leazing.fr Open in urlscan Pro
51.159.18.46 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ad.atdmt.com/c/img;adv=40000444734006;ec=106147206444477;c.a=064712;s.a=Struckmann;p.a=Thomas;a.a=app2,41431;...
Effective URL:
https://leazing.fr/vmail/ws1.php
Submission: On December 06 via manual (December 6th 2021, 7:00:32 am UTC) from AU — Scanned from DE

Summary HTTP 65 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 65 HTTP transactions. The main IP is 51.159.18.46, located in Paris, France and belongs to Online SAS, FR. The main domain is leazing.fr.
TLS certificate: Issued by R3 on October 28th 2021. Valid for: 3 months.

This is the only time leazing.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
2	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
13	152.199.23.37 152.199.23.37	15133 (EDGECAST) (EDGECAST)
4 7	51.159.18.46 51.159.18.46	12876 (Online SAS) (Online SAS)
1	20.190.159.138 20.190.159.138	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 32	45.60.78.208 45.60.78.208	19551 (INCAPSULA) (INCAPSULA)
5	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.197.248.129 34.197.248.129	14618 (AMAZON-AES) (AMAZON-AES)
3	23.45.108.166 23.45.108.166	16625 (AKAMAI-AS) (AKAMAI-AS)
2	130.61.67.95 130.61.67.95	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
65	11

1 2a03:2880:f01c:8004:face:b00c:0:8c (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

demobile.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 152.199.23.37 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.159.18.46 (Paris, France) 4 redirects

ASN12876 (Online SAS, FR)
PTR: sd-147578.dedibox.fr

simulea.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
leazing.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.leazing.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.159.138 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 45.60.78.208 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

www.zurich.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.248.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-248-129.compute-1.amazonaws.com

api.ipstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.45.108.166 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-108-166.deploy.static.akamaitechnologies.com

c.oracleinfinity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.61.67.95 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)

dc.oracleinfinity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

zurich.data.adobedc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	zurich.com 1 redirects www.zurich.com	3 MB
13	msftauth.net aadcdn.msftauth.net	131 KB
6	leazing.fr 3 redirects leazing.fr www.leazing.fr	16 KB
5	oracleinfinity.io c.oracleinfinity.io dc.oracleinfinity.io	34 KB
5	tiqcdn.com tags.tiqcdn.com	119 KB
2	web.app demobile.web.app	37 KB
1	adobedc.net zurich.data.adobedc.net	393 B
1	ipstack.com api.ipstack.com	1 KB
1	simulea.fr 1 redirects simulea.fr	271 B
1	live.com login.live.com Failed
1	atdmt.com 1 redirects ad.atdmt.com	966 B
0	Failed function sub() { [native code] }. Failed
65	12

	Domain	Requested by
32	www.zurich.com	1 redirects leazing.fr www.zurich.com demobile.web.app
13	aadcdn.msftauth.net	demobile.web.app leazing.fr
5	tags.tiqcdn.com	www.zurich.com tags.tiqcdn.com
4	leazing.fr	2 redirects demobile.web.app leazing.fr
3	c.oracleinfinity.io	tags.tiqcdn.com c.oracleinfinity.io
2	dc.oracleinfinity.io	c.oracleinfinity.io
2	www.leazing.fr	1 redirects leazing.fr
2	demobile.web.app	demobile.web.app
1	zurich.data.adobedc.net
1	api.ipstack.com	www.zurich.com
1	simulea.fr	1 redirects
1	login.live.com	demobile.web.app leazing.fr
1	ad.atdmt.com	1 redirects
0	www. Failed	demobile.web.app
65	14

This site contains links to these domains. Also see Links.

Domain
passwordreset.zurich.com
www.zurich.com
privacy.zurich.com

Subject Issuer	Validity	Valid
web.app GTS CA 1D4	`2021-12-02` - `2022-03-02`	3 months	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2021-05-13` - `2022-05-13`	a year	crt.sh
leazing.fr R3	`2021-10-28` - `2022-01-26`	3 months	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2021-11-25` - `2022-11-25`	a year	crt.sh
*.zurich.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2022-02-25`	2 years	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
apilayer.net Amazon	`2021-09-10` - `2022-10-09`	a year	crt.sh
c.oracleinfinity.io DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-10-18`	a year	crt.sh
dc.oracleinfinity.io DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-09-07`	a year	crt.sh
*.data.adobedc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-10-07` - `2022-10-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://leazing.fr/vmail/ws1.php
Frame ID: 9537A2854A7EC92EDE3DBE4E2E51F67F
Requests: 21 HTTP requests in this frame

Frame: https://www.%3C/?php%20echo%20$domain;%20?%3E
Frame ID: B846EEE831BFE629E2703FB4D39BB04D
Requests: 1 HTTP requests in this frame

Frame: https://www.zurich.com/
Frame ID: 983316756B489706A909074D60127A8F
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

https://ad.atdmt.com/c/img;adv=40000444734006;ec=106147206444477;c.a=064712;s.a=Struckmann;p.a=Th... HTTP 302
https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm Page URL
http://simulea.fr/id.php?url=https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8x... HTTP 302
https://leazing.fr/vmail/?client-request-id=dGhvbWFzLnN0cnVja21hbm5AenVyaWNoLmNvbQ== HTTP 302
https://leazing.fr/vmail/ws1.php Page URL

Page Statistics

65
Requests

94 %
HTTPS

18 %
IPv6

12
Domains

14
Subdomains

11
IPs

4
Countries

3672 kB
Transfer

5719 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://passwordreset.zurich.com/?ru=https%3a%2f%2flogin.zurich.comonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSv4vTcADFL-1dPY8Tzx-DLnKDiChp02_SpDl0yF166a98c23SJulS0uSbNmnSpGnapP0LxMnJwdFFPATBSZycHG5yFMHNSRBEEHTzTmdxebzHe9v7bG3S-SLIF_PEnSzIE3s3KYYuUVRpgJPApHGKHRB4mUQ0XrRY8rQCDG0a0eWtHaq6-fXljU_Ss9eff-y01P1jbHcUx-Fsr1BIkiQf2LZjorwZ-AXPmFjOZLgArzHsPYY9yWygCS7sH2dmNMkwJAAliiwTDEvTpWJeUvRU9ztFyJuxqPQcKBOEqJigqXie6OuxrnZKcNXzoNob6ash1VNrJegOV9BvxaIrUmd76I7Tplr3ocvFPaHuQsUaQ78DdKW1-pi5KHHzeATOJIicFfqeOW8Hkd8Pg1n8JPs4c1iWhRKhd5whstvVpDpezniLIpYTq12PqvWIKkrNJXJSN6yFdaJBBSnPjec1R66wugX1AV_Zb_Gy7A_EZpqQLSJkDQg4wzA4ekmO-1L3QMSbqE-X7Vjcnx6VbXnO6D53gJhZb1Ki8Kk-lQ8r847L0I62MAyxpQk4VMfpKB7hDGshW2XkFLXiMOQVEjCeN1i27cZS6S2a8dwRovaBWhZDrSXhAjPQZCGelvVJJ5hqyXCGmkdkfW6wKy6VTbzBm0lVdVduOGjXu00IEMdVuKQBJAPZ1livVUWUBjVmeJQcZ6__494FeJXNnRo_mJxkmSBEE8faDaPAdjz0LyQWoCD9SdXAR3nO896vY1_WtzdzO9vXsN2121eJjZ_r2NONU84-3H147_6vF9Xnq3eNtzu31k42ClSZZfheJeh2hnItEjSO9WtS1OW7wlyFsSaPZodQG9jaoUHcp_aKj3LYo1zuJHepxvdhRZEVDvJcmwd94lsOe3Bu7c35_5L7cfvK1tbc6XuBaXhodvkvwW8vrP0G0&mkt=en-GB&hosted=0&device_platform=macOS
Title: Forgotten my password

