * content-length 7212 x-ms-blob-type BlockBlob server cloudflare
GET H2	404	OtAutoBlock.js cdn.cookielaw.org/consent/01906d33-232b-73ef-83e5-27682937c309/	0 0	691ms 203ms	Script application/javascript	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/01906d33-232b-73ef-83e5-27682937c309/OtAutoBlock.js Requested by Host: URL: ../node_modules/@contact_services/one-trust-cookies/lib/middleware/cookies-init.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/ Response headers access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 cf-cache-status EXPIRED content-encoding gzip x-content-type-options nosniff expires Sun, 01 Dec 2024 21:38:26 GMT date Sat, 30 Nov 2024 21:38:26 GMT content-type application/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id c40098b6-901e-0064-0c70-43232a000000 cf-ray 8eadfc01a8f4975f-FRA access-control-allow-origin * server cloudflare
GET H2	200	recaptcha__it.js Show response www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/	548 KB 217 KB	580ms 52ms	Script text/javascript	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__it.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LfsmPkUAAAAAIfBhAqnCuN154pTlqLbjNZCxBCK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash f11b59029aa57b52e4d5a99995674982b2c497e7719a7e4dc5d342b182b29082 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://global.americas.axa.travel Referer https://global.americas.axa.travel/ Response headers content-encoding gzip age 400303 report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} x-content-type-options nosniff expires Wed, 26 Nov 2025 06:26:43 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 26 Nov 2024 06:26:43 GMT last-modified Mon, 11 Nov 2024 05:00:22 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha accept-ranges bytes access-control-allow-origin * content-length 221864 x-xss-protection 0 server sffe
GET H2	404	01906d33-232b-73ef-83e5-27682937c309.json Show response cdn.cookielaw.org/consent/01906d33-232b-73ef-83e5-27682937c309/	215 B 631 B	670ms 150ms	XHR application/json	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/01906d33-232b-73ef-83e5-27682937c309/01906d33-232b-73ef-83e5-27682937c309.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2a5ab85a424297eeeaacc454431e026b3c3769403cc8bc11f2c7ba2188187c3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/ Response headers access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 cf-cache-status EXPIRED content-encoding gzip x-content-type-options nosniff expires Sun, 01 Dec 2024 21:38:26 GMT date Sat, 30 Nov 2024 21:38:26 GMT content-type application/json vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id 06688475-501e-00be-0370-438601000000 cf-ray 8eadfc058cc2bb3b-FRA access-control-allow-origin * server cloudflare
GET H2	200	js Show response www.googletagmanager.com/gtag/	138 KB 53 KB	656ms 126ms	Script application/javascript	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id= Requested by Host: URL: ../node_modules/react-ga4/dist/ga4.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software Google Tag Manager / Resource Hash 98251fa691e253c9a4107b94ee98af1da7e7a2dfa2fb661e60ab18d17e6d3599 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Sat, 30 Nov 2024 21:38:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 21:38:26 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sat, 30 Nov 2024 21:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 53414 x-xss-protection 0 server Google Tag Manager
GET H2	200	gtm.js Show response www.googletagmanager.com/	252 KB 79 KB	759ms 233ms	Script application/javascript	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5QKHD6H3&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: global.americas.axa.travel URL: https://global.americas.axa.travel/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software Google Tag Manager / Resource Hash 6f5312bc3dd89a6d9c67aecf366abf5b7cfcc33a5577177071e286e4343ac7e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Sat, 30 Nov 2024 21:38:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 21:38:26 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sat, 30 Nov 2024 21:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 80173 x-xss-protection 0 server Google Tag Manager
