urlscan.io logo urlscan.io
SecurityTrails logo

urlz.fr Open in urlscan Pro
2606:4700:3038::6815:ead7  Malicious Activity! Private Scan

Go To Rescan Add Verdict Report
URL: https://urlz.fr/kDRf
Submission: On February 02 via api from DE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 6 countries across 27 domains to perform 95 HTTP transactions. The main IP is 2606:4700:3038::6815:ead7, located in United States and belongs to CLOUDFLARENET, US. The main domain is urlz.fr. The Cisco Umbrella rank of the primary domain is 706342.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2022. Valid for: a year.
This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
8 14 2620:1ec:a92:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a02:6ea0:c70... 60068 (CDN77 ^_^)
10 104.83.5.113 20940 (AKAMAI-ASN1)
2 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 20.190.159.23 8075 (MICROSOFT...)
5 2600:9000:211... 16509 (AMAZON-02)
3 54.38.64.100 16276 (OVH)
1 2.16.186.32 20940 (AKAMAI-ASN1)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 145.239.192.166 16276 (OVH)
1 51.38.120.206 16276 (OVH)
1 2620:116:800d... 16509 (AMAZON-02)
1 34.252.124.99 16509 (AMAZON-02)
1 52.222.137.45 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 104.103.98.78 16625 (AKAMAI-AS)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2 142.250.186.162 15169 (GOOGLE)
2 2 20.190.159.74 8075 (MICROSOFT...)
1 54.154.10.160 16509 (AMAZON-02)
1 162.19.138.119 16276 (OVH)
1 18.184.235.146 16509 (AMAZON-02)
9 52.109.68.59 8075 (MICROSOFT...)
8 104.46.162.226 8075 (MICROSOFT...)
12 104.96.146.37 16625 (AKAMAI-AS)
95 30
2    2606:4700:3038::6815:ead7 (United States)

ASN13335 (CLOUDFLARENET, US)
urlz.fr
14    2620:1ec:a92::194 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
forms.office.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
ads.themoneytizer.com
10    104.83.5.113 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-5-113.deploy.static.akamaitechnologies.com
cdn.forms.office.net
2    2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.office.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    20.190.159.23 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
5    2600:9000:211e:ac00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
3    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
1    2.16.186.32 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-32.deploy.static.akamaitechnologies.com
ced.sascdn.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    34.252.124.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-124-99.eu-west-1.compute.amazonaws.com
p.cpx.to
1    52.222.137.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-45.ams50.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
2    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2600:9000:20eb:1e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    104.103.98.78 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-98-78.deploy.static.akamaitechnologies.com
static2.sharepointonline.com
1    2600:9000:21f3:5000:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    20.190.159.74 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    54.154.10.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-10-160.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    18.184.235.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-235-146.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
9    52.109.68.59 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
odc.officeapps.live.com
8    104.46.162.226 (Melbourne, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
12    104.96.146.37 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-146-37.deploy.static.akamaitechnologies.com
cdn.odc.officeapps.live.com
Apex Domain
Subdomains		 Transfer
23 live.com
login.live.com — Cisco Umbrella Rank: 93
odc.officeapps.live.com — Cisco Umbrella Rank: 239
cdn.odc.officeapps.live.com — Cisco Umbrella Rank: 1828
194 KB
16 office.com
forms.office.com — Cisco Umbrella Rank: 5698
c.office.com — Cisco Umbrella Rank: 21801
31 KB
10 office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8090
392 KB
10 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 31968
278 KB
8 microsoft.com
browser.events.data.microsoft.com — Cisco Umbrella Rank: 244
3 KB
7 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 2796
test.cmp.quantcast.com — Cisco Umbrella Rank: 10347
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 11904
186 KB
3 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2627
mwzeom.zeotap.com — Cisco Umbrella Rank: 2435
21 KB
3 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 30449
812 B
3 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 20
60 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
2 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1577
154 KB
2 urlz.fr
urlz.fr — Cisco Umbrella Rank: 706342
7 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 389
1 KB
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 34714
518 B
1 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 2463
36 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 904
1 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295
30 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 cpx.to
p.cpx.to — Cisco Umbrella Rank: 9229
2 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 979
10 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 725
1 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 33707
6 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 388
291 B
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 9864
32 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 241
665 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
43 KB
95 27
Domain Requested by
14 forms.office.com 8 redirects urlz.fr
cdn.forms.office.net
forms.office.com
12 cdn.odc.officeapps.live.com odc.officeapps.live.com
10 cdn.forms.office.net forms.office.com
cdn.forms.office.net
10 ads.themoneytizer.com urlz.fr
ads.themoneytizer.com
9 odc.officeapps.live.com cdn.forms.office.net
odc.officeapps.live.com
8 browser.events.data.microsoft.com js.monitor.azure.com
cdn.forms.office.net
5 cmp.quantcast.com urlz.fr
cmp.quantcast.com
3 c.tmyzer.com ads.themoneytizer.com
3 login.microsoftonline.com cdn.forms.office.net
login.microsoftonline.com
2 login.live.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
2 c.office.com 1 redirects forms.office.com
2 js.monitor.azure.com forms.office.com
2 urlz.fr urlz.fr
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 id5-sync.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 mwzeom.zeotap.com
1 test.cmp.quantcast.com cmp.quantcast.com
1 static2.sharepointonline.com cdn.forms.office.net
1 rules.quantcount.com secure.quantserve.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 onetag-sys.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 c.bing.com 1 redirects
1 www.googletagmanager.com urlz.fr
95 33

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-11 -
2023-06-11		 a year crt.sh
forms.office.com
Microsoft Azure TLS Issuing CA 02		 2022-07-20 -
2023-07-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
1266287590.rsc.cdn77.org
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
cdn.forms.office.net
Microsoft Azure TLS Issuing CA 06		 2022-09-28 -
2023-09-23		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 05		 2022-12-23 -
2023-12-18		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-12-01 -
2023-12-01		 a year crt.sh
cmp.quantcast.com
R3		 2023-01-08 -
2023-04-08		 3 months crt.sh
c.tmyzer.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-08 -
2023-09-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2022-09-13 -
2023-09-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-13		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
quantserve.com
R3		 2023-01-10 -
2023-04-10		 3 months crt.sh
privatecdn.sharepointonline.com
DigiCert SHA2 Secure Server CA		 2022-09-19 -
2023-09-19		 a year crt.sh
adtrack.adleadevent.com
Amazon		 2022-06-13 -
2023-07-12		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
odc.officeapps.live.com
Microsoft Azure TLS Issuing CA 05		 2022-12-07 -
2023-12-02		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2022-12-07 -
2023-12-02		 a year crt.sh
cdn.odc.officeapps.live.com
Microsoft Azure TLS Issuing CA 05		 2022-10-12 -
2023-10-07		 a year crt.sh

This page contains 10 frames:

Primary Page: https://urlz.fr/kDRf
Frame ID: CF06F78632A310AACBD447F2C027AB62
Requests: 38 HTTP requests in this frame

Frame: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Frame ID: F9BD087C4E8A3BC7AB44BA63E7FF03F0
Requests: 11 HTTP requests in this frame

Frame: https://forms.office.com/pages/silentsignincomplete.aspx
Frame ID: A308252FA1AA0F53ADDD0CC8BB57A4AA
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1675333973010
Frame ID: 3D761913D17D2133A70A987D829076D3
Requests: 1 HTTP requests in this frame

Frame: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Frame ID: A29989BAD98DA049A385A306C875DA24
Requests: 11 HTTP requests in this frame

Frame: https://forms.office.com/pages/silentsignincomplete.aspx
Frame ID: C96B088A980F222DFFE831C99AA17B3F
Requests: 2 HTTP requests in this frame

Frame: https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
Frame ID: C1593FA0A553CF2A16A04733E3615502
Requests: 1 HTTP requests in this frame

Frame: https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
Frame ID: FFECE908841363D83A4DE032D18060D5
Requests: 1 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Frame ID: 74B9DDEDC726F6E2A71BB8E74EE92434
Requests: 10 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Frame ID: C06A39F9E3ECED270FAA270787F893D5
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft Forms - Easily create surveys, quizzes, and polls.