Search URL Search Domain Scan URL

URL: https://www.zurich.com/en-GB/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.zurich.com/en-GB/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ad.atdmt.com/c/img;adv=40000444734006;ec=106147206444477;c.a=064712;s.a=Struckmann;p.a=Thomas;a.a=app2,41431;qpb=1;?h=demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm HTTP 302
https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm Page URL
http://simulea.fr/id.php?url=https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm HTTP 302
https://leazing.fr/vmail/?client-request-id=dGhvbWFzLnN0cnVja21hbm5AenVyaWNoLmNvbQ== HTTP 302
https://leazing.fr/vmail/ws1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ad.atdmt.com/c/img;adv=40000444734006;ec=106147206444477;c.a=064712;s.a=Struckmann;p.a=Thomas;a.a=app2,41431;qpb=1;?h=demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm HTTP 302
https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm

Request Chain 21

https://leazing.fr/vmail/); HTTP 301
https://www.leazing.fr/vmail/ HTTP 302
https://www.leazing.fr/vmail/ws1.php

Request Chain 24

https://www.zurich.com/ HTTP 302
https://www.zurich.com/

65 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm Show response
demobile.web.app/
Redirect Chain

https://ad.atdmt.com/c/img;adv=40000444734006;ec=106147206444477;c.a=064712;s.a=Struckmann;p.a=Thomas;a.a=app2,41431;qpb=1;?h=demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm
https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm

28 KB
9 KB

172ms
154ms

Document
text/html

2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d11b1bf4202334a76e4b60e2b2ba7470ff7a6b7dd8fd91c6500157358a6d7b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: "ec7617b2a6c218e31c205fcd41b15d7e28c9a7d1e586894951d0f9317f8c6d19"
last-modified: Sun, 05 Dec 2021 14:12:34 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 06 Dec 2021 07:00:26 GMT
x-served-by: cache-hhn4036-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1638774027.691753,VS0,VE148
vary: x-fh-requested-host, accept-encoding
content-length: 9091

Redirect headers

location: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm
x-fb-rlafr: 0
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
content-type: text/html; charset="utf-8"
x-fb-debug: 4MvACjm6WrTEyUijcFOKrCP7LqZBBY5CPpxMFwJIo4U3CpCzqRy6+0Y7UwissM/1VtzNU/FjYBQHrG6sICXxzg==
content-length: 0
date: Mon, 06 Dec 2021 07:00:26 GMT

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 108 KB
20 KB 31ms
7ms Stylesheet
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: demobile.web.app
URL: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) /
Resource Hash: 8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11

Request headers

Referer: https://demobile.web.app/
Origin: https://demobile.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:26 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 5496200
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (frc/8FCC)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 33ms
9ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234.js
Requested by: Host: demobile.web.app
URL: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC1) /
Resource Hash: 0140da8c4170309baa728814f96185de2c71bb6a9101d51cb040ece949aa3128

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://demobile.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:26 GMT
content-encoding: gzip
content-md5: iY5CLUIh9JBLJeGkywpVeQ==
age: 3362918
x-cache: HIT
content-length: 5420
x-ms-lease-status: unlocked
last-modified: Mon, 25 Oct 2021 18:32:55 GMT
server: ECAcc (frc/8FC1)
etag: 0x8D997E5DC79B53A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fc77aabe-d01e-0043-3cd9-cbd147000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pidpdisambiguation_76e0875415977704da38.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 7 KB
2 KB 34ms
11ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_76e0875415977704da38.js
Requested by: Host: demobile.web.app
URL: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F96) /
Resource Hash: e9b270d2a6af5d01dd798963a97d66ce020da7501b55c0239c0b5d7c1d5d2375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://demobile.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:26 GMT
content-encoding: gzip
content-md5: 1A1WnDfolxSryQ87DZzNXQ==
age: 3364063
x-cache: HIT
content-length: 2359
x-ms-lease-status: unlocked
last-modified: Mon, 25 Oct 2021 18:32:55 GMT
server: ECAcc (frc/8F96)
etag: 0x8D997E5DC900061
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ec7e0d1c-c01e-000a-3fd6-cbf4c7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_ppassword_6f5648a25cfbe86f348c.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 20 KB
6 KB 33ms
10ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_6f5648a25cfbe86f348c.js
Requested by: Host: demobile.web.app
URL: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8B) /
Resource Hash: 7cb7621f3eb49c78b89d119106cf42981a3075da154dc96af6ca24f8f68c6f53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://demobile.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:26 GMT
content-encoding: gzip
content-md5: JELxaubb1KDAtUnzSblILg==
age: 3386174
x-cache: HIT
content-length: 5736
x-ms-lease-status: unlocked
last-modified: Mon, 25 Oct 2021 18:32:56 GMT
server: ECAcc (frc/8F8B)
etag: 0x8D997E5DD3425FC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 82e0f209-401e-006b-7aa2-cb8839000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET Me.htm
login.live.com/ 0
0

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
20 KB 7ms
7ms Other
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: demobile.web.app
URL: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://demobile.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:26 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 5496200
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (frc/8FCC)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
12 KB 9ms
9ms Other
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by: Host: demobile.web.app
URL: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6C) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://demobile.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:26 GMT
content-encoding: gzip
content-md5: GYbSFdLE8Xb9pCzSg7cJ6A==
age: 3683209
x-cache: HIT
content-length: 12608
x-ms-lease-status: unlocked
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (frc/8F6C)
etag: 0x8D992B5E417004E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6044ad75-801e-004b-7fef-c8f668000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET https://www.%3C/?php%20echo%20$domain;%20?%3E
https://www.%3C/?php%20echo%20$domain;%20?%3E Frame B846 0
0

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 404 );
demobile.web.app/ 28 KB
28 KB 8ms
8ms Image
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://demobile.web.app/);

Requested by

Host: demobile.web.app
URL: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
last-modified: Sun, 05 Dec 2021 14:12:34 GMT
x-timer: S1638774027.001238,VS0,VE1
etag: "ec7617b2a6c218e31c205fcd41b15d7e28c9a7d1e586894951d0f9317f8c6d19"
x-served-by: cache-hhn4036-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
date: Mon, 06 Dec 2021 07:00:27 GMT
accept-ranges: bytes
content-length: 9091
x-cache-hits: 1

GET
H/1.1

200
OK

Primary Request ws1.php Show response
leazing.fr/vmail/
Redirect Chain

http://simulea.fr/id.php?url=https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm
https://leazing.fr/vmail/?client-request-id=dGhvbWFzLnN0cnVja21hbm5AenVyaWNoLmNvbQ==
https://leazing.fr/vmail/ws1.php

33 KB
10 KB

23ms
23ms

Document
text/html

51.159.18.46
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://leazing.fr/vmail/ws1.php

Requested by

Host: demobile.web.app
URL: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.159.18.46 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-147578.dedibox.fr

Software

nginx /

Resource Hash

a3341bb53953eca994fb140e1e825cc89f8c0060815028d24b7f5bdd9b972bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000 max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm#/user/settings/vm_notification/4e90860db9ec/oauth2

Response headers

Date: Mon, 06 Dec 2021 07:00:27 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000 max-age=63072000
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked

Redirect headers

Date: Mon, 06 Dec 2021 07:00:27 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000 max-age=63072000
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: ws1.php
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 108 KB
20 KB 8ms
7ms Stylesheet
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: leazing.fr
URL: https://leazing.fr/vmail/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) /
Resource Hash: 8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11

Request headers

Referer: https://leazing.fr/
Origin: https://leazing.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 5496201
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (frc/8FCC)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
5 KB 10ms
9ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234.js
Requested by: Host: leazing.fr
URL: https://leazing.fr/vmail/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC1) /
Resource Hash: 0140da8c4170309baa728814f96185de2c71bb6a9101d51cb040ece949aa3128

