axa-link-pago-front-qa.tiprotec.com Open in urlscan Pro
2606:4700:10::6816:10a6  Public Scan

URL: https://axa-link-pago-front-qa.tiprotec.com/
Submission: On February 12 via api from US — Scanned from US

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 2606:4700:10::6816:10a6, located in United States and belongs to CLOUDFLARENET, US. The main domain is axa-link-pago-front-qa.tiprotec.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 29th 2023. Valid for: a year.
This is the only time axa-link-pago-front-qa.tiprotec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.224.210.78 16509 (AMAZON-02)
5 3
Apex Domain
Subdomains
Transfer
4 tiprotec.com
axa-link-pago-front-qa.tiprotec.com
128 KB
1 pusher.com
js.pusher.com — Cisco Umbrella Rank: 15101
18 KB
5 2
Domain Requested by
4 axa-link-pago-front-qa.tiprotec.com axa-link-pago-front-qa.tiprotec.com
1 js.pusher.com axa-link-pago-front-qa.tiprotec.com
5 2

This site contains no links.

Subject Issuer Validity Valid
axa-link-pago-front-qa.tiprotec.com
Cloudflare Inc ECC CA-3
2023-12-29 -
2024-12-27
a year crt.sh
js.pusher.com
Amazon RSA 2048 M01
2023-04-13 -
2024-05-11
a year crt.sh

This page contains 1 frames:

Primary Page: https://axa-link-pago-front-qa.tiprotec.com/
Frame ID: 47EF4929A29C29C0D544517A27F59FEB
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Link de pago cliente externo

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

146 kB
Transfer

441 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
axa-link-pago-front-qa.tiprotec.com/
894 B
952 B
Document
General
Full URL
https://axa-link-pago-front-qa.tiprotec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:10a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aac34b4759834add9d40df94ea303edd4cf8c3e38fb2a0ac256e9b869ce7a38d
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85483cb0bd6474b0-MIA
content-encoding
br
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Mon, 12 Feb 2024 22:23:37 GMT
last-modified
Mon, 08 Jan 2024 18:22:44 GMT
permissions-policy
interest-cohort=()
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
index-4Ub8qqx5.js
axa-link-pago-front-qa.tiprotec.com/assets/
339 KB
111 KB
Script
General
Full URL
https://axa-link-pago-front-qa.tiprotec.com/assets/index-4Ub8qqx5.js
Requested by
Host: axa-link-pago-front-qa.tiprotec.com
URL: https://axa-link-pago-front-qa.tiprotec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:10a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d50a6aac9c6b0cc780561b07726d36c30fcbb03a2cc87ae6b9554183547bcf7
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://axa-link-pago-front-qa.tiprotec.com/
Origin
https://axa-link-pago-front-qa.tiprotec.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 22:23:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Jan 2024 18:22:44 GMT
server
cloudflare
etag
W/"659c3d74-54dc9"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
permissions-policy
interest-cohort=()
cf-ray
85483cb2799e74b0-MIA
expires
Mon, 19 Feb 2024 22:23:37 GMT
index-fQjbwPtj.css
axa-link-pago-front-qa.tiprotec.com/assets/
21 KB
5 KB
Stylesheet
General
Full URL
https://axa-link-pago-front-qa.tiprotec.com/assets/index-fQjbwPtj.css
Requested by
Host: axa-link-pago-front-qa.tiprotec.com
URL: https://axa-link-pago-front-qa.tiprotec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:10a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14b699645ed1fad1db6d83c9501042397cb66896fa3ba83dd1ce08584b3b3f1e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://axa-link-pago-front-qa.tiprotec.com/
Origin
https://axa-link-pago-front-qa.tiprotec.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 22:23:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Jan 2024 18:22:44 GMT
server
cloudflare
etag
W/"659c3d74-5318"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800
permissions-policy
interest-cohort=()
cf-ray
85483cb2799b74b0-MIA
expires
Mon, 19 Feb 2024 22:23:37 GMT
pusher.min.js
js.pusher.com/8.2.0/
60 KB
18 KB
Script
General
Full URL
https://js.pusher.com/8.2.0/pusher.min.js
Requested by
Host: axa-link-pago-front-qa.tiprotec.com
URL: https://axa-link-pago-front-qa.tiprotec.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.210.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-210-78.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9db3ff67d32874f9141c893b8e48159219863074df0bacd551f7747be849163

Request headers

accept-language
en-US,en;q=0.9
Referer
https://axa-link-pago-front-qa.tiprotec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 19:50:25 GMT
content-encoding
gzip
via
1.1 0112af6219abab80a1c298e0563cf966.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
2169193
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 19 Jun 2023 12:13:29 GMT
server
AmazonS3
etag
W/"3ab73af824d600a8f04d9e36bf295717"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
EAVIBbp6SPdPwe0wH3LakMuCcqhMuRPvfa0x60XzTfhtkRBOGpkYuw==
logo_hsbc-LnRkS6Kf.webp
axa-link-pago-front-qa.tiprotec.com/assets/
10 KB
11 KB
Image
General
Full URL
https://axa-link-pago-front-qa.tiprotec.com/assets/logo_hsbc-LnRkS6Kf.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:10a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
320e0b96073f860519eb011dc84f6267fedd7ebd95e39fab04a83bedb0db7743
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://axa-link-pago-front-qa.tiprotec.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 22:23:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
10534
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Jan 2024 18:22:44 GMT
server
cloudflare
etag
"659c3d74-2926"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=604800
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
85483cb63cd974a0-MIA
expires
Mon, 19 Feb 2024 22:23:38 GMT
truncated
/
292 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4830e0eb3e9efa9ea4930d515d02b73c870d53f4da24b609d49735a5bf231a6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3629a9348679f07e85da61621d244c6f1427c5d4b20523f532733f8593ac4b9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b96948afa1c12f9653dcc6ad88d388e691bd66724554ceedd1989e6a4a7b0c4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
880772dd93344fdb86d8e227084a1af1d8c5d2b3e0413c677e63f7eb2f580eb7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09de35e5388ad2ccb9c7a2feebf1895fba6d3e413a4615ef98830127f40872a0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f1f3897dae0effd04f22d299f21612bca197c0c55eb63b9d6594cbcfa69d399

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
148 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a47277f41efae0fa623e03c4ddb95f4bca8743acb15966e7a566d609ab34968

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
424 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c53372662bea0c295ed07d009def0b4e9412c7e33372b9f6ead58170ec32d7e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae2a3cddbe74165fadd8c96abe8729d75f0d1babacc41ebb5e24f7338e9e197c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
341 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63158e7ecb9731ddd62dd7b23b78cba19d66ddd6fd2049108e0b09c9b69cdefa

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Pusher object| pusher object| channel

0 Cookies

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block