URL: https://tr.eu.axa.travel/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 10 via api from IT — Scanned from IT

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 34 HTTP transactions. The main IP is 152.199.21.175, located in Germany and belongs to EDGECAST, US. The main domain is tr.eu.axa.travel.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 21st 2024. Valid for: a year.
This is the only time tr.eu.axa.travel was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 152.199.21.175 15133 (EDGECAST)
2 142.250.186.100 15169 (GOOGLE)
12 104.18.87.42 13335 (CLOUDFLAR...)
1 142.250.184.195 15169 (GOOGLE)
2 142.250.186.104 15169 (GOOGLE)
1 172.64.155.119 13335 (CLOUDFLAR...)
2 20.50.88.232 8075 (MICROSOFT...)
34 8
Apex Domain
Subdomains
Transfer
13 axa.travel
tr.eu.axa.travel
12 MB
12 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 326
238 KB
2 azure.com
westeurope-1.in.applicationinsights.azure.com — Cisco Umbrella Rank: 117956
168 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
131 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 498 Failed
1 gstatic.com
www.gstatic.com
217 KB
34 7
Domain Requested by
13 tr.eu.axa.travel tr.eu.axa.travel
12 cdn.cookielaw.org cdn.cookielaw.org
tr.eu.axa.travel
2 westeurope-1.in.applicationinsights.azure.com
2 www.googletagmanager.com tr.eu.axa.travel
2 www.google.com www.gstatic.com
1 geolocation.onetrust.com
1 www.gstatic.com www.google.com
34 7

This site contains links to these domains. Also see Links.

Domain
www.axapartners.co.uk
www.onetrust.com
Subject Issuer Validity Valid
sni33abfgl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-21 -
2025-08-20
a year crt.sh
www.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
cookielaw.org
WE1
2024-10-11 -
2025-01-09
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
geolocation.onetrust.com
WE1
2024-10-11 -
2025-01-09
3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 08
2024-09-13 -
2025-09-08
a year crt.sh

This page contains 2 frames:

Primary Page: https://tr.eu.axa.travel/
Frame ID: D371DB65494BE11A12CC272522943117
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsmPkUAAAAAIfBhAqnCuN154pTlqLbjNZCxBCK&co=aHR0cHM6Ly90ci5ldS5heGEudHJhdmVsOjQ0Mw..&hl=it&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=2phpe1p5cxc5
Frame ID: 99BE02FE7BEB7DB9D8EF5FF555C9AF56
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