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://leazing.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
content-md5: iY5CLUIh9JBLJeGkywpVeQ==
age: 3362919
x-cache: HIT
content-length: 5420
x-ms-lease-status: unlocked
last-modified: Mon, 25 Oct 2021 18:32:55 GMT
server: ECAcc (frc/8FC1)
etag: 0x8D997E5DC79B53A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fc77aabe-d01e-0043-3cd9-cbd147000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pidpdisambiguation_76e0875415977704da38.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 7 KB
2 KB 10ms
10ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_76e0875415977704da38.js
Requested by: Host: leazing.fr
URL: https://leazing.fr/vmail/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F96) /
Resource Hash: e9b270d2a6af5d01dd798963a97d66ce020da7501b55c0239c0b5d7c1d5d2375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://leazing.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
content-md5: 1A1WnDfolxSryQ87DZzNXQ==
age: 3364064
x-cache: HIT
content-length: 2359
x-ms-lease-status: unlocked
last-modified: Mon, 25 Oct 2021 18:32:55 GMT
server: ECAcc (frc/8F96)
etag: 0x8D997E5DC900061
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ec7e0d1c-c01e-000a-3fd6-cbf4c7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_ppassword_6f5648a25cfbe86f348c.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 20 KB
6 KB 10ms
10ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_6f5648a25cfbe86f348c.js
Requested by: Host: leazing.fr
URL: https://leazing.fr/vmail/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8B) /
Resource Hash: 7cb7621f3eb49c78b89d119106cf42981a3075da154dc96af6ca24f8f68c6f53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://leazing.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
content-md5: JELxaubb1KDAtUnzSblILg==
age: 3386175
x-cache: HIT
content-length: 5736
x-ms-lease-status: unlocked
last-modified: Mon, 25 Oct 2021 18:32:56 GMT
server: ECAcc (frc/8F8B)
etag: 0x8D997E5DD3425FC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 82e0f209-401e-006b-7aa2-cb8839000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK logo.svg
leazing.fr/vmail/ 4 KB
4 KB 22ms
21ms Image
image/svg+xml 51.159.18.46
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leazing.fr/vmail/logo.svg

Requested by

Host: leazing.fr
URL: https://leazing.fr/vmail/ws1.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.159.18.46 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

sd-147578.dedibox.fr

Software

nginx /

Resource Hash

04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000, max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://leazing.fr/vmail/ws1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 07:00:27 GMT
Last-Modified: Tue, 30 Nov 2021 23:11:11 GMT
Server: nginx
ETag: "61a6af8f-e43"
Strict-Transport-Security: max-age=63072000, max-age=63072000
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3651
Expires: Wed, 05 Jan 2022 07:00:27 GMT

GET
H2 200 arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 513 B
426 B 8ms
7ms Image
image/svg+xml 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
Requested by: Host: leazing.fr
URL: https://leazing.fr/vmail/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6C) /
Resource Hash: 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://leazing.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
content-md5: TjUQkZ0p0Y7rbj6LJofS9Q==
age: 16510582
x-cache: HIT
content-length: 276
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:45 GMT
server: ECAcc (frc/8F6C)
etag: 0x8D79A1B9B05915D
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c711e8bd-e01e-0094-3b45-547244000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 202ms
118ms Other
text/html 20.190.159.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: leazing.fr
URL: https://leazing.fr/vmail/ws1.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.190.159.138 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://leazing.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
19 KB 8ms
8ms Other
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: leazing.fr
URL: https://leazing.fr/vmail/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://leazing.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 5496201
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (frc/8FCC)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
12 KB 10ms
10ms Other
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by: Host: leazing.fr
URL: https://leazing.fr/vmail/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6C) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://leazing.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
content-md5: GYbSFdLE8Xb9pCzSg7cJ6A==
age: 3683210
x-cache: HIT
content-length: 12608
x-ms-lease-status: unlocked
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (frc/8F6C)
etag: 0x8D992B5E417004E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6044ad75-801e-004b-7fef-c8f668000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 / Show response
www.zurich.com/ Frame 9833 212 B
539 B 70ms
16ms Document
text/html 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/
Requested by: Host: leazing.fr
URL: https://leazing.fr/vmail/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://leazing.fr/

Response headers

content-type: text/html
cache-control: no-cache, no-store
content-length: 212
x-iinfo: 4-88811479-0 0NNN RT(1638774026971 0) q(0 -1 -1 1) r(0 -1) B10(4,314,0) U18

GET
H/1.1

200
OK

ws1.php
www.leazing.fr/vmail/
Redirect Chain

https://leazing.fr/vmail/);
https://www.leazing.fr/vmail/
https://www.leazing.fr/vmail/ws1.php

0
0

24ms
24ms

Image
text/html

51.159.18.46
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leazing.fr/vmail/ws1.php
Requested by: Host: leazing.fr
URL: https://leazing.fr/vmail/ws1.php
Protocol: HTTP/1.1
Server: 51.159.18.46 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: sd-147578.dedibox.fr
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://leazing.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 07:00:27 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000, max-age=63072000
Content-Type: text/html
Location: ws1.php
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 _Incapsula_Resource Show response
www.zurich.com/ Frame 9833 169 KB
25 KB 26ms
26ms Script
application/javascript 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6875c967b65657ad1428d6e197e8ffa288f2f1bc90465db42e2d25e446cc95a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 25029
content-type: application/javascript

GET
H2 200 _Incapsula_Resource Show response
www.zurich.com/ Frame 9833 29 B
264 B 23ms
23ms XHR
application/javascript 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/_Incapsula_Resource?SWHANEDL=7304600070301301722,4199754589052464199,6250699168868385637,1790243
Requested by: Host: demobile.web.app
URL: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 558a8ed81355f3cdfc69e59973acfc8550afd2f57c7c0edd91e1375b605bc15b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 29
content-type: application/javascript

GET
H2

200

/ Show response
www.zurich.com/ Frame 9833
Redirect Chain

https://www.zurich.com/
https://www.zurich.com/

95 KB
19 KB

333ms
333ms

Document
text/html

45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/
Requested by: Host: demobile.web.app
URL: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2b7728e29e061baeafae92202616d8e3cf6069a2fb0edfc6ab33f42e132d6b6c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
date: Mon, 06 Dec 2021 07:00:26 GMT
x-cdn: Imperva
x-iinfo: 4-88811500-88811501 NNNN CT(22 21 0) RT(1638774027188 0) q(0 0 1 -1) r(3 4) U12

Redirect headers

cache-control: no-cache, no-store
content-type: text/html
content-length: 122
x-iinfo: 4-88811490-0 NNNN RT(1638774027091 0) q(0 0 -1 -1) r(1 -1) b6 U18
location: https://www.zurich.com/

GET
H2 200 _Incapsula_Resource
www.zurich.com/ Frame 9833 1 B
245 B 15ms
15ms Image
text/plain 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/_Incapsula_Resource?SWKMTFSR=1&e=0.23768417252219054
Requested by: Host: leazing.fr
URL: https://leazing.fr/vmail/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET _Incapsula_Resource
www.zurich.com/ Frame 9833 0
0

GET
H2 200 optimized-min.css
www.zurich.com/-/media/feature/experience-accelerator/bootstrap-4/bootstrap-4/styles/ Frame 9833 29 KB
7 KB 18ms
17ms Stylesheet
text/css 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/-/media/feature/experience-accelerator/bootstrap-4/bootstrap-4/styles/optimized-min.css?rev=2ef8b6e305ad4dc3b24235d0eac865b2&t=20210515T174254Z&hash=7D735C23F306105186EF3BAEECBEB53A
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7139f07f917998f1a482f070139ce5b0e448669a8f77e9710e74e1a2307f564e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
last-modified: Sat, 15 May 2021 17:42:54 GMT
x-cdn: Imperva
etag: 9825bbfd62f846b7b08db5c4382ad1c7
vary: Accept-Encoding
content-type: text/css
x-iinfo: 4-88811521-0 0CNN RT(1638774027534 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=89226, public
content-disposition: inline; filename="optimized-min.css"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 6376
expires: Tue, 07 Dec 2021 07:47:33 GMT