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

94 %
HTTPS

44 %
IPv6

27
Domains

33
Subdomains

30
IPs

6
Countries

1526 kB
Transfer

5479 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://forms.office.com/pages/designpagev2.aspx?lang=fr-FR&origin=OfficeDotCom&route=Start&subpage=design&id=zTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u HTTP 302
  • https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Request Chain 15
  • https://c.office.com/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=FC65C862E55B418D8BF9DFC77328DCF1&RedC=c.office.com&MXFR=06C1E8738EB264F90C60FADF8AB26FCE HTTP 302
  • https://c.office.com/c.gif?CtsSyncId=FC65C862E55B418D8BF9DFC77328DCF1&MUID=06C1E8738EB264F90C60FADF8AB26FCE
Request Chain 16
  • https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none HTTP 302
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVm5UZ3FXUkxKNEw2N005dm1WdUlSdENncmltdTRyT3JlbzBYYl9yVHdBZV9POUJuc0pkU19lejJ5bUVlekEwUTZRNnBSdTJDYkxxVmdoVngyaHZna00iLCJwcm9tcHQiOiJBVjRGcmdOZjlvNm1SMFRxbl9PNlRqYVgxQTZSaTF0T1dtRG12YVNSTGV2WWl4Q3gtWHBjdG5EUDFyWmdEeTJiaHRhZW41TjBPZXd4aDFlWkltdGtPelkiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638109307726667575.OTk1NTgzNGMtNzQ5My00YmNhLWE3YzItMTc2NTY2OGMxNGE1ODE5NDBlM2UtZjkwOS00ZTU0LWEyNDItODRmOTRmMDJhYjBi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
Request Chain 34
  • https://forms.office.com/pages/designpagev2.aspx?lang=fr-FR&origin=OfficeDotCom&route=Start&subpage=design&id=zTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u HTTP 302
  • https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Request Chain 42
  • https://forms.office.com/landing HTTP 302
  • https://forms.office.com/pages/silentsignincomplete.aspx
Request Chain 49
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b8e37562-3603-4209-6427-947c14b850fd&reqId=62e079a4-aeb1-42ff-60e0-aab58bbf24e6&zdid=1258 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b8e37562-3603-4209-6427-947c14b850fd&reqId=62e079a4-aeb1-42ff-60e0-aab58bbf24e6&zdid=1258&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECExGK6anGzwJU8MnySbPU0&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b8e37562-3603-4209-6427-947c14b850fd&reqId=62e079a4-aeb1-42ff-60e0-aab58bbf24e6&zdid=1258
Request Chain 51
  • https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none HTTP 302
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBV2Q3RTlIekp4c09iY19nYUpRRGRVOVV5NV9FTEJocXlYN3pPR1poeWdTUTNrTXkwTFBlUk5ibFFETGRMYkJTTnJtdFN5ckxLQ0pPNjVtUHRGRUtWcGsiLCJwcm9tcHQiOiJBY1Iyd0k1T0U4WGlZcHVMejlqbUJ4VHhtZVBPNmFWeGFMRTZpUmJGY1BScVFmbDltYzdEUWlaWnRvLTRMa1ExZFd3Z0pKbktfTktLNktyekRJaXNuVmciLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638109307732941112.OGM4YzlkNDgtYTRhNC00OTk4LTliM2ItNGY3YWU4OWQ5ZjM4ZTdiYjIxYTItZWQxMi00N2I5LWE1NjctNDJkNDU3ODE1ZTlm&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
Request Chain 52
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675333972&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3DCQNySxPgQePSC7pXu1cYcygtNff8oadRMF_zBoAKgWFH0ZhF6nt_sGWA9YRwQYJCHyl5Clao6PJ4wRdckWa1jbMjtREGksdlQfNP5RxQrUrFWRqV-mLxe_V2TAI60VfM-ssyqXW89uo4fxhhqk-BzCheQVPjXlwEYR9eVk6tcIrpzQk_-l4ML0Xtqtl3DVB64LZlANLx91knPWjwgNIVEwoxNDGoiDQwOW-KtfgPIFF06ZqDSMWvmjc5tjU4UyaKgrD5VjmEKkeAqzBeBtbgA0AvwDIWwyKMSlnI-rDnkaE4M8MI-uozctKlc45NNtX0_fFQtRbDRl7UMr9AggccB9eoezZjSEVWV9O-jklQBY4&id=295313&checkda=1 HTTP 302
  • https://forms.office.com/rpsLanding?RpsAuthState=CQNySxPgQePSC7pXu1cYcygtNff8oadRMF_zBoAKgWFH0ZhF6nt_sGWA9YRwQYJCHyl5Clao6PJ4wRdckWa1jbMjtREGksdlQfNP5RxQrUrFWRqV-mLxe_V2TAI60VfM-ssyqXW89uo4fxhhqk-BzCheQVPjXlwEYR9eVk6tcIrpzQk_-l4ML0Xtqtl3DVB64LZlANLx91knPWjwgNIVEwoxNDGoiDQwOW-KtfgPIFF06ZqDSMWvmjc5tjU4UyaKgrD5VjmEKkeAqzBeBtbgA0AvwDIWwyKMSlnI-rDnkaE4M8MI-uozctKlc45NNtX0_fFQtRbDRl7UMr9AggccB9eoezZjSEVWV9O-jklQBY4 HTTP 302
  • https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
Request Chain 59
  • https://forms.office.com/landing HTTP 302
  • https://forms.office.com/pages/silentsignincomplete.aspx
Request Chain 60
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675333973&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3DA196bhI6htixXMLvwQ6F8x28L-xwib3CHGtkLM5xkk6P8RvjAkFNiilkFTp5F1b8Zf_YONUGsK1aCVFCHzNp_cGNuGtYxHLUMRn5bgCN8O-Tw7zwIheyDMvai4MreaB3VnlyCMf30BDsH0qL2ynIJf0rTcKisMssx1n2aRwLMvLGQUqSiv-PwbbasAHQTWhInUAaITjtrztGxEFjXCATpDJIGp05uAeW6K0Y_hIUsImSzi7_0hVEMum2SX4XYSfhbOGR_kZlE3hIJVg7yKnnZKpiOKZd3VoRCg6zWpzwLHO5UtRFqPp2sChb0aCd4gTTB8b-HfBs0RaRZeKNAuzZ6mndkv5DqBSzjD47U3jdJ7Y&id=295313&checkda=1 HTTP 302
  • https://forms.office.com/rpsLanding?RpsAuthState=A196bhI6htixXMLvwQ6F8x28L-xwib3CHGtkLM5xkk6P8RvjAkFNiilkFTp5F1b8Zf_YONUGsK1aCVFCHzNp_cGNuGtYxHLUMRn5bgCN8O-Tw7zwIheyDMvai4MreaB3VnlyCMf30BDsH0qL2ynIJf0rTcKisMssx1n2aRwLMvLGQUqSiv-PwbbasAHQTWhInUAaITjtrztGxEFjXCATpDJIGp05uAeW6K0Y_hIUsImSzi7_0hVEMum2SX4XYSfhbOGR_kZlE3hIJVg7yKnnZKpiOKZd3VoRCg6zWpzwLHO5UtRFqPp2sChb0aCd4gTTB8b-HfBs0RaRZeKNAuzZ6mndkv5DqBSzjD47U3jdJ7Y HTTP 302
  • https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request kDRf
urlz.fr/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urlz.fr/kDRf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8d066831042197f4829d33095327e91b746a726b554327e6832e195ec51934

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
793243eb8a902149-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 10:32:51 GMT
expires
Thu, 02 Feb 2023 10:33:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5L2nFsAPH2dp7KqrKvoLviesuIwK91beKyqwIrOK26Wuh5MiTZrUpI8yp1HsjXxaM0PM1VkDlV0dnyC5HjFZvSXJ2mKJYvtJs07L46PG641jab8hSxy1XcfpQ0hOjwAE9wVI1LZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-fastcgi-cache
MISS
rocket-loader.min.js
urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/kDRf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/kDRf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Jan 2023 14:59:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63d7db5d-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeVrUI9t1%2BAb4E2%2F30SsVBZdetAfx6ymHpr4XIhdEra2BFPyc0%2B8cqAtuYPnaAYZcDtZ39c7Xu9xQ%2Fx1W62LJDhGX7oahB%2Ffl5GunonXtnh4vMh%2BrJx6BN%2BIxhD4ubrcrb9zEDwR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
793243ebfb602149-CDG
expires
Sat, 04 Feb 2023 10:32:51 GMT
/
forms.office.com/ Frame F9BD
Redirect Chain
  • https://forms.office.com/pages/designpagev2.aspx?lang=fr-FR&origin=OfficeDotCom&route=Start&subpage=design&id=zTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
  • https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJX...
38 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Requested by
Host: urlz.fr
URL: https://urlz.fr/kDRf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bdaed87455d44bedfed27515f3ec4d5c0ba95c6dd3d1ee0a80e0e98168302784
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
11841
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 10:32:51 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
eb2a1c54-5705-4e3d-ab2d-5d227fbe517e
x-failurereason
Unknown
x-msedge-ref
Ref A: 56C91CA90DBC49F3BC5CA4B47A1DB01E Ref B: LON212050711017 Ref C: 2023-02-02T10:32:52Z
x-officecluster
neu-101.forms.office.com
x-officefe
FormsSingleBox_IN_5
x-officeversion
16.0.16129.42051
x-routingcorrelationid
eb2a1c54-5705-4e3d-ab2d-5d227fbe517e
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_5
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
1b77d5af-68ae-44c8-a736-063a089f666b
x-usersessionid
1b77d5af-68ae-44c8-a736-063a089f666b

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 02 Feb 2023 10:32:51 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
location
/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-correlationid
55da7c29-777d-423b-903a-b7b0905ac4a0
x-msedge-ref
Ref A: 3AB8B699ABA4425082538359BD78189E Ref B: LON212050711017 Ref C: 2023-02-02T10:32:52Z
x-officecluster
weu-101.forms.office.com
x-officefe
FormsSingleBox_IN_2
x-officeversion
16.0.16129.42051
x-routingcorrelationid
55da7c29-777d-423b-903a-b7b0905ac4a0
x-routingofficecluster
weu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_2
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
64a1baca-ce98-43bd-923b-d47ede5c3276
x-usersessionid
64a1baca-ce98-43bd-923b-d47ede5c3276
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a5f7b93d67537c9484ae5a33c7b69146eb548fa520d7807361172b7c5040b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43925
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Feb 2023 10:32:51 GMT
requestform.js
ads.themoneytizer.com/s/ 		123 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a4f3df368cb788bf3ed15324ed8a6089538c67c4f9ef04f36b3f4b57bfdf6680

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt
AcO1qhG3uVr/3UoAAA
x-accel-expires
@1675919606
date
Thu, 02 Feb 2023 10:32:51 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
4c156224dff82fae5391db63c4f35c38
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
19165
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
70ee840253a7cb7c07edabed96e9a7cf14e2099c8ee00fc0e1bebd6628d773fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt
AcO1qhFbApP/Tk0AAA
x-accel-expires
@1675918981
date
Thu, 02 Feb 2023 10:32:51 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
4c156224dff82fae5391db6380217b38
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
19790
requestform.js
ads.themoneytizer.com/s/ 		123 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ea2a9fd6d1e3ce307d9bf610802a2139a2bd134e9a3e8e8bfb0bc8ef97f0097e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt
AcO1qhH+iNn/3UoAAA
x-accel-expires
@1675919606
date
Thu, 02 Feb 2023 10:32:51 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
4c156224dff82fae5391db63eed48138
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
19165
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
70ee840253a7cb7c07edabed96e9a7cf14e2099c8ee00fc0e1bebd6628d773fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt
AcO1qhEBAvX/TE0AAA
x-accel-expires
@1675918983
date
Thu, 02 Feb 2023 10:32:51 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
4c156224dff82fae5391db6382fea438
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
19788
requestform.js
ads.themoneytizer.com/s/ 		123 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d4d110e8a9fe26f1b2ef2b740141aa2d689495776e048f511a784b2eeccb476c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt
AcO1qhESBUX/3UoAAA
x-accel-expires
@1675919606
date
Thu, 02 Feb 2023 10:32:51 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
4c156224dff82fae5391db637e2aac38
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
19165
gen.js
ads.themoneytizer.com/s/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
70ee840253a7cb7c07edabed96e9a7cf14e2099c8ee00fc0e1bebd6628d773fe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt
AcO1qhFJpZX/Tk0AAA
x-accel-expires
@1675918981
date
Thu, 02 Feb 2023 10:32:51 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
4c156224dff82fae5391db6305eece38
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
19790
default-page.min.5112b27.css
cdn.forms.office.net/forms/css/dist/ Frame F9BD 		364 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/default-page.min.5112b27.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.5.113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-5-113.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1016d0b9bf41f4fcefa7e9b7de510107def3e64bbeaa39aac00f7b164f642ba9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 10:32:52 GMT
content-encoding
br
content-md5
rIkKyl/oekCaFPUqJTw8zA==
content-length
30629
x-ms-lease-status
unlocked
last-modified
Thu, 19 Jan 2023 03:58:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF9D16E499698
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b420ec66-701e-0002-7dc2-2bab03000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 02 Feb 2024 10:32:52 GMT
basics_osi_v3_m1_j3.min.6aa1f3d.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ Frame F9BD 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.5.113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-5-113.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 10:32:52 GMT
content-encoding
br
content-md5
BdEW2V1tMY+QN8kblaXAYw==
content-length
70611
x-ms-lease-status
unlocked
last-modified
Fri, 23 Sep 2022 14:05:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9D6CA23BCFC7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7ae330d2-d01e-000f-0ea8-d1440f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 02 Feb 2024 10:32:52 GMT
aria_odata_v2.min.29dbe8c.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ Frame F9BD 		125 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/aria_odata_v2.min.29dbe8c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.5.113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-5-113.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b66a5c41dda8640ef2fb42901bee5437dcdc746f018ab7bfa42fa6cfddc830f8