FREND

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

34
Requests

97 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

8
IPs

4
Countries

12638 kB
Transfer

13678 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tr.eu.axa.travel/
522 B
1 KB
Document
General
Full URL
https://tr.eu.axa.travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA5) /
Resource Hash
dbfbc63aa96826d4a3e97d9dec9ba7c660bc222e8400a52e706b60df34513cb9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
316505
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
content-length
522
content-md5
rfjHV0J32FOreZhBWWKIig==
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
content-type
text/html
date
Sun, 10 Nov 2024 07:12:01 GMT
etag
0x8DCFE6E14CC4FE9
last-modified
Wed, 06 Nov 2024 14:19:52 GMT
referrer-policy
no-referrer-when-downgrade
server
ECAcc (mil/6CA5)
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
HIT
x-content-type-options
nosniff
x-frame-options
sameorigin
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
87f6b7e3-901e-0052-415e-303401000000
x-ms-version
2009-09-19
x-xss-protection
1; mode=block
fonts.css
tr.eu.axa.travel/assets/fonts/
1 KB
1 KB
Stylesheet
General
Full URL
https://tr.eu.axa.travel/assets/fonts/fonts.css
Requested by
Host: tr.eu.axa.travel
URL: https://tr.eu.axa.travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C5A) /
Resource Hash
df15590085581dbb5c7f5ed0b459fdbdd0ea25200feffaaaada8b36f3e917b03
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
BHuD2CgROXiz+dY6D3m7MA==
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFE6E14CF80A2
age
309098
x-content-type-options
nosniff
x-cache
HIT
date
Sun, 10 Nov 2024 07:12:01 GMT
content-type
text/css
last-modified
Wed, 06 Nov 2024 14:19:52 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000; includeSubDomains
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy
no-referrer-when-downgrade
x-ms-request-id
20b9f8d7-c01e-004a-7670-301994000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
1150
x-xss-protection
1; mode=block
x-ms-blob-type
BlockBlob
server
ECAcc (mil/6C5A)
main.7ff6d281.js
tr.eu.axa.travel/static/js/
11 MB
11 MB
Script
General
Full URL
https://tr.eu.axa.travel/static/js/main.7ff6d281.js
Requested by
Host: tr.eu.axa.travel
URL: https://tr.eu.axa.travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA1) /
Resource Hash
54bf01b3f16a524a8c4e871abb80ffd8c504b51d07369edf181a6cf5d85ffcb5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
jptm6AdMfgsi4A0r42v5tA==
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFE6E152FAB3B
age
309495
x-content-type-options
nosniff
x-cache
HIT
date
Sun, 10 Nov 2024 07:12:01 GMT
content-type
application/x-javascript
last-modified
Wed, 06 Nov 2024 14:19:53 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000; includeSubDomains
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy
no-referrer-when-downgrade
x-ms-request-id
b2b94790-201e-0004-5a6f-30dc71000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
11139430
x-xss-protection
1; mode=block
x-ms-blob-type
BlockBlob
server
ECAcc (mil/6CA1)
main.630d2f81.css
tr.eu.axa.travel/static/css/
13 KB
13 KB
Stylesheet
General
Full URL
https://tr.eu.axa.travel/static/css/main.630d2f81.css
Requested by
Host: tr.eu.axa.travel
URL: https://tr.eu.axa.travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C8B) /
Resource Hash
5b88367e3081e7a8792400034ea0fbc701d4b0a26c1784c6b612d89dee299f90
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
TPpVN1xj+ztcUP6aJxGXrw==
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFE6E15059627
age
309098
x-content-type-options
nosniff
x-cache
HIT
date
Sun, 10 Nov 2024 07:12:01 GMT
content-type
text/css
last-modified
Wed, 06 Nov 2024 14:19:53 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000; includeSubDomains
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy
no-referrer-when-downgrade
x-ms-request-id
ecf171b3-601e-0047-4b70-30f698000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
12837
x-xss-protection
1; mode=block
x-ms-blob-type
BlockBlob
server
ECAcc (mil/6C8B)
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LfsmPkUAAAAAIfBhAqnCuN154pTlqLbjNZCxBCK