GET
H2 200 optimized-min.css
www.zurich.com/-/media/themes/dotcom/styles/ Frame 9833 414 KB
81 KB 21ms
20ms Stylesheet
text/css 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9c8c4ed761dd345134d78e59e4447f30f01023e6dcab5439e03c65128b42833c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 07:43:10 GMT
x-cdn: Imperva
etag: 54a22f8290be456dbd7ab6a700cb3937
vary: Accept-Encoding
content-type: text/css
x-iinfo: 4-88811522-0 0CNN RT(1638774027538 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=89228, public
content-disposition: inline; filename="optimized-min.css"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 82984
expires: Tue, 07 Dec 2021 07:47:35 GMT

GET
H2 200 VisitorIdentification.js Show response
www.zurich.com/layouts/system/ Frame 9833 2 KB
1 KB 50ms
49ms Script
application/javascript 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/layouts/system/VisitorIdentification.js
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 4a040240e5c7d1585f93b2a8f23159cd8e4d4ecac28fc371a3b5f539a08f66e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 05:46:22 GMT
x-cdn: Imperva
etag: "6d4e5722de0d71:0"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 4-88811523-0 0CNN RT(1638774027541 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=11995, public
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 780
expires: Mon, 06 Dec 2021 10:20:22 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/zurich-group/grp-default/prod/ Frame 9833 109 B
343 B 51ms
15ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/zurich-group/grp-default/prod/utag.sync.js
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2389b46f025c29b0b446267bc0146e7d544c86c2e2695a26472e90ca76630d3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 15:01:12 GMT
server: AkamaiNetStorage
etag: "2bbe3ef5af5b810b3f7ecc216bec1204:1638198072.819284"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 118
expires: Mon, 06 Dec 2021 07:05:27 GMT

GET
H2 200 0747FC10D2F448D0BDC082F32C908B66.ashx
www.zurich.com/-/media/ Frame 9833 220 KB
220 KB 36ms
36ms Image
image/jpeg 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/0747FC10D2F448D0BDC082F32C908B66.ashx
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d117e910b473eb2b3218007cbfe491c97bc00efd04c98182787f20888a57d9c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Fri, 05 Nov 2021 13:13:26 GMT
x-cdn: Imperva
etag: 53a6235aba394f5c867d378cd409a001
content-type: image/jpeg
x-iinfo: 4-88811532-0 0CNN RT(1638774027590 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=92459, public
content-disposition: inline; filename="stage-z-talks-by-zurich-1.jpg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 225217
expires: Tue, 07 Dec 2021 08:41:26 GMT

GET
H2 200 quicklinks-sprite-3.svg
www.zurich.com/-/media/project/zurich/dotcom/home/images/ Frame 9833 9 KB
3 KB 38ms
36ms Image
image/svg+xml 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/project/zurich/dotcom/home/images/quicklinks-sprite-3.svg
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 086666ac482e38a17f8d7ade7fb6779903e06b563258ce3f7bcda9d509814705

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 08:55:44 GMT
x-cdn: Imperva
etag: 09f18ccf77f74ea2b542edaa829490b4
content-type: image/svg+xml
x-iinfo: 4-88811533-0 0CNN RT(1638774027599 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=93828, public
content-disposition: inline; filename="quicklinks-sprite-3.svg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 2988
expires: Tue, 07 Dec 2021 09:04:15 GMT

GET
H2 200 stage-statues-glasgow.jpg
www.zurich.com/-/media/Project/Zurich/Dotcom/campaigns/gbc/stage/ Frame 9833 145 KB
145 KB 39ms
37ms Image
image/jpeg 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/Project/Zurich/Dotcom/campaigns/gbc/stage/stage-statues-glasgow.jpg
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 74cd8137acbc1a6e89405ac2bd3098d744b9aec5b9cfc80ee54ea963664355cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Mon, 25 Oct 2021 15:13:42 GMT
x-cdn: Imperva
etag: b069b617e6a940b4a2d98c533a1ae2c0
content-type: image/jpeg
x-iinfo: 4-88811534-0 0CNN RT(1638774027600 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=89229, public
content-disposition: inline; filename="stage-statues-glasgow.jpg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 148266
expires: Tue, 07 Dec 2021 07:47:36 GMT

GET
H2 200 27884FA1C73F44C68D08E94487FDC78D.ashx
www.zurich.com/-/media/ Frame 9833 247 KB
248 KB 52ms
50ms Image
image/jpeg 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/27884FA1C73F44C68D08E94487FDC78D.ashx
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: cc216de13f977863a8e196f0966f3bdf06017513e9aaa9734c293d720db7ab61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Fri, 08 Oct 2021 15:30:25 GMT
x-cdn: Imperva
etag: 1fd64c9b73e44b859c389b9d7e38b407
content-type: image/jpeg
x-iinfo: 4-88811535-0 0CNN RT(1638774027601 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=92459, public
content-disposition: inline; filename="1920x1080-5-reasons-to-be-optimistic.jpg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 253205
expires: Tue, 07 Dec 2021 08:41:26 GMT

GET
H2 200 teaser-staying-afloat-during-floods.jpg
www.zurich.com/-/media/project/zurich/dotcom/industry-knowledge/flood-and-water-damage/images/ Frame 9833 260 KB
261 KB 85ms
83ms Image
image/jpeg 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/project/zurich/dotcom/industry-knowledge/flood-and-water-damage/images/teaser-staying-afloat-during-floods.jpg?rev=d7e33cd89db849b4982192a350a994e2
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: b06067be19e0e2e023602a0becf87fc20bc2a40d6f606d4a647bab3d30619828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Fri, 26 Nov 2021 14:38:00 GMT
x-cdn: Imperva
etag: 90d2495b3ffc4feabce74020f7e37e31
content-type: image/jpeg
x-iinfo: 4-88811536-0 0CNN RT(1638774027603 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=89229, public
content-disposition: inline; filename="teaser-staying-afloat-during-floods.jpg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 266278
expires: Tue, 07 Dec 2021 07:47:36 GMT

GET
H2 200 teaser-battle-for-biodiversity-understanding-the-value-of-nature.jpg
www.zurich.com/-/media/project/zurich/dotcom/industry-knowledge/climate-change/images/ Frame 9833 153 KB
154 KB 122ms
120ms Image
image/jpeg 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/project/zurich/dotcom/industry-knowledge/climate-change/images/teaser-battle-for-biodiversity-understanding-the-value-of-nature.jpg?rev=74741d274f0040d5bf7606a28cd96393
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: b395c15c7d51ba6975254495e010e11420d24650bb0dafc213a8401a3760f4a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Wed, 10 Nov 2021 11:09:56 GMT
x-cdn: Imperva
etag: 81118b4da15d41cfb8bf777b522de114
content-type: image/jpeg
x-iinfo: 4-88811537-0 0CNN RT(1638774027606 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=89229, public
content-disposition: inline; filename="teaser-battle-for-biodiversity-understanding-the-value-of-nature.jpg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 156886
expires: Tue, 07 Dec 2021 07:47:36 GMT

GET
H2 200 teaser-the-gathering-storm-adapting-to-change.jpg
www.zurich.com/-/media/project/zurich/dotcom/industry-knowledge/climate-change/images/ Frame 9833 98 KB
99 KB 134ms
133ms Image
image/jpeg 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/project/zurich/dotcom/industry-knowledge/climate-change/images/teaser-the-gathering-storm-adapting-to-change.jpg?rev=a0db047e2f6d4320b8f88cd9144c2f6a
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d3228b0aabf6238236548b9508c941cbaae78375b99aa5662330f27ed5344ff2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Thu, 11 Nov 2021 10:41:28 GMT
x-cdn: Imperva
etag: 0696fafec7a74f6583a4c6e8fe944f85
content-type: image/jpeg
x-iinfo: 4-88811538-0 0CNN RT(1638774027607 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=89229, public
content-disposition: inline; filename="teaser-the-gathering-storm-adapting-to-change.jpg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 100809
expires: Tue, 07 Dec 2021 07:47:36 GMT