GET H2	200	en_globalamericas.json Show response global.americas.axa.travel/locales/	174 KB 174 KB	152ms 152ms	Fetch application/json	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://global.americas.axa.travel/locales/en_globalamericas.json Requested by Host: URL: ../node_modules/@microsoft/applicationinsights-web/dist-esm/applicationinsights-web.js%7Ca2b750bc301171323c8f7b10e015f413 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 5c08832ab2d9283afbc9e6695d17886c393cffa8ad3ac280fe39af91347e0a6b Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 traceparent 00-0fe80b7eceb34240bcc2e2b47bb7a4e0-a4aee50fd58042ac-01 Referer https://global.americas.axa.travel/ Response headers content-md5 aeP0MKRdc8hp3I3IdmoSyA== x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DD0F8B218510E5 x-content-type-options nosniff date Sat, 30 Nov 2024 21:38:25 GMT content-type application/json last-modified Thu, 28 Nov 2024 09:00:39 GMT x-frame-options sameorigin strict-transport-security max-age=2592000; includeSubDomains content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 referrer-policy no-referrer-when-downgrade x-ms-request-id b1903dab-d01e-0011-2870-431ee8000000 access-control-allow-origin * content-length 178441 x-xss-protection 1; mode=block x-ms-blob-type BlockBlob server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
GET H2	200	axa-logo.png global.americas.axa.travel/assets/logos/	29 KB 29 KB	65ms 65ms	Image image/png	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://global.americas.axa.travel/assets/logos/axa-logo.png Requested by Host: global.americas.axa.travel URL: https://global.americas.axa.travel/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6CCD) / Resource Hash 2aac33bc7fbaa8637b17e3773511920a1a91baca71dddde2fb81b9b2255a40b6 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/ Response headers content-md5 MPPR8gErJyGH1sBaULoQiQ== x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DD0F8B2166130B age 211957 x-content-type-options nosniff x-cache HIT date Sat, 30 Nov 2024 21:38:26 GMT content-type image/png last-modified Thu, 28 Nov 2024 09:00:39 GMT x-frame-options sameorigin strict-transport-security max-age=2592000; includeSubDomains content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 referrer-policy no-referrer-when-downgrade x-ms-request-id cf4d9305-c01e-0086-0f82-417d21000000 accept-ranges bytes access-control-allow-origin * content-length 29463 x-xss-protection 1; mode=block x-ms-blob-type BlockBlob server ECAcc (mil/6CCD)
GET H2	200	SourceSansPro-Bold.ttf global.americas.axa.travel/assets/fonts/	261 KB 261 KB	199ms 198ms	Font application/octet-stream	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://global.americas.axa.travel/assets/fonts/SourceSansPro-Bold.ttf Requested by Host: global.americas.axa.travel URL: https://global.americas.axa.travel/assets/fonts/fonts.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6CC7) / Resource Hash 9cbab47276fc04c65ac78098e9a2069c55e26f21701b29092734ce4e830f80fb Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://global.americas.axa.travel Referer https://global.americas.axa.travel/assets/fonts/fonts.css Response headers content-md5 hmm4cGu73RSC4vzMTtloUA== x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DD0F8B215C0C2D age 211957 x-content-type-options nosniff x-cache HIT date Sat, 30 Nov 2024 21:38:26 GMT content-type application/octet-stream last-modified Thu, 28 Nov 2024 09:00:39 GMT x-frame-options sameorigin strict-transport-security max-age=2592000; includeSubDomains content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 referrer-policy no-referrer-when-downgrade x-ms-request-id 49269df8-c01e-002c-3d82-41abce000000 accept-ranges bytes access-control-allow-origin * content-length 267388 x-xss-protection 1; mode=block x-ms-blob-type BlockBlob server ECAcc (mil/6CC7)
GET H2	200	PublicoHeadline.woff2 global.americas.axa.travel/assets/fonts/	38 KB 38 KB	191ms 191ms	Font application/octet-stream	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://global.americas.axa.travel/assets/fonts/PublicoHeadline.woff2 Requested by Host: global.americas.axa.travel URL: https://global.americas.axa.travel/assets/fonts/fonts.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6C1C) / Resource Hash 83da8866676e489d37cd965a18821517c1413935bd3a8a1014f44c5b0c7d8826 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://global.americas.axa.travel Referer https://global.americas.axa.travel/assets/fonts/fonts.css Response headers content-md5 OWOlKqlT6MifiC6Kh50TlQ== x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DD0F8B21637DE0 age 211957 x-content-type-options nosniff x-cache HIT date Sat, 30 Nov 2024 21:38:26 GMT content-type application/octet-stream last-modified Thu, 28 Nov 2024 09:00:39 GMT x-frame-options sameorigin strict-transport-security max-age=2592000; includeSubDomains content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 referrer-policy no-referrer-when-downgrade x-ms-request-id 8e934b4b-d01e-0038-1d82-4168aa000000 accept-ranges bytes access-control-allow-origin * content-length 38657 x-xss-protection 1; mode=block x-ms-blob-type BlockBlob server ECAcc (mil/6C1C)