Requested by
Host:
URL: index.tsx%7Cf3c52fb744fd90d6e74729c3e7f0e2ce
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
ESF /
Resource Hash
25629fbbee87e6604a77e16c6b3797a917c38af5a6426eb63780f42c00037e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sun, 10 Nov 2024 07:12:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sun, 10 Nov 2024 07:12:04 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
urls.json
tr.eu.axa.travel/
9 KB
10 KB
Fetch
General
Full URL
https://tr.eu.axa.travel/urls.json
Requested by
Host:
URL: index.tsx%7Cf3c52fb744fd90d6e74729c3e7f0e2ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C1D) /
Resource Hash
f8d4b3a37d6e727a72f21c35f1291be42273233e9e28fbaf2bbc2063078cab40
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
ISt6Hn2Z2kaXS/6NuGEpCg==
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFE6E14CC2905
age
308644
x-content-type-options
nosniff
x-cache
HIT
date
Sun, 10 Nov 2024 07:12:04 GMT
content-type
application/json
last-modified
Wed, 06 Nov 2024 14:19:52 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000; includeSubDomains
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy
no-referrer-when-downgrade
x-ms-request-id
9bff7311-901e-0016-7471-30e86d000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
9579
x-xss-protection
1; mode=block
x-ms-blob-type
BlockBlob
server
ECAcc (mil/6C1D)
odigeo-eu-prod.json
tr.eu.axa.travel/config/domain/
699 B
831 B
Fetch
General
Full URL
https://tr.eu.axa.travel/config/domain/odigeo-eu-prod.json
Requested by
Host:
URL: index.tsx%7Cf3c52fb744fd90d6e74729c3e7f0e2ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C33) /
Resource Hash
2b863f9bdbbf15be9dc32624852b64354ce72621e6535193c94ca720416602d7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
XLyDXN2Mf99o3IRs1J3Kzw==
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFE6E14E5D5BC
age
308644
x-content-type-options
nosniff
x-cache
HIT
date
Sun, 10 Nov 2024 07:12:04 GMT
content-type
application/json
last-modified
Wed, 06 Nov 2024 14:19:53 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000; includeSubDomains
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy
no-referrer-when-downgrade
x-ms-request-id
ec55ec53-401e-003d-1671-309cd5000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
699
x-xss-protection
1; mode=block
x-ms-blob-type
BlockBlob
server
ECAcc (mil/6C33)
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
22 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host:
URL: ../node_modules/@contact_services/one-trust-cookies/lib/middleware/cookies-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
qVqAwzZMp5y69q24H0KNhg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCFF52536C02E8
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
22741
x-content-type-options
nosniff
date
Sun, 10 Nov 2024 07:12:04 GMT
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 17:33:43 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
265d7408-301e-0026-05fa-31083e000000
cf-ray
8e043b6dca8d59ad-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
7212
x-ms-blob-type
BlockBlob
server
cloudflare
OtAutoBlock.js
cdn.cookielaw.org/consent/d4482423-5d66-4499-99ae-e104c21534b0/
0
0
Script
General
Full URL
https://cdn.cookielaw.org/consent/d4482423-5d66-4499-99ae-e104c21534b0/OtAutoBlock.js
Requested by
Host:
URL: ../node_modules/@contact_services/one-trust-cookies/lib/middleware/cookies-init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-cache-status
EXPIRED
content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 11 Nov 2024 07:12:04 GMT
date
Sun, 10 Nov 2024 07:12:04 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
de7199fb-801e-0016-643f-335214000000
cf-ray
8e043b6dca8b59ad-MXP
access-control-allow-origin
*
server
cloudflare
recaptcha__it.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/
547 KB
217 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfsmPkUAAAAAIfBhAqnCuN154pTlqLbjNZCxBCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
568eb1fee3e1102246fda6d33edbe5c8a37f631f36afb7f06a4a9781e72011a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://tr.eu.axa.travel
Referer
https://tr.eu.axa.travel/