GET
H2 200 52BD96431D6648E99208414D3BF1D062.ashx
www.zurich.com/-/media/ Frame 9833 292 KB
292 KB 146ms
144ms Image
image/jpeg 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/52BD96431D6648E99208414D3BF1D062.ashx
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ef6323cdd41e716c924ebeac4afcf5c5025000a22d9395e9db67f65c13c78a4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Thu, 07 Oct 2021 17:42:18 GMT
x-cdn: Imperva
etag: e5c368a2241f4c8ba5fd6d498631c0e4
content-type: image/jpeg
x-iinfo: 4-88811539-0 0CNN RT(1638774027609 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=93828, public
content-disposition: inline; filename="stage-zurich-resilience-solutions.jpg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 298642
expires: Tue, 07 Dec 2021 09:04:15 GMT

GET
H2 200 F73F9216143D492796288424B57B5923.ashx
www.zurich.com/-/media/ Frame 9833 235 KB
236 KB 161ms
160ms Image
image/jpeg 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/F73F9216143D492796288424B57B5923.ashx
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c9393d3c900adacb5948f0d4f455804c0317fb469f67f8526dc7fd7bbb3edfd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Wed, 01 Dec 2021 10:42:00 GMT
x-cdn: Imperva
etag: 58c82e64c780437c9dea0d35893889c8
content-type: image/jpeg
x-iinfo: 4-88811540-0 0CNN RT(1638774027610 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=352812, public
content-disposition: inline; filename="stage-inside-the-mind-of-a-young-climate-activist.jpg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 241112
expires: Fri, 10 Dec 2021 09:00:39 GMT

GET
H2 200 4BFF9E6780C249009D333366A673C136.ashx
www.zurich.com/-/media/ Frame 9833 357 KB
357 KB 170ms
169ms Image
image/jpeg 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/4BFF9E6780C249009D333366A673C136.ashx
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 58ed5a49319e2ce32057321c26eb3c0b6421fc6569767e4f85a5fcde6daa39c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Thu, 07 Oct 2021 15:12:10 GMT
x-cdn: Imperva
etag: d6ce100407e043b3b0eae431d217e0fa
content-type: image/jpeg
x-iinfo: 4-88811541-0 0CNN RT(1638774027610 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=186022, public
content-disposition: inline; filename="stage-olaf-frozen.jpg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 365198
expires: Wed, 08 Dec 2021 10:40:49 GMT

GET
H2 200 AF40EDA475FB47988F3ACE1D28F0323B.ashx
www.zurich.com/-/media/ Frame 9833 213 KB
213 KB 177ms
176ms Image
image/jpeg 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/AF40EDA475FB47988F3ACE1D28F0323B.ashx
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c2920d4b7a2409219002adee50b7eff2131a0c565855f7d6b0b31bed2385fa86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Tue, 16 Nov 2021 11:00:55 GMT
x-cdn: Imperva
etag: 2358837e1ff6472ebbd9217f4e15bcf0
content-type: image/jpeg
x-iinfo: 4-88811542-0 0CNN RT(1638774027611 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=93828, public
content-disposition: inline; filename="stage-why-dont-men-talk-about-their-feelings.jpg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 217850
expires: Tue, 07 Dec 2021 09:04:15 GMT

GET
H2 200 5CA66B1C20FE4D14831C6FEFDFA94F5B.ashx
www.zurich.com/-/media/ Frame 9833 208 KB
209 KB 187ms
187ms Image
image/jpeg 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/5CA66B1C20FE4D14831C6FEFDFA94F5B.ashx
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: dfce9c2886fbce2f777a9e48c67996c5e9d1ffde5af946939ef729cb62daa32d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Wed, 17 Nov 2021 09:24:28 GMT
x-cdn: Imperva
etag: c6bf07769a694568a32ae1302f18856b
content-type: image/jpeg
x-iinfo: 4-88811543-0 0CNN RT(1638774027612 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=90305, public
content-disposition: inline; filename="stage-7-steps-to-stay-safe-in-the-holiday-online-shopping-splurge.jpg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 213084
expires: Tue, 07 Dec 2021 08:05:32 GMT

GET
H2 200 teaser-zzf.jpg
www.zurich.com/-/media/project/zurich/dotcom/sustainability/images/ Frame 9833 239 KB
240 KB 197ms
197ms Image
image/jpeg 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/project/zurich/dotcom/sustainability/images/teaser-zzf.jpg
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 405047a552700ac6b9364d34d5807da86e1e12583fd65741282f01b8383a8055

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Fri, 08 Oct 2021 09:37:39 GMT
x-cdn: Imperva
etag: 7aeebec9c35b49dca105ebb1ee32187d
content-type: image/jpeg
x-iinfo: 4-88811544-0 0CNN RT(1638774027613 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=89229, public
content-disposition: inline; filename="teaser-zzf.jpg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 245200
expires: Tue, 07 Dec 2021 07:47:36 GMT

GET
H2 200 optimized-min.js Show response
www.zurich.com/-/media/themes/dotcom/scripts/ Frame 9833 357 KB
114 KB 16ms
16ms Script
application/x-javascript 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/-/media/themes/dotcom/scripts/optimized-min.js?rev=2eb973f05238432192352f4dd69e7a4b&t=20211130T133229Z&hash=D3AF35F028F6300271F01102E0E5D324
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: fa4cb4f24d8dee58357e7c5c35494263c83f36e17ac77e26fb1c3d62d94c3e1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 07:43:01 GMT
x-cdn: Imperva
etag: a8062d76f7674bd68a71312e72e8e678
vary: Accept-Encoding
content-type: application/x-javascript
x-iinfo: 4-88811530-0 0CNN RT(1638774027587 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=111582, public
content-disposition: inline; filename="optimized-min.js"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 116382
expires: Tue, 07 Dec 2021 14:00:09 GMT

GET
H2 200 _Incapsula_Resource Show response
www.zurich.com/ Frame 9833 143 KB
20 KB 207ms
206ms Script
application/javascript 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=4&cb=1373339531
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c56e81cbf9ade88b66654152f3ec2218818e29db3b608fc958a4c70c0b3a2080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 20602
content-type: application/javascript

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/zurich-group/grp-default/prod/ Frame 9833 398 KB
90 KB 51ms
50ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/zurich-group/grp-default/prod/utag.js
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 03f2936a3c66508407533616f430352cf0973de3a7d738123c88598c511e3364

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 15:01:13 GMT
server: AkamaiNetStorage
etag: "8d37d32a2a71572c3a246a40de8b6b49:1638198073.031176"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Mon, 06 Dec 2021 07:05:27 GMT

GET
H2 200 ZurichSans-Light_woff2.woff2
www.zurich.com/-/media/themes/dotcom/fonts/ZurichSans/ Frame 9833 22 KB
22 KB 196ms
196ms Font
application/octet-stream 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/-/media/themes/dotcom/fonts/ZurichSans/ZurichSans-Light_woff2.woff2
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f78b716b3ffcee267c16f97dc481f51f041443edae74b05023a5a31ffd5b3c31

Request headers

Referer: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
Origin: https://www.zurich.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Tue, 26 Oct 2021 06:32:53 GMT
x-cdn: Imperva
etag: 3a3c215638324ef1951e2a42e733da10
content-type: application/octet-stream
access-control-allow-origin: https://www.zurich.com
x-iinfo: 4-88811546-0 0CNN RT(1638774027621 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=91138, public
content-disposition: attachment; filename="ZurichSans-Light_woff2.woff2"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 22132
expires: Tue, 07 Dec 2021 08:19:25 GMT

GET
H2 200 zurich-icons_woff2.woff2
www.zurich.com/-/media/themes/dotcom/fonts/zIcons/ Frame 9833 64 KB
65 KB 195ms
195ms Font
application/octet-stream 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/-/media/themes/dotcom/fonts/zIcons/zurich-icons_woff2.woff2
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 137a69498d304e3027a8b9f6eb07bdee5ef53fa7e387d3705044f2024aed15ed