GET H2	200	SourceSansPro-Regular.ttf global.americas.axa.travel/assets/fonts/	263 KB 263 KB	84ms 84ms	Font application/octet-stream	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://global.americas.axa.travel/assets/fonts/SourceSansPro-Regular.ttf Requested by Host: global.americas.axa.travel URL: https://global.americas.axa.travel/assets/fonts/fonts.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6CA9) / Resource Hash c9868de61ff2bab0b5a3a6d01c4b76f299459f08c6ae2f2c0383b4f9f6bedbf3 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://global.americas.axa.travel Referer https://global.americas.axa.travel/assets/fonts/fonts.css Response headers content-md5 wWeLRvfdP1DOrJTtTgrQGg== x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DD0F8B215C330D age 211957 x-content-type-options nosniff x-cache HIT date Sat, 30 Nov 2024 21:38:26 GMT content-type application/octet-stream last-modified Thu, 28 Nov 2024 09:00:39 GMT x-frame-options sameorigin strict-transport-security max-age=2592000; includeSubDomains content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 referrer-policy no-referrer-when-downgrade x-ms-request-id f0eca552-b01e-0023-5482-414638000000 accept-ranges bytes access-control-allow-origin * content-length 269108 x-xss-protection 1; mode=block x-ms-blob-type BlockBlob server ECAcc (mil/6CA9)
GET H2	200	SourceSansPro-SemiBold.ttf global.americas.axa.travel/assets/fonts/	262 KB 262 KB	146ms 146ms	Font application/octet-stream	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://global.americas.axa.travel/assets/fonts/SourceSansPro-SemiBold.ttf Requested by Host: global.americas.axa.travel URL: https://global.americas.axa.travel/assets/fonts/fonts.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6C1F) / Resource Hash 3ba5c382a7ee6a8831bdf90192addceabe6db4278a679e67fe7e9c0226b729cf Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://global.americas.axa.travel Referer https://global.americas.axa.travel/assets/fonts/fonts.css Response headers content-md5 g0dqiQvnn4Tpe3ksnEDXQw== x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DD0F8B215BE549 age 211957 x-content-type-options nosniff x-cache HIT date Sat, 30 Nov 2024 21:38:26 GMT content-type application/octet-stream last-modified Thu, 28 Nov 2024 09:00:39 GMT x-frame-options sameorigin strict-transport-security max-age=2592000; includeSubDomains content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 referrer-policy no-referrer-when-downgrade x-ms-request-id af96e3d6-d01e-0011-3482-411ee8000000 accept-ranges bytes access-control-allow-origin * content-length 268280 x-xss-protection 1; mode=block x-ms-blob-type BlockBlob server ECAcc (mil/6C1F)
GET H2	200	anchor www.google.com/recaptcha/api2/ Frame CBCB	0 0	522ms 76ms	Document text/html	216.58.206.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsmPkUAAAAAIfBhAqnCuN154pTlqLbjNZCxBCK&co=aHR0cHM6Ly9nbG9iYWwuYW1lcmljYXMuYXhhLnRyYXZlbDo0NDM.&hl=it&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=45fb2ixftjfo Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__it.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS tzfraa-aa-in-f4.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-slVQvhikXfUD2LwuQ_vO3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://global.americas.axa.travel/under_maintenance Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-slVQvhikXfUD2LwuQ_vO3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Sat, 30 Nov 2024 21:38:27 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H2	200	favicon-Axa.ico global.americas.axa.travel/assets/icons/	106 KB 106 KB	299ms 299ms	Other image/x-icon	152.199.21.175 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://global.americas.axa.travel/assets/icons/favicon-Axa.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.21.175 , Germany, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mil/6CC5) / Resource Hash 8fa1fabd2db573995bf285b7e2e3fca4771af16cd8c53249532bb7010efab1d5 Security Headers Name Value Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://global.americas.axa.travel/under_maintenance Response headers content-md5 6QXMIGP2n5BapN4Suglivg== x-ms-lease-status unlocked x-ms-version 2009-09-19 etag 0x8DD0F8B215B977B age 211959 x-content-type-options nosniff x-cache HIT date Sat, 30 Nov 2024 21:38:29 GMT content-type image/x-icon last-modified Thu, 28 Nov 2024 09:00:39 GMT x-frame-options sameorigin strict-transport-security max-age=2592000; includeSubDomains content-security-policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self'; cache-control nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0 referrer-policy no-referrer-when-downgrade x-ms-request-id 715f3d52-b01e-0001-7182-41280e000000 accept-ranges bytes access-control-allow-origin * content-length 108571 x-xss-protection 1; mode=block x-ms-blob-type BlockBlob server ECAcc (mil/6CC5)