Response headers

content-encoding
gzip
age
315932
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:26:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:26:32 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
221440
x-xss-protection
0
server
sffe
d4482423-5d66-4499-99ae-e104c21534b0.json
cdn.cookielaw.org/consent/d4482423-5d66-4499-99ae-e104c21534b0/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/d4482423-5d66-4499-99ae-e104c21534b0/d4482423-5d66-4499-99ae-e104c21534b0.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9083553d6f476f4e54be0e9315d9c5004e8b8b0c1bafc58f071fd3b758599a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
VZsWzi+xlNNy/wLmKWGhhg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCEDE4538E91D6
age
71669
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Mon, 11 Nov 2024 07:12:05 GMT
date
Sun, 10 Nov 2024 07:12:05 GMT
content-type
application/json
last-modified
Wed, 16 Oct 2024 13:13:28 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
97a1a4cc-401e-00c7-204d-26ef4b000000
cf-ray
8e043b710a460df1-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
1622
x-ms-blob-type
BlockBlob
server
cloudflare
js
www.googletagmanager.com/gtag/
137 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host:
URL: ../node_modules/react-ga4/dist/ga4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
98583a50ddc7fbccc41ba3bafd5c47a3562505be0dcaa602d620d83d99b9f1b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 10 Nov 2024 07:12:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 07:12:05 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 10 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
53124
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/
251 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5QKHD6H3&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: tr.eu.axa.travel
URL: https://tr.eu.axa.travel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1b5d5426c3950fe54099c5191dcc8726f732c395f7100c0e685eaccd636557cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 10 Nov 2024 07:12:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 10 Nov 2024 07:12:05 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 10 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
79876
x-xss-protection
0
server
Google Tag Manager
it_odigeo.json
tr.eu.axa.travel/locales/
180 KB
181 KB
Fetch
General
Full URL
https://tr.eu.axa.travel/locales/it_odigeo.json
Requested by
Host:
URL: ../node_modules/@microsoft/applicationinsights-web/dist-esm/applicationinsights-web.js%7Ca2b750bc301171323c8f7b10e015f413
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C85) /
Resource Hash
bd094316ffb7e95714b141e05e82a58757db7ef4f58cbaad8a94403151a3aa26
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
traceparent
00-2ef693763ee347fb83e6fa5706abdc81-5d1b15596940453f-01
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
fLY2wz+wlvFNXMk1KqYlxg==
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFE6E150044E9
age
253128
x-content-type-options
nosniff
x-cache
HIT
date
Sun, 10 Nov 2024 07:12:04 GMT
content-type
application/json
last-modified
Wed, 06 Nov 2024 14:19:53 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000; includeSubDomains
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy
no-referrer-when-downgrade
x-ms-request-id
2ed5a0da-601e-006e-12f2-3080da000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
184761
x-xss-protection
1; mode=block
x-ms-blob-type
BlockBlob
server
ECAcc (mil/6C85)
axa-logo.png
tr.eu.axa.travel/assets/logos/
29 KB
29 KB
Image
General
Full URL
https://tr.eu.axa.travel/assets/logos/axa-logo.png
Requested by
Host: tr.eu.axa.travel
URL: https://tr.eu.axa.travel/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CCD) /
Resource Hash
2aac33bc7fbaa8637b17e3773511920a1a91baca71dddde2fb81b9b2255a40b6
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
MPPR8gErJyGH1sBaULoQiQ==
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFE6E14D76700
age
309494
x-content-type-options
nosniff
x-cache
HIT
date
Sun, 10 Nov 2024 07:12:04 GMT
content-type
image/png
last-modified
Wed, 06 Nov 2024 14:19:52 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000; includeSubDomains
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy
no-referrer-when-downgrade
x-ms-request-id
fa0fedf0-501e-004f-1d6f-30edeb000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
29463
x-xss-protection
1; mode=block
x-ms-blob-type
BlockBlob
server
ECAcc (mil/6CCD)
SourceSansPro-Bold.ttf
tr.eu.axa.travel/assets/fonts/
261 KB
261 KB
Font
General
Full URL
https://tr.eu.axa.travel/assets/fonts/SourceSansPro-Bold.ttf
Requested by
Host: tr.eu.axa.travel
URL: https://tr.eu.axa.travel/assets/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC7) /
Resource Hash
9cbab47276fc04c65ac78098e9a2069c55e26f21701b29092734ce4e830f80fb
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://tr.eu.axa.travel
Referer
https://tr.eu.axa.travel/assets/fonts/fonts.css

Response headers

content-md5
hmm4cGu73RSC4vzMTtloUA==
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFE6E14D1C804
age
308645
x-content-type-options
nosniff
x-cache
HIT
date
Sun, 10 Nov 2024 07:12:05 GMT
content-type
application/octet-stream
last-modified
Wed, 06 Nov 2024 14:19:52 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000; includeSubDomains
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy
no-referrer-when-downgrade
x-ms-request-id
2ac4035a-601e-006e-7871-3080da000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
267388
x-xss-protection
1; mode=block
x-ms-blob-type
BlockBlob
server
ECAcc (mil/6CC7)
PublicoHeadline.woff2
tr.eu.axa.travel/assets/fonts/
38 KB
38 KB
Font
General
Full URL
https://tr.eu.axa.travel/assets/fonts/PublicoHeadline.woff2
Requested by
Host: tr.eu.axa.travel
URL: https://tr.eu.axa.travel/assets/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C1C) /
Resource Hash
83da8866676e489d37cd965a18821517c1413935bd3a8a1014f44c5b0c7d8826
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://tr.eu.axa.travel
Referer
https://tr.eu.axa.travel/assets/fonts/fonts.css