Request headers

Referer: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
Origin: https://www.zurich.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Tue, 23 Nov 2021 07:01:58 GMT
x-cdn: Imperva
etag: 2580df536c444b2daf79d313173698c9
content-type: application/octet-stream
access-control-allow-origin: https://www.zurich.com
x-iinfo: 4-88811547-0 0CNN RT(1638774027622 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=89376, public
content-disposition: attachment; filename="zurich-icons_woff2.woff2"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 65636
expires: Tue, 07 Dec 2021 07:50:03 GMT

GET
H2 200 ZurichSans-Regular_woff2.woff2
www.zurich.com/-/media/themes/dotcom/fonts/ZurichSans/ Frame 9833 22 KB
22 KB 201ms
200ms Font
application/octet-stream 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/-/media/themes/dotcom/fonts/ZurichSans/ZurichSans-Regular_woff2.woff2
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6bd115330118cf151f45a0a62ff19de437bd1c8c86e2bc1d01303f10f553d985

Request headers

Referer: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
Origin: https://www.zurich.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Tue, 26 Oct 2021 06:33:03 GMT
x-cdn: Imperva
etag: 6324d5552c124f9f863d6a153c1589da
content-type: application/octet-stream
access-control-allow-origin: https://www.zurich.com
x-iinfo: 4-88811548-0 0CNN RT(1638774027623 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=89376, public
content-disposition: attachment; filename="ZurichSans-Regular_woff2.woff2"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 22208
expires: Tue, 07 Dec 2021 07:50:03 GMT

GET
H2 200 Ogg-Regular_woff2.woff2
www.zurich.com/-/media/themes/dotcom/fonts/Ogg/ Frame 9833 59 KB
60 KB 203ms
203ms Font
application/octet-stream 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/-/media/themes/dotcom/fonts/Ogg/Ogg-Regular_woff2.woff2
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 3e85b32666748c1d87cf20701468244b8662ef85417d44bc7f731bc4bbc56db4

Request headers

Referer: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
Origin: https://www.zurich.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Tue, 26 Oct 2021 06:32:36 GMT
x-cdn: Imperva
etag: 9b09633a44604f3e883ea1128311d0c1
content-type: application/octet-stream
access-control-allow-origin: https://www.zurich.com
x-iinfo: 4-88811549-0 0CNN RT(1638774027624 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=92425, public
content-disposition: attachment; filename="Ogg-Regular_woff2.woff2"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 60836
expires: Tue, 07 Dec 2021 08:40:52 GMT

GET
H2 200 ZurichSans-SemiBold_woff2.woff2
www.zurich.com/-/media/themes/dotcom/fonts/ZurichSans/ Frame 9833 22 KB
22 KB 210ms
210ms Font
application/octet-stream 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/-/media/themes/dotcom/fonts/ZurichSans/ZurichSans-SemiBold_woff2.woff2
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 50e59be4b2c7a1eb000ef322c1d27e50adfd8cddda05db0d60899dcb0dc71d66

Request headers

Referer: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
Origin: https://www.zurich.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:27 GMT
last-modified: Tue, 26 Oct 2021 06:33:10 GMT
x-cdn: Imperva
etag: 3a8ac60ecbea409a84a93cb82569034f
content-type: application/octet-stream
access-control-allow-origin: https://www.zurich.com
x-iinfo: 4-88811550-0 0CNN RT(1638774027625 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=91138, public
content-disposition: attachment; filename="ZurichSans-SemiBold_woff2.woff2"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 22156
expires: Tue, 07 Dec 2021 08:19:25 GMT

GET
H/1.1 200
OK check Show response
api.ipstack.com/ Frame 9833 934 B
1 KB 480ms
128ms Fetch
application/json 34.197.248.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipstack.com/check?access_key=359b80247a54d532b554e98ce2026db0
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/-/media/themes/dotcom/scripts/optimized-min.js?rev=2eb973f05238432192352f4dd69e7a4b&t=20211130T133229Z&hash=D3AF35F028F6300271F01102E0E5D324
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.248.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-248-129.compute-1.amazonaws.com
Software: /
Resource Hash: 3a86effc7c4dd167081f9faa7af8a7deca2635528b2839fe0311a96273a69496

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:28 GMT
x-apilayer-transaction-id: 2cb40a24-a263-4f6c-9625-4ed20e8ff2b8
transfer-encoding: chunked
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-request-time: 0.030
x-quota-limit: 500000
access-control-allow-headers: *
x-increment-usage: 1
x-quota-remaining: 456365

GET
H2 200 utag.123.js Show response
tags.tiqcdn.com/utag/zurich-group/grp-default/prod/ Frame 9833 18 KB
5 KB 27ms
26ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/zurich-group/grp-default/prod/utag.123.js?utv=ut4.47.202111291501
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/zurich-group/grp-default/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2050db2fdf1ee8089a171f78de3b2f87c84407a411ebca17c597f63b4e5779a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:28 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 12:55:29 GMT
server: AkamaiNetStorage
etag: "e38ad3a7b9a67d5f75113ba13d584130:1629291329.24609"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4773
expires: Tue, 21 Dec 2021 07:00:28 GMT

GET
H2 200 utag.128.js Show response
tags.tiqcdn.com/utag/zurich-group/grp-default/prod/ Frame 9833 73 KB
23 KB 29ms
28ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/zurich-group/grp-default/prod/utag.128.js?utv=ut4.47.202111291501
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/zurich-group/grp-default/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f05c97b3f88c04a72f89c2f4c49af9fe4c92c7df6d464d2a94e2e1de45838ed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:28 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 15:01:12 GMT
server: AkamaiNetStorage
etag: "e52d0920dd445d8a36cae52777c662fd:1638198072.248064"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 23698
expires: Tue, 21 Dec 2021 07:00:28 GMT

GET
H/1.1 200
OK odc.js Show response
c.oracleinfinity.io/acs/account/9cwwojhdmh/js/main/ Frame 9833 39 KB
12 KB 137ms
10ms Script
application/javascript 23.45.108.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.oracleinfinity.io/acs/account/9cwwojhdmh/js/main/odc.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/zurich-group/grp-default/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.108.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-108-166.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c13c7e1d74caf1b83ff942d6bd58557908e29c037331af5d32c0f581a486a32c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 07:00:28 GMT
Content-Encoding: gzip
Content-MD5: mFYfSRWSuoY2R4u/C2yboQ==
Access-Control-Allow-Origin: *
Connection: keep-alive
storage-tier: Standard
Content-Length: 10963
Pragma: no-cache
Last-Modified: Fri, 02 Oct 2020 12:45:37 GMT
opc-request-id: iad-1:3OPydC0e_6Pfim6Aa_pFQerdXx_WOPV6vkx84sUXmwrU9ZgOjIPQZ2ruXEw7v_u0
x-api-id: native
ETag: 288dbefd-56d6-4e74-b633-cae19fcf41a5
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: application/javascript; charset=UTF-8
version-id: fb3ddff3-ef96-469d-87f4-96ef59faf7c6
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Cache-Control: max-age=0, no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Mon, 06 Dec 2021 07:00:28 GMT

GET
H2 200 _Incapsula_Resource
www.zurich.com/ Frame 9833 1 B
245 B 80ms
79ms Image
text/plain 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8527332258747986
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ Frame 9833 2 B
202 B 32ms
32ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=zurich-group/grp-default/202111291501&cb=1638774028200
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/zurich-group/grp-default/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:28 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 06 Dec 2021 07:10:28 GMT