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 10:32:52 GMT
content-encoding
br
content-md5
zL0YTaz76DBx0JM11lOSgA==
content-length
32555
x-ms-lease-status
unlocked
last-modified
Thu, 29 Sep 2022 09:15:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAA1FB2CA30BED
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3b2cfe2d-601e-0052-1026-d4b40b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 02 Feb 2024 10:32:52 GMT
default-page.min.fc3e1bb.js
cdn.forms.office.net/forms/scripts/dists/ Frame F9BD 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.5.113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-5-113.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f19aeb615472c877093fe373b0011ce3c251d4547b7e405a4eb7732b650bf045

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 10:32:52 GMT
content-encoding
br
content-md5
cN7TD/TmGm/6BZP0LZhbqQ==
content-length
34198
x-ms-lease-status
unlocked
last-modified
Mon, 30 Jan 2023 04:25:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB027A09A85DDA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
377e0c1d-101e-0030-576d-34f3d3000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 02 Feb 2024 10:32:52 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ Frame F9BD 		179 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cacd215430aa66f1391abd136f23ddb729b3fe44c6385a43b62d7a9e8479ea03

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:52 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.8
last-modified
Wed, 02 Nov 2022 19:31:15 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.8.min.js
vary
Accept-Encoding
x-azure-ref
20230202T103252Z-06f6h4y2bx2yzf7h8h4r1y8a4000000001ng00000000qb6z
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d2319bcc-c01e-00d2-4a78-2ffae9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
default-page.chunk.1ds.6dc5e5d.js
cdn.forms.office.net/forms/scripts/dists/ Frame F9BD 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.chunk.1ds.6dc5e5d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.5.113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-5-113.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
65efeac160ccc469ad55cfaa6fb94254f1bf8f89ae913b3e50407021c3f42ed4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 10:32:52 GMT
content-encoding
br
content-md5
97nNPCdl6wGOtpt7Ghddmg==
content-length
30129
x-ms-lease-status
unlocked
last-modified
Fri, 28 Oct 2022 04:14:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB89ADCD45DA8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
461f431f-301e-0068-72ee-ecf7a8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 02 Feb 2024 10:32:52 GMT
c.gif
c.office.com/ Frame F9BD
Redirect Chain
  • https://c.office.com/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=FC65C862E55B418D8BF9DFC77328DCF1&RedC=c.office.com&MXFR=06C1E8738EB264F90C60FADF8AB26FCE
  • https://c.office.com/c.gif?CtsSyncId=FC65C862E55B418D8BF9DFC77328DCF1&MUID=06C1E8738EB264F90C60FADF8AB26FCE
42 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.office.com/c.gif?CtsSyncId=FC65C862E55B418D8BF9DFC77328DCF1&MUID=06C1E8738EB264F90C60FADF8AB26FCE
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 10:32:52 GMT
last-modified
Tue, 17 Jan 2023 20:36:49 GMT
server
Microsoft-IIS/10.0
etag
"b1c8df6cb32ad91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 10:32:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B96BE3055BAB43559083AA86D3DAE8CA Ref B: LTSEDGE2017 Ref C: 2023-02-02T10:32:52Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.office.com/c.gif?CtsSyncId=FC65C862E55B418D8BF9DFC77328DCF1&MUID=06C1E8738EB264F90C60FADF8AB26FCE
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
authorize
login.microsoftonline.com/common/oauth2/ Frame A308
Redirect Chain
  • https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20p...
152 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVm5UZ3FXUkxKNEw2N005dm1WdUlSdENncmltdTRyT3JlbzBYYl9yVHdBZV9POUJuc0pkU19lejJ5bUVlekEwUTZRNnBSdTJDYkxxVmdoVngyaHZna00iLCJwcm9tcHQiOiJBVjRGcmdOZjlvNm1SMFRxbl9PNlRqYVgxQTZSaTF0T1dtRG12YVNSTGV2WWl4Q3gtWHBjdG5EUDFyWmdEeTJiaHRhZW41TjBPZXd4aDFlWkltdGtPelkiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638109307726667575.OTk1NTgzNGMtNzQ5My00YmNhLWE3YzItMTc2NTY2OGMxNGE1ODE5NDBlM2UtZjkwOS00ZTU0LWEyNDItODRmOTRmMDJhYjBi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.23 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
99bfece6cb4ae74dd28d281e2988079ae8ccd7f7f0d2be518856725494444f88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55415
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Feb 2023 10:32:52 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.14526.6 - WEULR2 ProdSlices
x-ms-request-id
ec6a15c5-1bfa-4edb-8ee3-31b73a5d2a00

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 10:32:52 GMT
location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVm5UZ3FXUkxKNEw2N005dm1WdUlSdENncmltdTRyT3JlbzBYYl9yVHdBZV9POUJuc0pkU19lejJ5bUVlekEwUTZRNnBSdTJDYkxxVmdoVngyaHZna00iLCJwcm9tcHQiOiJBVjRGcmdOZjlvNm1SMFRxbl9PNlRqYVgxQTZSaTF0T1dtRG12YVNSTGV2WWl4Q3gtWHBjdG5EUDFyWmdEeTJiaHRhZW41TjBPZXd4aDFlWkltdGtPelkiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638109307726667575.OTk1NTgzNGMtNzQ5My00YmNhLWE3YzItMTc2NTY2OGMxNGE1ODE5NDBlM2UtZjkwOS00ZTU0LWEyNDItODRmOTRmMDJhYjBi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
a8b7f514-7c2e-456f-9d75-3d5cd15122ae
x-msedge-ref
Ref A: 22CB1B8C74C64A21A5CCE800BEB31B36 Ref B: LON212050711017 Ref C: 2023-02-02T10:32:52Z
x-officecluster
frc-101.forms.office.com
x-officefe
FormsSingleBox_IN_5
x-officeversion
16.0.16129.42051
x-routingcorrelationid
a8b7f514-7c2e-456f-9d75-3d5cd15122ae
x-routingofficecluster
frc-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_5
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
de158e3e-ddf5-4cab-9082-7a628d6d68e0
x-usersessionid
de158e3e-ddf5-4cab-9082-7a628d6d68e0
choice.js
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/kDRf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:46 GMT
content-encoding
br
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:53:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
53
x-amz-server-side-encryption
AES256
etag
W/"c53bd785b1ee57b613221019d7d72626"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
w8iDe3tRFjH281CHkj8XLtvatBzzBPYConSCqzgqbcJwJT_87fYSuA==
IIQUniversalID.js
ads.themoneytizer.com/ 		51 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/IIQUniversalID.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7bb23de30daa7e81e2fafc5d2fbcada4b6fefc10c3251661952a341d6864aa8e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt
AcO1qhHaRoz/UE0AAA
pragma
public
date
Thu, 02 Feb 2023 10:32:53 GMT
x-77-pop
frankfurtDE
x-accel-expires
@1675400581
last-modified
Wed, 12 Oct 2022 18:48:43 GMT
server
CDN77-Turbo
content-encoding
gzip
x-77-nzt-ray
4c156224dff82fae5591db6387d07a00
x-cache
HIT
content-type
application/javascript
x-77-cache
HIT
cache-control
max-age=86400, public, no-transform
x-age
19792
expires
Fri, 03 Feb 2023 05:03:01 GMT
moneybile.js
ads.themoneytizer.com/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt
AcO1qhHAx8v/UE0AAA
pragma
public
date
Thu, 02 Feb 2023 10:32:53 GMT
x-77-pop
frankfurtDE
x-accel-expires
@1675400581
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
content-encoding
gzip
x-77-nzt-ray
4c156224dff82fae5591db634bdc9100
x-cache
HIT
content-type
application/javascript
x-77-cache
HIT
cache-control
max-age=86400, public, no-transform
x-age
19792
expires
Fri, 03 Feb 2023 05:03:01 GMT
authorize
login.microsoftonline.com/common/oauth2/ Frame A308 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVm5UZ3FXUkxKNEw2N005dm1WdUlSdENncmltdTRyT3JlbzBYYl9yVHdBZV9POUJuc0pkU19lejJ5bUVlekEwUTZRNnBSdTJDYkxxVmdoVngyaHZna00iLCJwcm9tcHQiOiJBVjRGcmdOZjlvNm1SMFRxbl9PNlRqYVgxQTZSaTF0T1dtRG12YVNSTGV2WWl4Q3gtWHBjdG5EUDFyWmdEeTJiaHRhZW41TjBPZXd4aDFlWkltdGtPelkiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638109307726667575.OTk1NTgzNGMtNzQ5My00YmNhLWE3YzItMTc2NTY2OGMxNGE1ODE5NDBlM2UtZjkwOS00ZTU0LWEyNDItODRmOTRmMDJhYjBi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVm5UZ3FXUkxKNEw2N005dm1WdUlSdENncmltdTRyT3JlbzBYYl9yVHdBZV9POUJuc0pkU19lejJ5bUVlekEwUTZRNnBSdTJDYkxxVmdoVngyaHZna00iLCJwcm9tcHQiOiJBVjRGcmdOZjlvNm1SMFRxbl9PNlRqYVgxQTZSaTF0T1dtRG12YVNSTGV2WWl4Q3gtWHBjdG5EUDFyWmdEeTJiaHRhZW41TjBPZXd4aDFlWkltdGtPelkiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638109307726667575.OTk1NTgzNGMtNzQ5My00YmNhLWE3YzItMTc2NTY2OGMxNGE1ODE5NDBlM2UtZjkwOS00ZTU0LWEyNDItODRmOTRmMDJhYjBi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.23 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e04d8bf6cee881ad0cef30e96394941a795549d0876bf508a4763f065fa4a698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBVm5UZ3FXUkxKNEw2N005dm1WdUlSdENncmltdTRyT3JlbzBYYl9yVHdBZV9POUJuc0pkU19lejJ5bUVlekEwUTZRNnBSdTJDYkxxVmdoVngyaHZna00iLCJwcm9tcHQiOiJBVjRGcmdOZjlvNm1SMFRxbl9PNlRqYVgxQTZSaTF0T1dtRG12YVNSTGV2WWl4Q3gtWHBjdG5EUDFyWmdEeTJiaHRhZW41TjBPZXd4aDFlWkltdGtPelkiLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638109307726667575.OTk1NTgzNGMtNzQ5My00YmNhLWE3YzItMTc2NTY2OGMxNGE1ODE5NDBlM2UtZjkwOS00ZTU0LWEyNDItODRmOTRmMDJhYjBi&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
962
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Feb 2023 10:32:52 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.14526.6 - WEULR2 ProdSlices
x-ms-request-id
befb5161-ce6a-4683-9e8f-54febe7b9300
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=1&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 02 Feb 2023 10:32:53 GMT
Server
nginx
X-IPLB-Request-ID
5CDED412:A0CE_36264064:01BB_63DB9155_1A962F0:23B59
X-IPLB-Instance
24858
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/ 		96 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b52ad46ce393602be0dcc61bf96cf97052d1e2c74f97bb85104a0889f690d4c8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 10:32:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
32964
Expires
Thu, 02 Feb 2023 12:32:53 GMT
sync
gum.criteo.com/ 		49 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
571446
expires
60
mapper.js
spl.zeotap.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
793243f3ab5e2a1f-CDG
access-control-allow-headers
*
libJsLP.js
tag.leadplace.fr/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 10:32:53 GMT
Last-Modified
Thu, 07 Oct 2021 11:26:48 GMT
Server
nginx/1.20.1
X-IPLB-Request-ID
5CDED412:8C52_91EFC0A6:01BB_63DB9155_6973BEC0:6041
ETag
"615ed978-15ab"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame 3D76 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1675333973010
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8c979ed3785f184174cba3c38dd0ebbd5b244add676982d9aeafb57b3e53b1a4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
content-encoding
gzip
etag
"j4o3/UzQJzEULY/aoGayAw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 09 Feb 2023 10:32:53 GMT
px.js
p.cpx.to/p/12773/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12773/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.124.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-124-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d2581f2491c811e1e503e840938053e668884798e5dcc5eb43de83d146a7ed89