Response headers

content-md5
OWOlKqlT6MifiC6Kh50TlQ==
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFE6E14D4841B
age
308645
x-content-type-options
nosniff
x-cache
HIT
date
Sun, 10 Nov 2024 07:12:05 GMT
content-type
application/octet-stream
last-modified
Wed, 06 Nov 2024 14:19:52 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000; includeSubDomains
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy
no-referrer-when-downgrade
x-ms-request-id
804a0b38-101e-0061-4571-306d2c000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
38657
x-xss-protection
1; mode=block
x-ms-blob-type
BlockBlob
server
ECAcc (mil/6C1C)
SourceSansPro-Regular.ttf
tr.eu.axa.travel/assets/fonts/
263 KB
263 KB
Font
General
Full URL
https://tr.eu.axa.travel/assets/fonts/SourceSansPro-Regular.ttf
Requested by
Host: tr.eu.axa.travel
URL: https://tr.eu.axa.travel/assets/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CA9) /
Resource Hash
c9868de61ff2bab0b5a3a6d01c4b76f299459f08c6ae2f2c0383b4f9f6bedbf3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://tr.eu.axa.travel
Referer
https://tr.eu.axa.travel/assets/fonts/fonts.css

Response headers

content-md5
wWeLRvfdP1DOrJTtTgrQGg==
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFE6E14CF0BFA
age
308645
x-content-type-options
nosniff
x-cache
HIT
date
Sun, 10 Nov 2024 07:12:05 GMT
content-type
application/octet-stream
last-modified
Wed, 06 Nov 2024 14:19:52 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000; includeSubDomains
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy
no-referrer-when-downgrade
x-ms-request-id
20c03f23-c01e-004a-3971-301994000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
269108
x-xss-protection
1; mode=block
x-ms-blob-type
BlockBlob
server
ECAcc (mil/6CA9)
SourceSansPro-SemiBold.ttf
tr.eu.axa.travel/assets/fonts/
262 KB
262 KB
Font
General
Full URL
https://tr.eu.axa.travel/assets/fonts/SourceSansPro-SemiBold.ttf
Requested by
Host: tr.eu.axa.travel
URL: https://tr.eu.axa.travel/assets/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C1F) /
Resource Hash
3ba5c382a7ee6a8831bdf90192addceabe6db4278a679e67fe7e9c0226b729cf
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://tr.eu.axa.travel
Referer
https://tr.eu.axa.travel/assets/fonts/fonts.css

Response headers

content-md5
g0dqiQvnn4Tpe3ksnEDXQw==
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFE6E14CFF555
age
308645
x-content-type-options
nosniff
x-cache
HIT
date
Sun, 10 Nov 2024 07:12:05 GMT
content-type
application/octet-stream
last-modified
Wed, 06 Nov 2024 14:19:52 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000; includeSubDomains
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy
no-referrer-when-downgrade
x-ms-request-id
de6a099c-001e-0031-2f71-307224000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
268280
x-xss-protection
1; mode=block
x-ms-blob-type
BlockBlob
server
ECAcc (mil/6C1F)
anchor
www.google.com/recaptcha/api2/ Frame 99BE
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsmPkUAAAAAIfBhAqnCuN154pTlqLbjNZCxBCK&co=aHR0cHM6Ly90ci5ldS5heGEudHJhdmVsOjQ0Mw..&hl=it&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=2phpe1p5cxc5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__it.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hUk0NvL3rrms92F6LQSKLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.eu.axa.travel/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-hUk0NvL3rrms92F6LQSKLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Nov 2024 07:12:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
0
0