OPTIONS H2	204	track westeurope-1.in.applicationinsights.azure.com//v2/ Frame	0 0	869ms 316ms	Preflight	20.50.88.232 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://westeurope-1.in.applicationinsights.azure.com//v2/track Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.50.88.232 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://global.americas.axa.travel Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy access-control-allow-methods POST access-control-allow-origin * access-control-max-age 3600 date Sat, 30 Nov 2024 21:38:28 GMT server Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000
POST H2	200	track Show response westeurope-1.in.applicationinsights.azure.com//v2/	62 B 166 B	88ms 86ms	XHR application/json	20.50.88.232 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://westeurope-1.in.applicationinsights.azure.com//v2/track Requested by Host: URL: ../node_modules/@microsoft/applicationinsights-web/dist-esm/applicationinsights-web.js%7Ca2b750bc301171323c8f7b10e015f413 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 20.50.88.232 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash b77934d05bdd2a58f476814325af7edfccad6f36b47247c3f10c6250891bafd2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-type application/json Referer https://global.americas.axa.travel/under_maintenance Response headers strict-transport-security max-age=31536000 access-control-allow-origin * date Sat, 30 Nov 2024 21:38:29 GMT content-type application/json; charset=utf-8 server Microsoft-HTTPAPI/2.0 x-content-type-options nosniff

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| clearImmediate function| setImmediate object| regeneratorRuntime function| IMask object| __dynProto$Gbl object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| OneTrustStub object| dataLayer function| gtag object| recaptcha object| closure_lm_78417 object| google_tag_manager object| google_tag_data

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			global.americas.axa.travel/	1970-01-21 10:08:58	Name: ai_user Value: maBJExoUs0hh0xt67zeOqY|2024-11-30T21:38:26.257Z
			global.americas.axa.travel/	1970-01-21 01:23:24	Name: ai_session Value: D/FcYsm+wu/H4GAKXaS5W5|1733002706268|1733002706268

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.cookielaw.org/consent/01906d33-232b-73ef-83e5-27682937c309/OtAutoBlock.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn.cookielaw.org/consent/01906d33-232b-73ef-83e5-27682937c309/01906d33-232b-73ef-83e5-27682937c309.json Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
global.americas.axa.travel
westeurope-1.in.applicationinsights.azure.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.18.86.42
142.250.184.232
142.250.185.195
152.199.21.175
20.50.88.232
216.58.206.68
2aac33bc7fbaa8637b17e3773511920a1a91baca71dddde2fb81b9b2255a40b6
31016b3f4eb3b48e25d6e946be50d396133c93cd2261a50cf94b26fd94f50096
3ba5c382a7ee6a8831bdf90192addceabe6db4278a679e67fe7e9c0226b729cf
5b88367e3081e7a8792400034ea0fbc701d4b0a26c1784c6b612d89dee299f90
5c08832ab2d9283afbc9e6695d17886c393cffa8ad3ac280fe39af91347e0a6b
6f5312bc3dd89a6d9c67aecf366abf5b7cfcc33a5577177071e286e4343ac7e0
7ed4cbd279750584ad0c9d5a42b75a304f353ba2fb807a660c86100293351334
83da8866676e489d37cd965a18821517c1413935bd3a8a1014f44c5b0c7d8826
8fa1fabd2db573995bf285b7e2e3fca4771af16cd8c53249532bb7010efab1d5
98251fa691e253c9a4107b94ee98af1da7e7a2dfa2fb661e60ab18d17e6d3599
9cbab47276fc04c65ac78098e9a2069c55e26f21701b29092734ce4e830f80fb
ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace
b3c4301152048a368428c6146a412d8e7a855d8da28c3a857449edc98f334ec0
b77934d05bdd2a58f476814325af7edfccad6f36b47247c3f10c6250891bafd2
c2a5ab85a424297eeeaacc454431e026b3c3769403cc8bc11f2c7ba2188187c3
c9868de61ff2bab0b5a3a6d01c4b76f299459f08c6ae2f2c0383b4f9f6bedbf3
cc7b5ea3bb9325a6526be023b3d506eb3217ce1173ed1f346867484038b2608c
df15590085581dbb5c7f5ed0b459fdbdd0ea25200feffaaaada8b36f3e917b03
ee8b891bce1ca9c60c9c8711ff662b1c460b3c3741619a663696b11a866a48f2
f11b59029aa57b52e4d5a99995674982b2c497e7719a7e4dc5d342b182b29082