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 10:32:52 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1990
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-45.ams50.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 02:21:42 GMT
Via
1.1 52102486f97ad6ff39f81538f01349aa.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
X-Amz-Cf-Pop
AMS50-C1
Age
29487
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
UbJ32M_pRgZRENCSVG0s4CUPz0DkNE1zNyLE4wrgaPsdtwkn9FTUAQ==
prebid.js
ads.themoneytizer.com/moneybid7_28/build/dist/ 		577 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid7_28/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5bb06f052a7fa32f471f2e65b09f3a294b6fd633ea7e6989f6fd6b9f799fc995

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt
AcO1qhFcq8z/UE0AAA
pragma
public
date
Thu, 02 Feb 2023 10:32:53 GMT
x-77-pop
frankfurtDE
x-accel-expires
@1675400581
last-modified
Thu, 26 Jan 2023 21:13:00 GMT
server
CDN77-Turbo
content-encoding
gzip
x-77-nzt-ray
4c156224dff82fae5591db63a96a2101
x-cache
HIT
content-type
application/javascript
x-77-cache
HIT
cache-control
max-age=86400, public, no-transform
x-age
19792
expires
Fri, 03 Feb 2023 05:03:01 GMT
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=28&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 02 Feb 2023 10:32:53 GMT
Server
nginx
X-IPLB-Request-ID
5CDED412:A0DE_36264064:01BB_63DB9155_1A9FE6A:10492
X-IPLB-Instance
20687
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 02 Feb 2023 10:32:53 GMT
Server
nginx
X-IPLB-Request-ID
5CDED412:A0E6_36264064:01BB_63DB9155_1A9F339:6010
X-IPLB-Instance
38442
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
lib_fs_close.js
ads.themoneytizer.com/ 		667 B
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_fs_close.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-nzt
AcO1qhE9aGT/UE0AAA
pragma
public
date
Thu, 02 Feb 2023 10:32:53 GMT
x-77-pop
frankfurtDE
x-accel-expires
@1675400581
last-modified
Thu, 19 Jan 2023 15:05:03 GMT
server
CDN77-Turbo
content-encoding
gzip
x-77-nzt-ray
4c156224dff82fae5591db63cfc91602
x-cache
HIT
content-type
application/javascript
x-77-cache
HIT
cache-control
max-age=86400, public, no-transform
x-age
19792
expires
Fri, 03 Feb 2023 05:03:01 GMT
/
forms.office.com/ Frame A299
Redirect Chain
  • https://forms.office.com/pages/designpagev2.aspx?lang=fr-FR&origin=OfficeDotCom&route=Start&subpage=design&id=zTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
  • https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJX...
38 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Requested by
Host: urlz.fr
URL: https://urlz.fr/kDRf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
174d9cc46df9a2152ea9f852eb4c02f43d16924fcb9a21ade6a9db279d228ff1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
11847
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 10:32:52 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
1fa51248-f97c-4515-b621-87d85ad05c10
x-failurereason
Unknown
x-msedge-ref
Ref A: 304D2E8AAC154B09B6DC694664FDBF61 Ref B: LON212050711017 Ref C: 2023-02-02T10:32:53Z
x-officecluster
weu-100.forms.office.com
x-officefe
FormsSingleBox_IN_7
x-officeversion
16.0.16129.42051
x-routingcorrelationid
1fa51248-f97c-4515-b621-87d85ad05c10
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_7
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
030609d7-89f1-4407-981c-af7da64d5890
x-usersessionid
030609d7-89f1-4407-981c-af7da64d5890

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 02 Feb 2023 10:32:52 GMT
expires
0
link
<https://cdn.forms.office.net/forms>; rel=preconnect; crossorigin=anonymous
location
/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-correlationid
ec745de6-761f-4dcb-84b5-da2382c259d4
x-msedge-ref
Ref A: B925C4AFF59E47F19D86753441D224E2 Ref B: LON212050711017 Ref C: 2023-02-02T10:32:53Z
x-officecluster
frc-100.forms.office.com
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.16129.42051
x-routingcorrelationid
ec745de6-761f-4dcb-84b5-da2382c259d4
x-routingofficecluster
frc-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_1
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
5878f420-f994-43cf-bbb4-4b23ccb4f3a4
x-usersessionid
5878f420-f994-43cf-bbb4-4b23ccb4f3a4
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 02 Feb 2023 09:31:16 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3697
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 02 Feb 2023 11:31:16 GMT
default-page.min.5112b27.css
cdn.forms.office.net/forms/css/dist/ Frame A299 		364 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/css/dist/default-page.min.5112b27.css
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.5.113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-5-113.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1016d0b9bf41f4fcefa7e9b7de510107def3e64bbeaa39aac00f7b164f642ba9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 10:32:53 GMT
content-encoding
br
content-md5
rIkKyl/oekCaFPUqJTw8zA==
content-length
30629
x-ms-lease-status
unlocked
last-modified
Thu, 19 Jan 2023 03:58:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAF9D16E499698
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b420ec66-701e-0002-7dc2-2bab03000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 02 Feb 2024 10:32:53 GMT
basics_osi_v3_m1_j3.min.6aa1f3d.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ Frame A299 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/basics_osi_v3_m1_j3.min.6aa1f3d.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.5.113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-5-113.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 10:32:53 GMT
content-encoding
br
content-md5
BdEW2V1tMY+QN8kblaXAYw==
content-length
70611
x-ms-lease-status
unlocked
last-modified
Fri, 23 Sep 2022 14:05:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA9D6CA23BCFC7
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7ae330d2-d01e-000f-0ea8-d1440f000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 02 Feb 2024 10:32:53 GMT
aria_odata_v2.min.29dbe8c.js
cdn.forms.office.net/forms/scripts/vendors/combinedmin/ Frame A299 		125 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/vendors/combinedmin/aria_odata_v2.min.29dbe8c.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.5.113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-5-113.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b66a5c41dda8640ef2fb42901bee5437dcdc746f018ab7bfa42fa6cfddc830f8

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 10:32:53 GMT
content-encoding
br
content-md5
zL0YTaz76DBx0JM11lOSgA==
content-length
32555
x-ms-lease-status
unlocked
last-modified
Thu, 29 Sep 2022 09:15:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAA1FB2CA30BED
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3b2cfe2d-601e-0052-1026-d4b40b000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 02 Feb 2024 10:32:53 GMT
default-page.min.fc3e1bb.js
cdn.forms.office.net/forms/scripts/dists/ Frame A299 		118 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.5.113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-5-113.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f19aeb615472c877093fe373b0011ce3c251d4547b7e405a4eb7732b650bf045

Request headers

Referer
https://forms.office.com/
Origin
https://forms.office.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 10:32:53 GMT
content-encoding
br
content-md5
cN7TD/TmGm/6BZP0LZhbqQ==
content-length
34198
x-ms-lease-status
unlocked
last-modified
Mon, 30 Jan 2023 04:25:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB027A09A85DDA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
377e0c1d-101e-0030-576d-34f3d3000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 02 Feb 2024 10:32:53 GMT
ms.jsll-3.min.js
js.monitor.azure.com/scripts/c/ Frame A299 		179 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cacd215430aa66f1391abd136f23ddb729b3fe44c6385a43b62d7a9e8479ea03