GET
H/1.1 200
OK common.js Show response
c.oracleinfinity.io/acs/common/js/1.3.37/ Frame 9833 33 KB
12 KB 9ms
9ms Script
application/javascript 23.45.108.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.oracleinfinity.io/acs/common/js/1.3.37/common.js
Requested by: Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/9cwwojhdmh/js/main/odc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.108.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-108-166.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65228fd2558cd49b47573d964a5615c31fa39a7c621990a4e3fb2438f2be05d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 07:00:28 GMT
Content-Encoding: gzip
Content-MD5: i3lzre/Ca4wN1pXfrk1n9w==
Access-Control-Allow-Origin: *
Connection: keep-alive
storage-tier: Standard
Content-Length: 11579
Pragma: no-cache
Last-Modified: Sat, 11 Jul 2020 02:07:25 GMT
opc-request-id: iad-1:zSgtYBWkhmBr1JWfMAoNghUTZH7tEC4W7nycSIJW0wAPvHjBAvowkf_ApJI0EIRy
x-api-id: native
ETag: 9e584f22-eda0-480e-8f51-7abe4ffee9fe
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: application/javascript; charset=UTF-8
version-id: d5e20d9f-cf77-4a6c-ab0c-a76641532980
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Cache-Control: max-age=0, no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Mon, 06 Dec 2021 07:00:28 GMT

GET
H/1.1 200
OK analytics.js Show response
c.oracleinfinity.io/acs/account/9cwwojhdmh/js/main/analytics-default/ Frame 9833 25 KB
9 KB 18ms
8ms Script
application/javascript 23.45.108.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.oracleinfinity.io/acs/account/9cwwojhdmh/js/main/analytics-default/analytics.js
Requested by: Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/account/9cwwojhdmh/js/main/odc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.108.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-108-166.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 86af1846068e70008a8d326c5d2e7bbd2eb4fc1edf8d016b27634ad0e79cccfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 06 Dec 2021 07:00:28 GMT
Content-Encoding: gzip
Content-MD5: LkYQUZOZbQWTxPgjpbkrgQ==
Access-Control-Allow-Origin: *
Connection: keep-alive
storage-tier: Standard
Content-Length: 8159
Pragma: no-cache
Last-Modified: Fri, 02 Oct 2020 12:45:37 GMT
opc-request-id: iad-1:OZPA1Df8AcsIGvicF9J_E8z3aOn-d4BAnBgchETXRVyixIGpsBe01U4rcQQDTJV8
x-api-id: native
ETag: 34ba3deb-e3a1-47a7-8fbf-867203bc4833
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: application/javascript; charset=UTF-8
version-id: 4c26a535-5a88-4959-a4e3-95fb8e3fefda
Access-Control-Expose-Headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
Cache-Control: max-age=0, no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: Mon, 06 Dec 2021 07:00:28 GMT

GET
H/1.1 200
OK wtid.js Show response
dc.oracleinfinity.io/9cwwojhdmh/ Frame 9833 189 B
372 B 40ms
8ms Script
text/plain 130.61.67.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://dc.oracleinfinity.io/9cwwojhdmh/wtid.js?callback=ORA.analytics.dcsRef.dcsGetIdCallback
Requested by: Host: c.oracleinfinity.io
URL: https://c.oracleinfinity.io/acs/common/js/1.3.37/common.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.61.67.95 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: b3ddeccf7ca2b306a5ce43804ac7beb68377f335a050c81613856aa520bfa914

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 07:00:28 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/plain
Content-Length: 189
Expires: -1

GET
H/1.1 200
OK dcs.gif
dc.oracleinfinity.io/9cwwojhdmh/ Frame 9833 43 B
371 B 8ms
8ms Image
image/gif 130.61.67.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dc.oracleinfinity.io/9cwwojhdmh/dcs.gif?dcssip=www.zurich.com&dcsuri=/en/&wt.es=www.zurich.com/en/&wt.ti=zurich%20insurance%20group%20|%20zurich%20insurance&wt.i_tag_generator=tealium-iq&wt.i_event_generator_system=not-set&wt.i_platformname=glo-web&wt.i_platformenv=prod,%20north&wt.i_dataenv=live&wt.i_url=https://www.zurich.com/&wt.i_urlhost=www.zurich.com&wt.i_urlpath=/&wt.i_lvl1=dotcom&wt.i_lvl2=home&wt.cg_n=overview&wt.i_language=en&wt.i_page_templatetype=home&wt.i_event_type=pageview-physical&wt.i_input_url=https://www.zurich.com/&dcsdat=1638774028375&dcsref=https://www.zurich.com/&wt.tz=0&wt.bh=7&wt.ul=en-US&wt.cd=24&wt.sr=1600x1200&wt.jo=No&wt.js=Yes&wt.bs=1600x1200&wt.dl=0&wt.ssl=1&wt.tv=1.0.4&wt.ce=1&wt.vt_f=2&ora.tag_id=main&ora.tag_config=default

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

130.61.67.95 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Dec 2021 07:00:28 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cache-Control: no-cache
Content-Security-Policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H2 200 routing.json Show response
www.zurich.com/-/media/project/zurich/dotcom/data/ Frame 9833 47 KB
47 KB 17ms
17ms Fetch
application/octet-stream 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zurich.com/-/media/project/zurich/dotcom/data/routing.json?v=4
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/-/media/themes/dotcom/scripts/optimized-min.js?rev=2eb973f05238432192352f4dd69e7a4b&t=20211130T133229Z&hash=D3AF35F028F6300271F01102E0E5D324
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 30a330011bd3bb02b4bb1102e8d0a4b992d79845bf81c3468948c755fc938c5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:28 GMT
last-modified: Fri, 08 Oct 2021 09:19:02 GMT
x-cdn: Imperva
etag: 98fb26258d814f60b315bda727c6d07c
content-type: application/octet-stream
x-iinfo: 4-88811583-0 0CNN RT(1638774028197 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=100164, public
content-disposition: attachment; filename="routing.json"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 47630
expires: Tue, 07 Dec 2021 10:49:52 GMT

GET
H2 200 flag.svg
www.zurich.com/-/media/themes/dotcom/images/ Frame 9833 617 KB
151 KB 17ms
16ms Image
image/svg+xml 45.60.78.208
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zurich.com/-/media/themes/dotcom/images/flag.svg
Requested by: Host: www.zurich.com
URL: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.78.208 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7846ca3d8b09793eb0ffb2b7ebc22d845696779b762e2a122d6411694a05d20d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/-/media/themes/dotcom/styles/optimized-min.css?rev=81ccf127fe01467f851e5e70bd4af919&t=20211130T074310Z&hash=FB6E410E2C0F1719821D98BB64D45B61
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:28 GMT
content-encoding: gzip
last-modified: Sat, 31 Oct 2020 08:05:19 GMT
x-cdn: Imperva
etag: 390b56808f804b2ea2e72fa793e83b04
content-type: image/svg+xml
x-iinfo: 4-88811584-0 0CNN RT(1638774028222 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=93834, public
content-disposition: inline; filename="Flag.svg"
request-context: appId=cid-v1:ca452ec6-25a1-4356-b060-60f74e193acc
accept-ranges: bytes
content-length: 154128
expires: Tue, 07 Dec 2021 09:04:22 GMT