location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame
0
0
Preflight
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent
Access-Control-Request-Method
GET
Origin
https://tr.eu.axa.travel
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-ray
8e043b74cbf183b5-MXP
content-encoding
gzip
content-type
text/javascript
date
Sun, 10 Nov 2024 07:12:05 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202402.1.0/
430 KB
105 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89cf762e0c3023dff4e6d43e6a79cd5ec928ce592d022d6f3d97a8972800b475
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
XwXx/WxMZ+UJJ5CmkZRGfQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
8008
content-encoding
gzip
x-content-type-options
nosniff
cf-polished
origSize=440693
date
Sun, 10 Nov 2024 07:12:05 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 21:32:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
0dcfd11e-c01e-00b0-107e-256a0a000000
cf-ray
8e043b753cb759ad-MXP
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
en.json
cdn.cookielaw.org/consent/d4482423-5d66-4499-99ae-e104c21534b0/01928f9b-5ee0-7401-9f75-38edb8c2b8b1/
52 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/d4482423-5d66-4499-99ae-e104c21534b0/01928f9b-5ee0-7401-9f75-38edb8c2b8b1/en.json
Requested by
Host:
URL: ../node_modules/@microsoft/applicationinsights-web/dist-esm/applicationinsights-web.js%7Ca2b750bc301171323c8f7b10e015f413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3745877c465bbeffcfafce54f1e3c75a1e6370b406eb3917e67771036a35c41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
3G8iprSkdZLzBkxELdt5iw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
0x8DCEDE4555262BE
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
x-content-type-options
nosniff
expires
Mon, 11 Nov 2024 07:12:06 GMT
date
Sun, 10 Nov 2024 07:12:06 GMT
content-type
application/json
last-modified
Wed, 16 Oct 2024 13:13:31 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
29c4176a-d01e-000e-714d-267f81000000
cf-ray
8e043b7709cd0df1-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
13868
x-ms-blob-type
BlockBlob
server
cloudflare
otFlat.json
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/otFlat.json
Requested by
Host:
URL: ../node_modules/@microsoft/applicationinsights-web/dist-esm/applicationinsights-web.js%7Ca2b750bc301171323c8f7b10e015f413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
Rtw1HeKUT+s7FdllH11+Yg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5DEB6E44F68
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
71667
x-content-type-options
nosniff
date
Sun, 10 Nov 2024 07:12:06 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 21:31:54 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
2c67694d-d01e-0027-0d59-1b09c3000000
cf-ray
8e043b782b020df1-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
3041
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/v2/
62 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/v2/otPcCenter.json
Requested by
Host:
URL: ../node_modules/@microsoft/applicationinsights-web/dist-esm/applicationinsights-web.js%7Ca2b750bc301171323c8f7b10e015f413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40f57620246d052ea666f8f9d25dc6fcd93a7bbd6314077a2eb7213e98a4b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
JaQINgYe3a7s6zMdoyk38Q==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5DEB83DC8A4
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
71667
x-content-type-options
nosniff
date
Sun, 10 Nov 2024 07:12:06 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 21:31:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
34cecf10-701e-0003-2403-ea908d000000
cf-ray
8e043b782b060df1-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
12808
x-ms-blob-type
BlockBlob
server
cloudflare
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/otCookieSettingsButton.json
Requested by
Host:
URL: ../node_modules/@microsoft/applicationinsights-web/dist-esm/applicationinsights-web.js%7Ca2b750bc301171323c8f7b10e015f413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
bAy0mwbbFaEmZGzcRWHRpA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5DEB7F8CF82
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
71667
x-content-type-options
nosniff
date
Sun, 10 Nov 2024 07:12:06 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 21:31:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
071a37d2-501e-00f1-731f-d84219000000
cf-ray
8e043b782b0a0df1-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
1766
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202402.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/otCommonStyles.css
Requested by
Host:
URL: ../node_modules/@microsoft/applicationinsights-web/dist-esm/applicationinsights-web.js%7Ca2b750bc301171323c8f7b10e015f413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29733ca80fad429eb7e4bb7f028cd176d9ee5a5427d09caec143e5030cb1005f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
c7xAZ9MSGAobGaTYg/Qtag==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
71667
content-encoding
gzip
x-content-type-options
nosniff
cf-polished
origSize=21778
date
Sun, 10 Nov 2024 07:12:06 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 21:32:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
322674c9-b01e-0096-201f-d8f1be000000
cf-ray
8e043b783b0c0df1-MXP
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
501 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host:
URL: ../node_modules/@microsoft/applicationinsights-web/dist-esm/applicationinsights-web.js%7Ca2b750bc301171323c8f7b10e015f413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
71667
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 10 Nov 2024 07:12:06 GMT
content-type
image/svg+xml
last-modified
Thu, 07 Nov 2024 17:33:49 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
9cdec8aa-a01e-00a0-70e6-315cec000000
cf-ray
8e043b7a3d6a0df1-MXP
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
axa_logo_solid_rgb.png
cdn.cookielaw.org/logos/58aad042-a197-4800-bc2b-ff1ee3acebe6/1c55d1b1-1663-4df7-a012-bbc62f619030/2e7edf8a-0460-47f9-a349-cb8d0cc0894f/
85 KB
85 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/58aad042-a197-4800-bc2b-ff1ee3acebe6/1c55d1b1-1663-4df7-a012-bbc62f619030/2e7edf8a-0460-47f9-a349-cb8d0cc0894f/axa_logo_solid_rgb.png
Requested by
Host: tr.eu.axa.travel
URL: https://tr.eu.axa.travel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8423017738ee26bf46494c6dac928e6f7cdb466213438cc3a24377d8b7855e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
QEt36BaHhI1knXg9iw4gFA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8D8BEC0A843072D
age
4640
cf-cache-status
HIT
x-content-type-options
nosniff
date
Sun, 10 Nov 2024 07:12:06 GMT
content-type
image/png
last-modified
Fri, 22 Jan 2021 10:29:53 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
df94c5b6-101e-0031-42c2-29c85d000000
cf-ray
8e043b7a3a8959ad-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
87169
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: tr.eu.axa.travel
URL: https://tr.eu.axa.travel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
4856
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 10 Nov 2024 07:12:06 GMT
content-type
image/svg+xml
last-modified
Thu, 07 Nov 2024 17:33:50 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
0e9b10b3-c01e-007c-6803-320ebf000000
cf-ray
8e043b7a3a8a59ad-MXP
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
favicon-Axa.ico
tr.eu.axa.travel/assets/icons/
106 KB
107 KB
Other
General
Full URL
https://tr.eu.axa.travel/assets/icons/favicon-Axa.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC5) /
Resource Hash
8fa1fabd2db573995bf285b7e2e3fca4771af16cd8c53249532bb7010efab1d5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tr.eu.axa.travel/