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.8
last-modified
Wed, 02 Nov 2022 19:31:15 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.jsll-3.2.8.min.js
vary
Accept-Encoding
x-azure-ref
20230202T103253Z-06f6h4y2bx2yzf7h8h4r1y8a4000000001ng00000000qbdx
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d2319bcc-c01e-00d2-4a78-2ffae9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
cmp2.js
cmp.quantcast.com/tcfv2/42/ 		177 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 08:12:05 GMT
content-encoding
gzip
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
115868
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 05 Jul 2022 18:40:23 GMT
server
AmazonS3
etag
W/"9494b70738cd74c9137e65c29c0b1f3e"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
CvdFMfsuiz8ghnbuRnN4LKEyjQrgjpDMV8J72U9yFedTusPR2IiiHw==
silentsignincomplete.aspx
forms.office.com/pages/ Frame A308
Redirect Chain
  • https://forms.office.com/landing
  • https://forms.office.com/pages/silentsignincomplete.aspx
8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/silentsignincomplete.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
3553
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 10:32:52 GMT
expires
0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
26f9154e-34ef-4b91-9f41-5532f28f85d6
x-failurereason
Unknown
x-msedge-ref
Ref A: 5F7175BB9D334C66BB3D103C8785BB6E Ref B: LON212050711017 Ref C: 2023-02-02T10:32:53Z
x-officecluster
neu-101.forms.office.com
x-officefe
FormsSingleBox_IN_8
x-officeversion
16.0.16129.42051
x-robots-tag
noindex, nofollow
x-routingcorrelationid
26f9154e-34ef-4b91-9f41-5532f28f85d6
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_8
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
f3fd2a02-87ae-448b-ae2b-5d7b108a1167
x-usersessionid
f3fd2a02-87ae-448b-ae2b-5d7b108a1167

Redirect headers

content-length
0
date
Thu, 02 Feb 2023 10:32:52 GMT
location
pages/silentsignincomplete.aspx
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
60e464c4-ac21-497d-ab37-9a6828e11b83
x-msedge-ref
Ref A: 2DEC9C6446D443C79217320841B2C242 Ref B: LON212050711017 Ref C: 2023-02-02T10:32:53Z
x-officecluster
neu-100.forms.office.com
x-officefe
FormsSingleBox_IN_12
x-officeversion
16.0.16129.42051
x-routingcorrelationid
60e464c4-ac21-497d-ab37-9a6828e11b83
x-routingofficecluster
neu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_12
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
c05b9b5c-bc4a-48c1-bf78-8880c500b1c5
x-usersessionid
c05b9b5c-bc4a-48c1-bf78-8880c500b1c5
/
spl.zeotap.com/ 		429 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3083e4d532426021bab4591b757ee5bd5ec33f3e914ae319071d7aeaf53d3c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
793243f45c4d2a1f-CDG
access-control-allow-headers
*
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 10:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 10:22:52 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 09:39:44 GMT
content-encoding
gzip
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
3190
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 22:35:53 GMT
server
AmazonS3
etag
W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
mvL1poWQcFPDOcvYhCUvLtdChqBO1OGp12DyLU0m5iiZx96NQ20BSA==
collect
www.google-analytics.com/j/ 		2 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1052904856&t=pageview&_s=1&dl=https%3A%2F%2Furlz.fr%2FkDRf&ul=en-us&de=UTF-8&dt=Microsoft%20Forms%20-%20Easily%20create%20surveys%2C%20quizzes%2C%20and%20polls.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=106284176&gjid=939595777&cid=52912828.1675333973&tid=UA-162669458-1&_gid=1907188079.1675333973&_r=1&_slc=1&gtm=2ou1u0&z=89927080
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Feb 2023 10:32:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame A299 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/css/dist/default-page.min.5112b27.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.98.78 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-98-78.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://cdn.forms.office.net/
Origin
https://forms.office.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 10:32:53 GMT
last-modified
Thu, 02 Nov 2017 17:22:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D522163B704E10
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
fc4ea30b-901e-0013-3646-ffa221000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=25176136
x-ms-version
2009-09-19
content-length
36344
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5000:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8efe51cbecdad4bc99bcab6208c535224c81077f92247249f93ce079be3b4a7

Request headers

Accept
application/json, text/plain, */*
Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 03:00:39 GMT
x-amz-version-id
4AIQAJ98xxQb5Z9H_UdCs9PW1_AVpdm2
content-encoding
br
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
27135
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 29 Jan 2023 19:52:29 GMT
server
AmazonS3
etag
W/"104d73e097947079d97b7ce656d124ce"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
L-feWIOpXr4gbG1jMGCyeT-8kaZy2I0I8wn9-KygW85pYjYm7sUYNA==
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b8e37562-3603-4209-6427-947c14b850fd&reqId=62e079a4-aeb1-42ff-60e0-aab58bbf24e6&...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b8e37562-3603-4209-6427-947c14b850fd&reqId=62e079a4-aeb1-42ff-60e0-aab58bbf24e6...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECExGK6anGzwJU8MnySbPU0&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b8e37562-3603-4209-6427-947c14b850fd&reqId=62e079a4-aeb1-42ff-60e...
95 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESECExGK6anGzwJU8MnySbPU0&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b8e37562-3603-4209-6427-947c14b850fd&reqId=62e079a4-aeb1-42ff-60e0-aab58bbf24e6&zdid=1258
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
793243f5febe2a1f-CDG
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 02 Feb 2023 10:32:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESECExGK6anGzwJU8MnySbPU0&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b8e37562-3603-4209-6427-947c14b850fd&reqId=62e079a4-aeb1-42ff-60e0-aab58bbf24e6&zdid=1258
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default-page.chunk.1ds.6dc5e5d.js
cdn.forms.office.net/forms/scripts/dists/ Frame A299 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forms.office.net/forms/scripts/dists/default-page.chunk.1ds.6dc5e5d.js
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.5.113 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-83-5-113.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
65efeac160ccc469ad55cfaa6fb94254f1bf8f89ae913b3e50407021c3f42ed4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://forms.office.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 02 Feb 2023 10:32:53 GMT
content-encoding
br
content-md5
97nNPCdl6wGOtpt7Ghddmg==
content-length
30129
x-ms-lease-status
unlocked
last-modified
Fri, 28 Oct 2022 04:14:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAB89ADCD45DA8
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
461f431f-301e-0068-72ee-ecf7a8000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=31536000
x-ms-version
2009-09-19
timing-allow-origin
*
expires
Fri, 02 Feb 2024 10:32:53 GMT
authorize
login.microsoftonline.com/common/oauth2/ Frame C96B
Redirect Chain
  • https://forms.office.com/oidcLogin?IdentityProvider=aad&ru=%2FPages%2FSilentSignInComplete.aspx&prompt=none
  • https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20p...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBV2Q3RTlIekp4c09iY19nYUpRRGRVOVV5NV9FTEJocXlYN3pPR1poeWdTUTNrTXkwTFBlUk5ibFFETGRMYkJTTnJtdFN5ckxLQ0pPNjVtUHRGRUtWcGsiLCJwcm9tcHQiOiJBY1Iyd0k1T0U4WGlZcHVMejlqbUJ4VHhtZVBPNmFWeGFMRTZpUmJGY1BScVFmbDltYzdEUWlaWnRvLTRMa1ExZFd3Z0pKbktfTktLNktyekRJaXNuVmciLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638109307732941112.OGM4YzlkNDgtYTRhNC00OTk4LTliM2ItNGY3YWU4OWQ5ZjM4ZTdiYjIxYTItZWQxMi00N2I5LWE1NjctNDJkNDU3ODE1ZTlm&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.23 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
47e3590d50e4b930960d1c0deb3fc7d453f2f38a2fc5c0f24b9862eac7169a75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
962
Content-Type
text/html; charset=utf-8
Date
Thu, 02 Feb 2023 10:32:52 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.14526.6 - WEULR2 ProdSlices
x-ms-request-id
9c24d439-4275-483b-9e15-ad9080f48500

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 10:32:52 GMT
location
https://login.microsoftonline.com/common/oauth2/authorize?client_id=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&resource=c9a559d2-7aab-4f13-a6ed-e7e9c52aec87&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DeyJ2ZXJzaW9uIjoxLCJkYXRhIjp7IklkZW50aXR5UHJvdmlkZXIiOiJBV2Q3RTlIekp4c09iY19nYUpRRGRVOVV5NV9FTEJocXlYN3pPR1poeWdTUTNrTXkwTFBlUk5ibFFETGRMYkJTTnJtdFN5ckxLQ0pPNjVtUHRGRUtWcGsiLCJwcm9tcHQiOiJBY1Iyd0k1T0U4WGlZcHVMejlqbUJ4VHhtZVBPNmFWeGFMRTZpUmJGY1BScVFmbDltYzdEUWlaWnRvLTRMa1ExZFd3Z0pKbktfTktLNktyekRJaXNuVmciLCIucmVkaXJlY3QiOiIvUGFnZXMvU2lsZW50U2lnbkluQ29tcGxldGUuYXNweCJ9fQ&response_mode=form_post&nonce=638109307732941112.OGM4YzlkNDgtYTRhNC00OTk4LTliM2ItNGY3YWU4OWQ5ZjM4ZTdiYjIxYTItZWQxMi00N2I5LWE1NjctNDJkNDU3ODE1ZTlm&redirect_uri=https%3A%2F%2Fforms.office.com%2Flanding&msafed=0&prompt=none&x-client-SKU=ID_NET472&x-client-ver=6.16.0.0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
b067049b-4fd4-41d6-a15a-1e973e3bed7a
x-msedge-ref
Ref A: 9C67EE572F5642ACAA6C57A62DE93543 Ref B: LON212050711017 Ref C: 2023-02-02T10:32:53Z
x-officecluster
weu-101.forms.office.com
x-officefe
FormsSingleBox_IN_13
x-officeversion
16.0.16129.42051
x-routingcorrelationid
b067049b-4fd4-41d6-a15a-1e973e3bed7a
x-routingofficecluster
weu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_13
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
66b2a340-b5bd-49f0-a262-aa99bbbc5221
x-usersessionid
66b2a340-b5bd-49f0-a262-aa99bbbc5221
SilentSignInComplete.aspx
forms.office.com/Pages/ Frame C159
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675333972&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3DCQNySxPgQePSC7pXu1cYcygtNff8oadR...
  • https://forms.office.com/rpsLanding?RpsAuthState=CQNySxPgQePSC7pXu1cYcygtNff8oadRMF_zBoAKgWFH0ZhF6nt_sGWA9YRwQYJCHyl5Clao6PJ4wRdckWa1jbMjtREGksdlQfNP5RxQrUrFWRqV-mLxe_V2TAI60VfM-ssyqXW89uo4fxhhqk-B...
  • https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
3560
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 10:32:53 GMT
expires
0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
e6474ebe-e1ce-403f-b4da-4484695a78d1
x-failurereason
Unknown
x-msedge-ref
Ref A: 51533EEA6E634162B29BAF5A461A873D Ref B: LON212050711017 Ref C: 2023-02-02T10:32:53Z
x-officecluster
neu-101.forms.office.com
x-officefe
FormsSingleBox_IN_14
x-officeversion
16.0.16129.42051
x-robots-tag
noindex, nofollow
x-routingcorrelationid
e6474ebe-e1ce-403f-b4da-4484695a78d1
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_14
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
e458e385-dc46-4c0b-b1c1-45170fc281d9
x-usersessionid
e458e385-dc46-4c0b-b1c1-45170fc281d9