GET
H2 200 s81598038474776
zurich.data.adobedc.net/b/ss/zurichversicherungs.all.prod,zurichversicherungs.grp.all.prod/1/JS-2.22.0/ Frame 9833 43 B
393 B 63ms
17ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zurich.data.adobedc.net/b/ss/zurichversicherungs.all.prod,zurichversicherungs.grp.all.prod/1/JS-2.22.0/s81598038474776?AQB=1&ndh=1&pf=1&t=6%2F11%2F2021%207%3A0%3A30%201%200&sdid=1C7E7C49CF6AB3DB-751771969080AFF0&mid=20479942637550145561284403956473956425&ce=UTF-8&ns=visitor&cdp=2&g=https%3A%2F%2Fwww.zurich.com%2F&r=https%3A%2F%2Fwww.zurich.com%2F&c1=D%3Dv1&v1=https%3A%2F%2Fwww.zurich.com%2Fen%2F&v2=www.zurich.com%2Fen%2F&v3=www.zurich.com&c4=D%3Dv4&v4=%2Fen%2F&c6=dotcom&c7=home&v7=dotcom%7Edotcom%2Fhome%7Edotcom%2Fhome%2Foverview%7Eno%20level%7Eno%20level%7Eno%20level%7Eno%20level%7Eno%20level&c8=overview&v12=https%3A%2F%2Fwww.zurich.com%2F&v13=www.zurich.com%2F&v14=https%3A%2F%2Fwww.zurich.com%2F&c15=D%3Dv15&v15=home&c16=D%3Dv16&v16=glo-web&c17=D%3Dv17&v17=glo&v18=en&v25=D%3Dv0&v56=pageview-physical&v125=D%3Dv124&v150=D%3Dmid&v151=1638774028080&v152=017d8e8b372f0022215998a15f4003072001706a00b08&v153=D%3DUser-Agent&v154=2021-12-06t07%3A00%3A28&v155=1638774028&v156=utc%3A2021-12-06t07%3A00%3A28.081%7Elt%3A2021-12-06t07%3A00%3A28.081z&v157=ec%3A2.22.0%7Eaa%3A5.2.0%7Eep%3Anot-set&v158=zurich-group%3A%3Agrp-default%3A%3Aprod%3A%3Aut4.47.202111291501&v159=de%3Alive%7Epe%3Aprod%2C%20north&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=D2472AE45FD7179B0A495CB0%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zurich.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:00:30 GMT
x-content-type-options: nosniff
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 07 Dec 2021 07:00:30 GMT
server: jag
xserver: anedge-6988cccb6f-4sxpn
etag: 3519240433115660288-4619798320027956591
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 05 Dec 2021 07:00:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.live.com
URL: https://login.live.com/Me.htm?v=3

Domain: www.
URL: https://www.%3C/?php%20echo%20$domain;%20?%3E

Domain: www.zurich.com
URL: https://www.zurich.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A1%2Cc%3A27%2Cr%3A460)

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
leazing.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: u541ulpsvh0gqabf4ivadpsdll
www.leazing.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8q1gdt42nsqn673q6p7md82uv5
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: a8b946cb8ecb46509a49a15bca4cff25
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1638774027&co=1
www.zurich.com/	1969-12-31 23:59:59	Name: shell#lang Value: en
www.zurich.com/	1970-01-23 14:48:54	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 753ec77f948046c49766ddc2c4d8700f\|False
www.zurich.com/	1969-12-31 23:59:59	Name: sxa_site Value: Dotcom

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://demobile.web.app/thr7Pmasa7XstruB8xkmannq0HzuriB8xha7XB8xr7Pm Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://demobile.web.app/); Message: Failed to load resource: the server responded with a status of 404 ()
deprecation	warning	Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
ad.atdmt.com
api.ipstack.com
c.oracleinfinity.io
dc.oracleinfinity.io
demobile.web.app
leazing.fr
login.live.com
simulea.fr
tags.tiqcdn.com
www.
www.leazing.fr
www.zurich.com
zurich.data.adobedc.net
login.live.com
www.
www.zurich.com
104.75.88.194
130.61.67.95
15.236.176.210
152.199.23.37
20.190.159.138
23.45.108.166
2620:0:890::100
2a03:2880:f01c:8004:face:b00c:0:8c
34.197.248.129
45.60.78.208
51.159.18.46
0140da8c4170309baa728814f96185de2c71bb6a9101d51cb040ece949aa3128
03f2936a3c66508407533616f430352cf0973de3a7d738123c88598c511e3364
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
086666ac482e38a17f8d7ade7fb6779903e06b563258ce3f7bcda9d509814705
137a69498d304e3027a8b9f6eb07bdee5ef53fa7e387d3705044f2024aed15ed
2050db2fdf1ee8089a171f78de3b2f87c84407a411ebca17c597f63b4e5779a6
2389b46f025c29b0b446267bc0146e7d544c86c2e2695a26472e90ca76630d3e
2b7728e29e061baeafae92202616d8e3cf6069a2fb0edfc6ab33f42e132d6b6c
30a330011bd3bb02b4bb1102e8d0a4b992d79845bf81c3468948c755fc938c5e
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
3a86effc7c4dd167081f9faa7af8a7deca2635528b2839fe0311a96273a69496
3e85b32666748c1d87cf20701468244b8662ef85417d44bc7f731bc4bbc56db4
405047a552700ac6b9364d34d5807da86e1e12583fd65741282f01b8383a8055
4a040240e5c7d1585f93b2a8f23159cd8e4d4ecac28fc371a3b5f539a08f66e7
50e59be4b2c7a1eb000ef322c1d27e50adfd8cddda05db0d60899dcb0dc71d66
558a8ed81355f3cdfc69e59973acfc8550afd2f57c7c0edd91e1375b605bc15b
58ed5a49319e2ce32057321c26eb3c0b6421fc6569767e4f85a5fcde6daa39c9
65228fd2558cd49b47573d964a5615c31fa39a7c621990a4e3fb2438f2be05d1
6875c967b65657ad1428d6e197e8ffa288f2f1bc90465db42e2d25e446cc95a8
6bd115330118cf151f45a0a62ff19de437bd1c8c86e2bc1d01303f10f553d985
7139f07f917998f1a482f070139ce5b0e448669a8f77e9710e74e1a2307f564e
74cd8137acbc1a6e89405ac2bd3098d744b9aec5b9cfc80ee54ea963664355cf
7846ca3d8b09793eb0ffb2b7ebc22d845696779b762e2a122d6411694a05d20d
7cb7621f3eb49c78b89d119106cf42981a3075da154dc96af6ca24f8f68c6f53
86af1846068e70008a8d326c5d2e7bbd2eb4fc1edf8d016b27634ad0e79cccfa
8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11
9c8c4ed761dd345134d78e59e4447f30f01023e6dcab5439e03c65128b42833c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3341bb53953eca994fb140e1e825cc89f8c0060815028d24b7f5bdd9b972bc0
b06067be19e0e2e023602a0becf87fc20bc2a40d6f606d4a647bab3d30619828
b395c15c7d51ba6975254495e010e11420d24650bb0dafc213a8401a3760f4a3
b3ddeccf7ca2b306a5ce43804ac7beb68377f335a050c81613856aa520bfa914
c13c7e1d74caf1b83ff942d6bd58557908e29c037331af5d32c0f581a486a32c
c2920d4b7a2409219002adee50b7eff2131a0c565855f7d6b0b31bed2385fa86
c56e81cbf9ade88b66654152f3ec2218818e29db3b608fc958a4c70c0b3a2080
c9393d3c900adacb5948f0d4f455804c0317fb469f67f8526dc7fd7bbb3edfd1
cc216de13f977863a8e196f0966f3bdf06017513e9aaa9734c293d720db7ab61
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d117e910b473eb2b3218007cbfe491c97bc00efd04c98182787f20888a57d9c9
d11b1bf4202334a76e4b60e2b2ba7470ff7a6b7dd8fd91c6500157358a6d7b3d
d3228b0aabf6238236548b9508c941cbaae78375b99aa5662330f27ed5344ff2
dfce9c2886fbce2f777a9e48c67996c5e9d1ffde5af946939ef729cb62daa32d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b270d2a6af5d01dd798963a97d66ce020da7501b55c0239c0b5d7c1d5d2375
ef6323cdd41e716c924ebeac4afcf5c5025000a22d9395e9db67f65c13c78a4c
f05c97b3f88c04a72f89c2f4c49af9fe4c92c7df6d464d2a94e2e1de45838ed6
f78b716b3ffcee267c16f97dc481f51f041443edae74b05023a5a31ffd5b3c31
fa4cb4f24d8dee58357e7c5c35494263c83f36e17ac77e26fb1c3d62d94c3e1b

leazing.fr Open in urlscan Pro 51.159.18.46 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

65 Requests

94 %HTTPS

18 %IPv6

12 Domains

14 Subdomains

11 IPs

4 Countries

3672 kBTransfer

5719 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

leazing.fr Open in urlscan Pro
51.159.18.46 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

94 %
HTTPS

18 %
IPv6

12
Domains

14
Subdomains

11
IPs

4
Countries

3672 kB
Transfer

5719 kB
Size

7
Cookies

65 HTTP transactions
1 data transactions