Response headers

content-md5
6QXMIGP2n5BapN4Suglivg==
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFE6E14CCC496
age
253130
x-content-type-options
nosniff
x-cache
HIT
date
Sun, 10 Nov 2024 07:12:07 GMT
content-type
image/x-icon
last-modified
Wed, 06 Nov 2024 14:19:52 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000; includeSubDomains
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
cache-control
nostore, nocache, mustrevalidate, maxage=1, postcheck=0, precheck=0
referrer-policy
no-referrer-when-downgrade
x-ms-request-id
74baee09-a01e-0015-22f2-30eb6a000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
108571
x-xss-protection
1; mode=block
x-ms-blob-type
BlockBlob
server
ECAcc (mil/6CC5)
track
westeurope-1.in.applicationinsights.azure.com//v2/
64 B
168 B
XHR
General
Full URL
https://westeurope-1.in.applicationinsights.azure.com//v2/track
Requested by
Host:
URL: ../node_modules/@microsoft/applicationinsights-web/dist-esm/applicationinsights-web.js%7Ca2b750bc301171323c8f7b10e015f413
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.232 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
0c529f33569b5961a3cbf6845eddd3163672ccace67f8fd843aa645204c0218a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://tr.eu.axa.travel/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Sun, 10 Nov 2024 07:12:07 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
track
westeurope-1.in.applicationinsights.azure.com//v2/ Frame
0
0
Preflight
General
Full URL
https://westeurope-1.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.232 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://tr.eu.axa.travel
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Sun, 10 Nov 2024 07:12:07 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
geolocation.onetrust.com
URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| clearImmediate function| setImmediate object| regeneratorRuntime function| IMask object| __dynProto$Gbl object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer function| gtag object| recaptcha object| closure_lm_455127 object| OtTrustedType object| google_tag_manager object| google_tag_data string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust

3 Cookies

Domain/Path Name / Value
tr.eu.axa.travel/ Name: ai_user
Value: RWUm4gDfQWOItPNPx39G1X|2024-11-10T07:12:04.855Z
tr.eu.axa.travel/ Name: ai_session
Value: QD1QXe65E84d3rjzEaUmcA|1731222724884|1731222724884
.tr.eu.axa.travel/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sun+Nov+10+2024+08%3A12%3A06+GMT%2B0100+(Ora+standard+dell%E2%80%99Europa+centrale)&version=202402.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=2990d5fe-8ea2-407d-9614-232d1a4102b3&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Ftr.eu.axa.travel%2F&groups=C0001%3A1%2CC0002%3A0

3 Console Messages

Source Level URL
Text
network error URL: https://cdn.cookielaw.org/consent/d4482423-5d66-4499-99ae-e104c21534b0/OtAutoBlock.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://tr.eu.axa.travel/
Message:
Access to XMLHttpRequest at 'https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location' from origin 'https://tr.eu.axa.travel' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:; img-src https: data:; font-src 'self'; connect-src https:; style-src 'unsafe-inline' 'self';
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
geolocation.onetrust.com
tr.eu.axa.travel
westeurope-1.in.applicationinsights.azure.com
www.google.com
www.googletagmanager.com
www.gstatic.com
geolocation.onetrust.com
104.18.87.42
142.250.184.195
142.250.186.100
142.250.186.104
152.199.21.175
172.64.155.119
20.50.88.232
0c529f33569b5961a3cbf6845eddd3163672ccace67f8fd843aa645204c0218a
1b5d5426c3950fe54099c5191dcc8726f732c395f7100c0e685eaccd636557cf
25629fbbee87e6604a77e16c6b3797a917c38af5a6426eb63780f42c00037e7b
29733ca80fad429eb7e4bb7f028cd176d9ee5a5427d09caec143e5030cb1005f
2aac33bc7fbaa8637b17e3773511920a1a91baca71dddde2fb81b9b2255a40b6
2b863f9bdbbf15be9dc32624852b64354ce72621e6535193c94ca720416602d7
3ba5c382a7ee6a8831bdf90192addceabe6db4278a679e67fe7e9c0226b729cf
54bf01b3f16a524a8c4e871abb80ffd8c504b51d07369edf181a6cf5d85ffcb5
568eb1fee3e1102246fda6d33edbe5c8a37f631f36afb7f06a4a9781e72011a3
5b88367e3081e7a8792400034ea0fbc701d4b0a26c1784c6b612d89dee299f90
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
7358c5616f671017f307d161644d253f0f81083b0be68f3a3fefefa33b59de5d
7429ba59299387d5b2445949464b6b58111c47c8363459c1dfe16a541ff0c397
83da8866676e489d37cd965a18821517c1413935bd3a8a1014f44c5b0c7d8826
89cf762e0c3023dff4e6d43e6a79cd5ec928ce592d022d6f3d97a8972800b475
8fa1fabd2db573995bf285b7e2e3fca4771af16cd8c53249532bb7010efab1d5
98583a50ddc7fbccc41ba3bafd5c47a3562505be0dcaa602d620d83d99b9f1b2
9cbab47276fc04c65ac78098e9a2069c55e26f21701b29092734ce4e830f80fb
bd094316ffb7e95714b141e05e82a58757db7ef4f58cbaad8a94403151a3aa26
c9868de61ff2bab0b5a3a6d01c4b76f299459f08c6ae2f2c0383b4f9f6bedbf3
d8423017738ee26bf46494c6dac928e6f7cdb466213438cc3a24377d8b7855e7
dbfbc63aa96826d4a3e97d9dec9ba7c660bc222e8400a52e706b60df34513cb9
df15590085581dbb5c7f5ed0b459fdbdd0ea25200feffaaaada8b36f3e917b03
e3745877c465bbeffcfafce54f1e3c75a1e6370b406eb3917e67771036a35c41
e9083553d6f476f4e54be0e9315d9c5004e8b8b0c1bafc58f071fd3b758599a2
f40f57620246d052ea666f8f9d25dc6fcd93a7bbd6314077a2eb7213e98a4b5a
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f8d4b3a37d6e727a72f21c35f1291be42273233e9e28fbaf2bbc2063078cab40