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 10:32:53 GMT
location
/Pages/SilentSignInComplete.aspx?fromAR=1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
5454910e-52b1-4dc8-af2a-3413b84ed8db
x-msedge-ref
Ref A: 907A9A9A1D8741B880A8F87DC33D2CDE Ref B: LON212050711017 Ref C: 2023-02-02T10:32:53Z
x-officecluster
neu-101.forms.office.com
x-officefe
FormsSingleBox_IN_1
x-officeversion
16.0.16129.42051
x-routingcorrelationid
5454910e-52b1-4dc8-af2a-3413b84ed8db
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_1
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
5bbde6dc-09fb-4d56-b35a-ceed043e4698
x-usersessionid
5bbde6dc-09fb-4d56-b35a-ceed043e4698
notifyme.php
adtrack.adleadevent.com/ 		0
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.10.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-10-160.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Feb 2023 10:32:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Feb 2023 10:32:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cmp2ui-en.js
cmp.quantcast.com/tcfv2/42/ 		230 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 12:20:32 GMT
content-encoding
br
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
79942
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Tue, 05 Jul 2022 18:40:26 GMT
server
AmazonS3
etag
W/"24932b3e61742029985961c24d35dbb7"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
hKM2D3R_4j0gy9LUf0RoGV8CZ6TGzt_WAnawc2t7Jj9jsMeWAhhTcw==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		350 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80fd4cf05bd80846d467d08abcb621742769fe832f83fa40c9816b8eb3a7e831

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 03:00:41 GMT
content-encoding
br
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
27132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 02 Feb 2023 03:00:32 GMT
server
AmazonS3
etag
W/"721c912bad0ae28ec9367496fc725a0d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
SfuZoTM7TPh0HBZpooLpcVCRgyrv58QkrelX9IE75I_l3EbSPJP0bA==
9.gif
id5-sync.com/i/12/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 02 Feb 2023 10:32:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		151 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept
application/json, text/plain, */*
Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 03:01:40 GMT
content-encoding
br
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
27074
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 02 Feb 2023 03:01:36 GMT
server
AmazonS3
etag
W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
CXLpHlzKSeK4YrRf3RMl6EAiHf1LoS3uTsupA_g0ilychsrZAWp5EA==
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22urlz.fr%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1675333973388%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-oxiewp61r3thxxrh6dzz%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.235.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-235-146.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Feb 2023 10:32:53 GMT
content-length
2
content-type
text/plain; charset=utf-8
silentsignincomplete.aspx
forms.office.com/pages/ Frame C96B
Redirect Chain
  • https://forms.office.com/landing
  • https://forms.office.com/pages/silentsignincomplete.aspx
8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/pages/silentsignincomplete.aspx
Requested by
Host: forms.office.com
URL: https://forms.office.com/?redirecturl=https%3a%2f%2fforms.office.com%2fpages%2fdesignpagev2.aspx%3flang%3dfr-FR%26origin%3dOfficeDotCom%26route%3dStart%26subpage%3ddesign%26id%3dzTuuOHmV1E-t2rQuFJXVWgK7Da06YJxKkuBR63Q016tUNkZMWkc0T1NTQkJFMDU2NFZTTDRLNFNMSS4u
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
3543
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 10:32:53 GMT
expires
0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
3094cb1c-f2ee-4152-8476-3d1fe58ed43a
x-failurereason
Unknown
x-msedge-ref
Ref A: 0F9FA10D9B6640298215714B136CB390 Ref B: LON212050711017 Ref C: 2023-02-02T10:32:53Z
x-officecluster
frc-100.forms.office.com
x-officefe
FormsSingleBox_IN_0
x-officeversion
16.0.16129.42051
x-robots-tag
noindex, nofollow
x-routingcorrelationid
3094cb1c-f2ee-4152-8476-3d1fe58ed43a
x-routingofficecluster
frc-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_0
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
bf466caf-0185-4f98-9951-545e51056434
x-usersessionid
bf466caf-0185-4f98-9951-545e51056434

Redirect headers

content-length
0
date
Thu, 02 Feb 2023 10:32:53 GMT
location
pages/silentsignincomplete.aspx
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
12ddc852-01c4-4512-8d00-88b894a353e5
x-msedge-ref
Ref A: 75A708F95CA0433B94A798635EDFB9E9 Ref B: LON212050711017 Ref C: 2023-02-02T10:32:53Z
x-officecluster
weu-100.forms.office.com
x-officefe
FormsSingleBox_IN_2
x-officeversion
16.0.16129.42051
x-routingcorrelationid
12ddc852-01c4-4512-8d00-88b894a353e5
x-routingofficecluster
weu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_2
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
61a572c3-5e4c-4d44-a8f9-459be4912309
x-usersessionid
61a572c3-5e4c-4d44-a8f9-459be4912309
SilentSignInComplete.aspx
forms.office.com/Pages/ Frame FFEC
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1675333973&rver=7.3.6963.0&wp=MBI_SSL&wreply=https%3A%2F%2Fforms.office.com%2FrpsLanding%3FRpsAuthState%3DA196bhI6htixXMLvwQ6F8x28L-xwib3C...
  • https://forms.office.com/rpsLanding?RpsAuthState=A196bhI6htixXMLvwQ6F8x28L-xwib3CHGtkLM5xkk6P8RvjAkFNiilkFTp5F1b8Zf_YONUGsK1aCVFCHzNp_cGNuGtYxHLUMRn5bgCN8O-Tw7zwIheyDMvai4MreaB3VnlyCMf30BDsH0qL2ynI...
  • https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
8 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://forms.office.com/Pages/SilentSignInComplete.aspx?fromAR=1
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:a92::194 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
3557
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 10:32:53 GMT
expires
0
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
51124131-49ab-478d-880e-a4c6612e2a46
x-failurereason
Unknown
x-msedge-ref
Ref A: DBDA156BCF6B457694591F6AEFE6A8B2 Ref B: LON212050711017 Ref C: 2023-02-02T10:32:53Z
x-officecluster
neu-101.forms.office.com
x-officefe
FormsSingleBox_IN_10
x-officeversion
16.0.16129.42051
x-robots-tag
noindex, nofollow
x-routingcorrelationid
51124131-49ab-478d-880e-a4c6612e2a46
x-routingofficecluster
neu-101.forms.office.com
x-routingofficefe
FormsSingleBox_IN_10
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
77a53c23-6c68-46eb-9fc3-e925535495c1
x-usersessionid
77a53c23-6c68-46eb-9fc3-e925535495c1

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 10:32:53 GMT
location
/Pages/SilentSignInComplete.aspx?fromAR=1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
strict-transport-security
max-age=2592000; includeSubDomains
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-correlationid
c57407a1-fa30-4ceb-8027-256dcf5fe3cc
x-msedge-ref
Ref A: 1AF581BB2A954C7B9FED2BDE64C5E570 Ref B: LON212050711017 Ref C: 2023-02-02T10:32:53Z
x-officecluster
neu-100.forms.office.com
x-officefe
FormsSingleBox_IN_13
x-officeversion
16.0.16129.42051
x-routingcorrelationid
c57407a1-fa30-4ceb-8027-256dcf5fe3cc
x-routingofficecluster
neu-100.forms.office.com
x-routingofficefe
FormsSingleBox_IN_13
x-routingofficeversion
16.0.16129.42051
x-routingsessionid
7d0c8ac7-8044-4ac6-831d-1d82a80aab4d
x-usersessionid
7d0c8ac7-8044-4ac6-831d-1d82a80aab4d
hrd
odc.officeapps.live.com/odc/v2.1/ Frame 74B9 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.68.59 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
92d6f5778771045a266e65061cc52d40ddbf9037e2e23638240afccb0386feba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
public, max-age=1200
content-length
8128
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 10:32:53 GMT
expires
Thu, 02 Feb 2023 10:52:53 GMT
last-modified
Thu, 02 Feb 2023 10:32:53 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
Microsoft-IIS/10.0
vary
*
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-correlationid
dacb0f66-117a-406d-98e5-ec959b0c9686
x-officecluster
frc-000.odc.officeapps.live.com
x-officefe
OdcFE_IN_50
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-ua-compatible
IE=11
x-usersessionid
dacb0f66-117a-406d-98e5-ec959b0c9686
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame F9BD 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.162.226 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e06ee82491c143dae8e935c009852ea5840da91b7b4fe8ad83b61edb01ff22cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1675333973684
accept-language
fr-FR,fr;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 02 Feb 2023 10:32:55 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
2191
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.162.226 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 02 Feb 2023 10:32:54 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
hrd
odc.officeapps.live.com/odc/v2.1/ Frame C06A 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.min.fc3e1bb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.68.59 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c5f0ba26f2680ccc3d5df6a91f1f7ace14d2a8d021ad311472617d367a03322c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://forms.office.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
public, max-age=1200
content-length
8128
content-type
text/html; charset=utf-8
date
Thu, 02 Feb 2023 10:32:53 GMT
expires
Thu, 02 Feb 2023 10:52:53 GMT
last-modified
Thu, 02 Feb 2023 10:32:53 GMT
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
server
Microsoft-IIS/10.0
vary
*
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-correlationid
8e73d57b-03b0-4895-8c8d-b379018216e7
x-officecluster
frc-000.odc.officeapps.live.com
x-officefe
OdcFE_IN_50
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-ua-compatible
IE=11
x-usersessionid
8e73d57b-03b0-4895-8c8d-b379018216e7
hrd.css
odc.officeapps.live.com/odc/stat/ Frame C06A 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.css?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.68.59 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ff09ddce3a55505346a551874b4a1cac73120c05f1207f47d973c4e952b0987
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_50
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
5050
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
457a3ba1-c763-47e2-bc63-8efbe10885e5
x-correlationid
457a3ba1-c763-47e2-bc63-8efbe10885e5
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=2419200
accept-ranges
bytes
microsoft_logo.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame C06A 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.146.37 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-146-37.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_36
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
1464
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
7cd3a0fa-c275-4198-8a5b-9ebc2d1087af
x-correlationid
7cd3a0fa-c275-4198-8a5b-9ebc2d1087af
x-officecluster
weu-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=1922002
accept-ranges
bytes
picker-account-aad.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame C06A 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-aad.svg?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.146.37 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-146-37.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:54 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_70
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
756
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
6d5e3aae-d661-4b47-8075-e53045a6b0d1
x-correlationid
6d5e3aae-d661-4b47-8075-e53045a6b0d1
x-officecluster
weu-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
content-type
image/svg+xml
cache-control
private, max-age=1922044
accept-ranges
bytes
picker-account-msa.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame C06A 		379 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.svg?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.146.37 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-146-37.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:54 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_21
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
379
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
faf6edeb-1006-4aa1-991d-dd5e1aac0ed2
x-correlationid
faf6edeb-1006-4aa1-991d-dd5e1aac0ed2
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
content-type
image/svg+xml
cache-control
private, max-age=1921987
accept-ranges
bytes
jquery-1.12.4.1.min.js
cdn.odc.officeapps.live.com/odc/stat/ Frame C06A 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/jquery-1.12.4.1.min.js?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.146.37 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-146-37.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
33842
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
99c1e6fe-ec96-4883-ae34-fd5df7807298
x-correlationid
99c1e6fe-ec96-4883-ae34-fd5df7807298
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1860938
accept-ranges
bytes
knockout-3.4.2.js
cdn.odc.officeapps.live.com/odc/stat/ Frame C06A 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/knockout-3.4.2.js?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.146.37 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-146-37.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_93
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
22381
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
7e666c53-b567-4a05-b321-73ccf8b7c67a
x-correlationid
7e666c53-b567-4a05-b321-73ccf8b7c67a
x-officecluster
uks-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1977517
accept-ranges
bytes
CommonDiagnostics.js
cdn.odc.officeapps.live.com/odc/stat/ Frame C06A 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.146.37 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-146-37.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_36
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
12330
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
812bc125-80c9-461c-b2f0-3c343cbb079d
x-correlationid
812bc125-80c9-461c-b2f0-3c343cbb079d
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1860919
accept-ranges
bytes
jsonstrings
odc.officeapps.live.com/odc/ Frame C06A 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/jsonstrings?g=EmailHrdv2&mkt=1036&hm=0
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.68.59 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7a70bcdb522c036279a39ff1c8637cc19b9080688e7d3acacf718008378c9b52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
x-content-type-options
nosniff
x-correlationid
23fc9307-4bf6-4622-8bc5-1a87c2d34bb2
server
Microsoft-IIS/10.0
x-usersessionid
23fc9307-4bf6-4622-8bc5-1a87c2d34bb2
x-officecluster
frc-000.odc.officeapps.live.com
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_50
content-type
text/javascript; charset=utf-8
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public, max-age=3600
content-length
4177
hrd.min.js
odc.officeapps.live.com/odc/stat/ Frame C06A 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.min.js?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.68.59 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
54a2f5eca1b0e7eda5cd0863fe8acbc23825a3d93108f11a2f654d537687f963
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_50
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
4909
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
a3c1604e-8dd7-4221-b769-40622f9291fe
x-correlationid
a3c1604e-8dd7-4221-b769-40622f9291fe
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=2419200
accept-ranges
bytes
hrd.css
odc.officeapps.live.com/odc/stat/ Frame 74B9 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.css?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.68.59 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ff09ddce3a55505346a551874b4a1cac73120c05f1207f47d973c4e952b0987
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_50
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
5050
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
15ece781-6109-4143-87f9-dadbc22470b8
x-correlationid
15ece781-6109-4143-87f9-dadbc22470b8
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
vary
Accept-Encoding
content-type
text/css
cache-control
private, max-age=2419200
accept-ranges
bytes
microsoft_logo.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame 74B9 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.146.37 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-146-37.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_36
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
1464
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
7cd3a0fa-c275-4198-8a5b-9ebc2d1087af
x-correlationid
7cd3a0fa-c275-4198-8a5b-9ebc2d1087af
x-officecluster
weu-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=1922002
accept-ranges
bytes
picker-account-aad.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame 74B9 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-aad.svg?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.146.37 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-146-37.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:54 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_70
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
756
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
6d5e3aae-d661-4b47-8075-e53045a6b0d1
x-correlationid
6d5e3aae-d661-4b47-8075-e53045a6b0d1
x-officecluster
weu-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
content-type
image/svg+xml
cache-control
private, max-age=1922044
accept-ranges
bytes
picker-account-msa.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame 74B9 		379 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.svg?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.146.37 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-146-37.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:54 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_21
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
379
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
faf6edeb-1006-4aa1-991d-dd5e1aac0ed2
x-correlationid
faf6edeb-1006-4aa1-991d-dd5e1aac0ed2
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
content-type
image/svg+xml
cache-control
private, max-age=1921987
accept-ranges
bytes
jquery-1.12.4.1.min.js
cdn.odc.officeapps.live.com/odc/stat/ Frame 74B9 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/jquery-1.12.4.1.min.js?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.146.37 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-146-37.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_32
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
33842
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
99c1e6fe-ec96-4883-ae34-fd5df7807298
x-correlationid
99c1e6fe-ec96-4883-ae34-fd5df7807298
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1860938
accept-ranges
bytes
knockout-3.4.2.js
cdn.odc.officeapps.live.com/odc/stat/ Frame 74B9 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/knockout-3.4.2.js?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.146.37 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-146-37.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_93
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
22381
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
7e666c53-b567-4a05-b321-73ccf8b7c67a
x-correlationid
7e666c53-b567-4a05-b321-73ccf8b7c67a
x-officecluster
uks-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1977517
accept-ranges
bytes
CommonDiagnostics.js
cdn.odc.officeapps.live.com/odc/stat/ Frame 74B9 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.146.37 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-146-37.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16117.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_36
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
12330
last-modified
Tue, 17 Jan 2023 10:00:08 GMT
server
Microsoft-IIS/10.0
x-usersessionid
812bc125-80c9-461c-b2f0-3c343cbb079d
x-correlationid
812bc125-80c9-461c-b2f0-3c343cbb079d
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0c4cf7a5a2ad91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1860919
accept-ranges
bytes
jsonstrings
odc.officeapps.live.com/odc/ Frame 74B9 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/jsonstrings?g=EmailHrdv2&mkt=1036&hm=0
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.68.59 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7a70bcdb522c036279a39ff1c8637cc19b9080688e7d3acacf718008378c9b52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
x-content-type-options
nosniff
x-correlationid
bb710d3f-424f-41ce-be39-330e0fd6c256
server
Microsoft-IIS/10.0
x-usersessionid
bb710d3f-424f-41ce-be39-330e0fd6c256
x-officecluster
frc-000.odc.officeapps.live.com
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_50
content-type
text/javascript; charset=utf-8
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cache-control
public, max-age=3600
content-length
4177
hrd.min.js
odc.officeapps.live.com/odc/stat/ Frame 74B9 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.min.js?b=16123.30550
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.68.59 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
54a2f5eca1b0e7eda5cd0863fe8acbc23825a3d93108f11a2f654d537687f963
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/odc/v2.1/hrd?rs=fr-FR&Ver=16&app=111&p=6&hm=0&fpEnabled=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_50
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
4909
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
5591171d-7792-458b-8245-90ade2c6c554
x-correlationid
5591171d-7792-458b-8245-90ade2c6c554
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=2419200
accept-ranges
bytes
Background-blurryGradient.svg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame C06A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odc.officeapps.live.com/odc/stat/images/hrd/Background-blurryGradient.svg
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/stat/hrd.css?b=16123.30550
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.109.68.59 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=16123.30550
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 10:32:53 GMT
x-content-type-options
nosniff
x-officeversion
16.0.16123.30550
x-powered-by
ASP.NET
x-officefe
OdcFE_IN_50
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-length
2267
last-modified
Mon, 23 Jan 2023 11:28:04 GMT
server
Microsoft-IIS/10.0
x-usersessionid
3640c803-4342-4214-9507-8f6d02bc959e
x-correlationid
3640c803-4342-4214-9507-8f6d02bc959e
x-officecluster
frc-000.odc.officeapps.live.com
etag
"0fa7c21d2fd91:0"
content-type
image/svg+xml
cache-control
private, max-age=2419200
accept-ranges
bytes
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame A299 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.jsll-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.162.226 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
21242594693da0bfeb4576691cb26e9e215127448e17d204b1af253498f5e301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1675333974540
accept-language
fr-FR,fr;q=0.9
client-version
1DS-Web-JS-3.2.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
a0d933fc7f95442badc743f4d77f4aab-f980f8ea-160a-4432-92a4-80c87df83f4b-7539
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 02 Feb 2023 10:32:55 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
1520
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.162.226 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 02 Feb 2023 10:32:54 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame F9BD 		153 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: cdn.forms.office.net
URL: https://cdn.forms.office.net/forms/scripts/dists/default-page.chunk.1ds.6dc5e5d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.162.226 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e41d4192e517aa3b92d58434636b6fae1e2f51dd09d5598b10dfa9f9deb65cb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1675333974991
accept-language
fr-FR,fr;q=0.9
client-version
1DS-Web-JS-3.2.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://forms.office.com/
apikey
2ddc7e5f54754fc68f3ae1c5b7f3eb20-1883aa8c-4c7b-42d1-b3d6-c9cdb5956783-7092
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 02 Feb 2023 10:32:55 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
1090
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.162.226 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 02 Feb 2023 10:32:54 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame A299 		0
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.162.226 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 02 Feb 2023 10:32:55 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.162.226 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://forms.office.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://forms.office.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Thu, 02 Feb 2023 10:32:56 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame F9BD 		0
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 		0
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame A299 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange object| __cfQR function| __tcfapi function| __uspapi object| intentiq_tag function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| ab_test_iiq number| random_cent_iiq undefined| s undefined| x number| tmzr_siteid number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26322 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| loadScriptTemelio function| GetMobileDesktop function| GetMobileDesktopId function| GetRichAudienceZone function| GetmnameAdform function| GetwAdform function| GethAdform function| Getsize function| GetsizeRubicon function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText number| nugg_iiq string| pubstack_ab function| whatToLoad object| sublime object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26322 function| refreshVisibility30012 function| Adcall_30012 function| refreshVisibility26328 function| Adcall_26328 string| page boolean| timepast function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| _typeof function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent function| MobileDetect object| md function| verbose object| tmzrChunk object| _pbjsGlobals object| ADAGIO object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_80234 object| pubstack_publica number| bidder_geo function| mapperjs object| __core-js_shared__ boolean| sas_usePostStandard object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| libJsLeadPlace function| quantserve function| __qc object| ezt object| _qoptions object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime function| __tcfapiui undefined| $ undefined| jQuery

32 Cookies

Domain/Path Name / Value
.forms.office.com/ Name: FormsWebSessionId
Value: a2647143-7103-41b1-8669-35a183843e99
.forms.office.com/ Name: usenewauthrollout
Value: True
.forms.office.com/ Name: RpsAuthNonce
Value: 15972e8c-afcb-4186-9853-e6c63545d0cb
forms.office.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 441b03a8-270d-4bf5-93a9-6befb8534321
.office.com/ Name: MUID
Value: 06C1E8738EB264F90C60FADF8AB26FCE
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.bing.com/ Name: MUID
Value: 06C1E8738EB264F90C60FADF8AB26FCE
.c.bing.com/ Name: SRM_B
Value: 06C1E8738EB264F90C60FADF8AB26FCE
.c.office.com/ Name: SM
Value: C
.c.office.com/ Name: ANONCHK
Value: 0
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
.login.microsoftonline.com/ Name: esctx
Value: PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr7xXkXlIq8ZQOztTfBBBLrp44AMjHmULrBdvj0_LEaBbd0L6nJuJiWdtrPNz5c9HOzttJjFqW6Rdg-dez_DBki_48Zg-QzAKH0ruHjzb9R0WYl5i0s2b1UmkH4qsilOeNZqdnjv2HMzofAZ87dji8P3KMjKOtm3699TXBYpncEgAgAA
.urlz.fr/ Name: _ga
Value: GA1.2.52912828.1675333973
.urlz.fr/ Name: _gid
Value: GA1.2.1907188079.1675333973
.urlz.fr/ Name: _gat_gtag_UA_162669458_1
Value: 1
.zeotap.com/ Name: zc
Value: b8e37562-3603-4209-6427-947c14b850fd
.zeotap.com/ Name: zsc
Value: 3h7%5B%DC0%13%3A%D7%90%A8%2B%00%DA%97%5Bp%C2%B09%BE%8C%09K%B9%CF%FF%A1%9C%CF%06iS%EF0g%A7%09%7B%C3%D3a%D3%A0U%B8%C4%8B%8D%8E%A0%DA%AD%07E%16%FF%05%A4%95%08%92%CCD%3C%DE%26%C5%BE%E2%E4.m%CBa%29%EF%CA%DA%D6%8B%86%B5
forms.office.com/ Name: OpenIdConnect.nonce.xxVbJjKI1o6sOQo6L5xcnOM0FG2DGAEkezFc4M1VE2I%3D
Value: ZXlKMlpYSnphVzl1SWpveExDSmtZWFJoSWpwN0lrNGlPaUpCWldJd2NsWTVSbWRoUldGalNqQTVha1pmYm5CZmRVSk9aSGd0WlVGdlpuaHplRTlVVEdSaFRUbHZXRTlNUlU1MVUzTTVZWG90YlRsVmN5MDJhRmhOTW1nNE1EQnlhekJuYVVSTlVUSXdiVGxDWDNsdFVVeElRbXBLTFVNdFJuazVOVGRZU0V0cVpEZGtka2x0ZUhkUmNFMXpiemRhVFhGa1dtcFdiSHBOU25aWFRrTnVlbU0wWWtnME5rUTBXSHBNTW5CUmNuWllOa3huYW5ReVlVWTVTa3hDTjJWUFJtaHVlVnBKT1RSNmFuTlNTM0JCTlVod1FpMVhSM2Q2VUZFNWFHZFNiV04wYjBkd1EwdzNhRzFWU1ZkalNtazBWWEE1UzJZellYaFBhVkZpZUhkWFpIUnVVM0F5WWlKOWZR
.doubleclick.net/ Name: IDE
Value: AHWqTUlQ84XLayPIm-P4qsfOl8wRlj8LwnrjvvaFYCiJ8CoyKLB1HqytLozAwdMUylY
login.microsoftonline.com/ Name: buid
Value: 0.AXoAMe_N-B6jSkuT5F9XHpElWtJZpcmrehNPpu3n6cUq7IcBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrdtY2ygwH1rnUFB762n0cO0fJ_Xh9j2DuMc11pWQLw4OwztcE_jjHTzR342kBhE6jxQog5zpqOetdwY8nMB4NpzRc68rpPlXxwkmhaUeYkWEgAA
login.microsoftonline.com/ Name: fpc
Value: AqfQVBNjFnhCqzGXE1MFC-tiQQPhAgAAAFSIbdsOAAAA
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
forms.office.com/ Name: ai_session
Value: R1FiKmsEIC9jHLsI1Tx+vJ|1675333972679|1675333973538
.login.live.com/ Name: MSPRequ
Value: id=295313&lt=1675333973&co=1
.login.live.com/ Name: uaid
Value: 192989560c524655a6c6b0ba29f51a59

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
audit-tcfv2.cmp.quantcast.com
browser.events.data.microsoft.com
c.bing.com
c.office.com
c.tmyzer.com
cdn.forms.office.net
cdn.odc.officeapps.live.com
ced.sascdn.com
cm.g.doubleclick.net
cmp.quantcast.com
d2zur9cc2gf1tx.cloudfront.net
forms.office.com
gum.criteo.com
id5-sync.com
js.monitor.azure.com
login.live.com
login.microsoftonline.com
mwzeom.zeotap.com
odc.officeapps.live.com
onetag-sys.com
p.cpx.to
rules.quantcount.com
secure.quantserve.com
spl.zeotap.com
static2.sharepointonline.com
tag.leadplace.fr
test.cmp.quantcast.com
urlz.fr
www.google-analytics.com
www.googletagmanager.com
browser.events.data.microsoft.com
104.103.98.78
104.46.162.226
104.83.5.113
104.96.146.37
142.250.186.162
145.239.192.166
162.19.138.119
18.184.235.146
2.16.186.32
20.190.159.23
20.190.159.74
20.234.93.27
2600:9000:20eb:1e00:6:44e3:f8c0:93a1
2600:9000:211e:ac00:9:46dc:4700:93a1
2600:9000:21f3:5000:3:a4cd:8380:93a1
2606:4700:10::6816:1957
2606:4700:3038::6815:ead7
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:4e:1::44
2620:1ec:a92::194
2620:1ec:c11::200
2a00:1450:4001:801::200a
2a00:1450:4001:806::2008
2a00:1450:400d:806::200e
2a02:2638:1::13
2a02:6ea0:c700::19
34.252.124.99
51.38.120.206
52.109.68.59
52.222.137.45
54.154.10.160
54.38.64.100
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
1016d0b9bf41f4fcefa7e9b7de510107def3e64bbeaa39aac00f7b164f642ba9
16c60cd6aff6a6febabbc48e9b7692a9c3b369d12d31749f8117d6d0851d5296
174d9cc46df9a2152ea9f852eb4c02f43d16924fcb9a21ade6a9db279d228ff1
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
21242594693da0bfeb4576691cb26e9e215127448e17d204b1af253498f5e301
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2ff09ddce3a55505346a551874b4a1cac73120c05f1207f47d973c4e952b0987
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
3ac82b5a773ea82258a30c60d277acffa832ce446397fcb6abf39726c4330fb5
3d3083e4d532426021bab4591b757ee5bd5ec33f3e914ae319071d7aeaf53d3c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
47e3590d50e4b930960d1c0deb3fc7d453f2f38a2fc5c0f24b9862eac7169a75
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
54a2f5eca1b0e7eda5cd0863fe8acbc23825a3d93108f11a2f654d537687f963
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5bb06f052a7fa32f471f2e65b09f3a294b6fd633ea7e6989f6fd6b9f799fc995
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c
65efeac160ccc469ad55cfaa6fb94254f1bf8f89ae913b3e50407021c3f42ed4
67dd96644fcce9cc703ebf1ede6a7a96b42fe909d024f0eee3e826ae0a59f66d
6a5f7b93d67537c9484ae5a33c7b69146eb548fa520d7807361172b7c5040b19
70ee840253a7cb7c07edabed96e9a7cf14e2099c8ee00fc0e1bebd6628d773fe
773a678845579e6334f19d4e62f29446e7898bd816359c74574e37884503f909
7a70bcdb522c036279a39ff1c8637cc19b9080688e7d3acacf718008378c9b52
7bb23de30daa7e81e2fafc5d2fbcada4b6fefc10c3251661952a341d6864aa8e
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
80fd4cf05bd80846d467d08abcb621742769fe832f83fa40c9816b8eb3a7e831
8c979ed3785f184174cba3c38dd0ebbd5b244add676982d9aeafb57b3e53b1a4
92d6f5778771045a266e65061cc52d40ddbf9037e2e23638240afccb0386feba
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
99bfece6cb4ae74dd28d281e2988079ae8ccd7f7f0d2be518856725494444f88
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
a4f3df368cb788bf3ed15324ed8a6089538c67c4f9ef04f36b3f4b57bfdf6680
a8efe51cbecdad4bc99bcab6208c535224c81077f92247249f93ce079be3b4a7
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b52ad46ce393602be0dcc61bf96cf97052d1e2c74f97bb85104a0889f690d4c8
b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863
b66a5c41dda8640ef2fb42901bee5437dcdc746f018ab7bfa42fa6cfddc830f8
bdaed87455d44bedfed27515f3ec4d5c0ba95c6dd3d1ee0a80e0e98168302784
c5f0ba26f2680ccc3d5df6a91f1f7ace14d2a8d021ad311472617d367a03322c
cacd215430aa66f1391abd136f23ddb729b3fe44c6385a43b62d7a9e8479ea03
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d2581f2491c811e1e503e840938053e668884798e5dcc5eb43de83d146a7ed89
d4d110e8a9fe26f1b2ef2b740141aa2d689495776e048f511a784b2eeccb476c
e04d8bf6cee881ad0cef30e96394941a795549d0876bf508a4763f065fa4a698
e06ee82491c143dae8e935c009852ea5840da91b7b4fe8ad83b61edb01ff22cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d4192e517aa3b92d58434636b6fae1e2f51dd09d5598b10dfa9f9deb65cb8
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
ea2a9fd6d1e3ce307d9bf610802a2139a2bd134e9a3e8e8bfb0bc8ef97f0097e
f19aeb615472c877093fe373b0011ce3c251d4547b7e405a4eb7732b650bf045
fd8d066831042197f4829d33095327e91b746a726b554327e6832e195ec51934