espace-client.plum.fr Open in urlscan Pro
52.209.58.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://espace-clients.preprod.plum.fr/
Effective URL:
https://espace-client.plum.fr/v2
Submission: On September 05 via automatic, source certstream-suspicious (September 5th 2021, 12:18:50 pm UTC)

Summary HTTP 41 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 9 domains to perform 41 HTTP transactions. The main IP is 52.209.58.104, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is espace-client.plum.fr.
TLS certificate: Issued by R3 on July 6th 2021. Valid for: 3 months.

This is the only time espace-client.plum.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.215.238.75 52.215.238.75	16509 (AMAZON-02) (AMAZON-02)
1 11	52.209.58.104 52.209.58.104	16509 (AMAZON-02) (AMAZON-02)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:2240:8800:1c:f638:2940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:d400:19:61a3:b200:93a1	16509 (AMAZON-02) (AMAZON-02)
3	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
41	12

1 52.215.238.75 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-238-75.eu-west-1.compute.amazonaws.com

espace-clients.preprod.plum.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.209.58.104 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-58-104.eu-west-1.compute.amazonaws.com

espace-client.plum.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:8800:1c:f638:2940:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.axept.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:d400:19:61a3:b200:93a1 (United States)

ASN16509 (AMAZON-02, US)

client.axept.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

plum-energie.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

axeptio.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google-analytics.com www.google-analytics.com	20 KB
12	plum.fr 2 redirects espace-clients.preprod.plum.fr espace-client.plum.fr	4 MB
8	zdassets.com static.zdassets.com ekr.zdassets.com	321 KB
3	zendesk.com plum-energie.zendesk.com	2 KB
2	imgix.net axeptio.imgix.net	19 KB
2	axept.io static.axept.io client.axept.io	171 KB
2	googletagmanager.com www.googletagmanager.com	135 KB
1	doubleclick.net stats.g.doubleclick.net	89 B
1	jsdelivr.net cdn.jsdelivr.net	2 KB
41	9

	Domain	Requested by
12	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
11	espace-client.plum.fr	1 redirects espace-client.plum.fr
7	static.zdassets.com	espace-client.plum.fr static.zdassets.com
3	plum-energie.zendesk.com	static.zdassets.com
2	axeptio.imgix.net
2	www.googletagmanager.com	espace-client.plum.fr www.googletagmanager.com
1	client.axept.io	static.axept.io
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.axept.io	espace-client.plum.fr
1	ekr.zdassets.com	static.zdassets.com
1	cdn.jsdelivr.net	espace-client.plum.fr
1	espace-clients.preprod.plum.fr	1 redirects
41	12

This site contains links to these domains. Also see Links.

Domain
axeptio.eu

Subject Issuer	Validity	Valid
plum-energie.fr R3	`2021-07-06` - `2021-10-04`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
static.axeptio.eu Amazon	`2021-08-19` - `2022-09-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
client.axept.io Amazon	`2020-10-31` - `2021-11-30`	a year	crt.sh
plum-energie.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-22` - `2022-06-21`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://espace-client.plum.fr/v2
Frame ID: F7BA9CA15F5134BB6B26BB06A43595F5
Requests: 34 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js
Frame ID: 6757FB9B0C331DAA4487E215EECCCE86
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Plüm énergie : fournisseur d'électricité de nouvelle génération

Page URL History Show full URLs

https://espace-clients.preprod.plum.fr/ HTTP 301
https://espace-client.plum.fr/ HTTP 301
https://espace-client.plum.fr/v2 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

41
Requests

100 %
HTTPS

58 %
IPv6

9
Domains

12
Subdomains

12
IPs

5
Countries

4279 kB
Transfer

7599 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://axeptio.eu/?utm_source=espace-client.plum.fr&utm_medium=widget
Title: Découvrez Axeptio

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://espace-clients.preprod.plum.fr/ HTTP 301
https://espace-client.plum.fr/ HTTP 301
https://espace-client.plum.fr/v2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request v2 Show response
espace-client.plum.fr/
Redirect Chain

https://espace-clients.preprod.plum.fr/
https://espace-client.plum.fr/
https://espace-client.plum.fr/v2

2 KB
3 KB

52ms
52ms

Document
text/html

52.209.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://espace-client.plum.fr/v2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.209.58.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-58-104.eu-west-1.compute.amazonaws.com

Software

CERN httpd/2.03-beta /

Resource Hash

fc1523e4c0aeb8e567d0bd83ce6c8a3b5c9fbba8458df59da2370bfdefb32085

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://.unergie.com https://.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://.unergie.com:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: espace-client.plum.fr
:scheme: https
:path: /v2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server: CERN httpd/2.03-beta
date: Sun, 05 Sep 2021 12:18:21 GMT
content-type: text/html
etag: W/"611d156f-97f"
last-modified: Wed, 18 Aug 2021 14:13:03 GMT
set-cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723;Path=/; Expires=Tue, 12-Aug-2121 12:18:21 GMT; SameSite=None; Secure;
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://*.unergie.com https://*.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://*.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://*.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://*.unergie.com:*
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=0; report-uri="https://espace-client.plum.fr/ct/reportOnly"
x-content-type-options: nosniff
content-encoding: br

Redirect headers

server: CERN httpd/2.03-beta
date: Sun, 05 Sep 2021 12:18:21 GMT
content-type: text/html
content-length: 177
location: https://espace-client.plum.fr/v2

GET
H2 200 main.c27c748c.css
espace-client.plum.fr/v2/css/ 2 MB
361 KB 91ms
91ms Stylesheet
text/css 52.209.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://espace-client.plum.fr/v2/css/main.c27c748c.css

Requested by

Host: espace-client.plum.fr
URL: https://espace-client.plum.fr/v2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.209.58.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-58-104.eu-west-1.compute.amazonaws.com

Software

CERN httpd/2.03-beta /

Resource Hash

a346f8c55ee0a3bbb94247edf6a4f27fdbab08a87cfc8e0a60c7f3573837a31c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://.unergie.com https://.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://.unergie.com:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /v2/css/main.c27c748c.css
pragma: no-cache
cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: espace-client.plum.fr
referer: https://espace-client.plum.fr/v2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:21 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Aug 2021 14:13:03 GMT
server: CERN httpd/2.03-beta
etag: W/"611d156f-2067c7"
expect-ct: max-age=0; report-uri="https://espace-client.plum.fr/ct/reportOnly"
x-frame-options: SAMEORIGIN
content-type: text/css
set-cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723;Path=/; Expires=Tue, 12-Aug-2121 12:18:21 GMT; SameSite=None; Secure;
x-xss-protection: 1; mode=block
cache-control: no-cache
content-security-policy: default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://*.unergie.com https://*.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://*.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://*.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://*.unergie.com:*
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H2 200 chunk-vendors.31050008.js Show response
espace-client.plum.fr/v2/js/ 2 MB
2 MB 101ms
100ms Script
text/javascript 52.209.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://espace-client.plum.fr/v2/js/chunk-vendors.31050008.js

Requested by

Host: espace-client.plum.fr
URL: https://espace-client.plum.fr/v2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.209.58.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-58-104.eu-west-1.compute.amazonaws.com

Software

CERN httpd/2.03-beta /

Resource Hash

8d91bb431ff4f45d874d63f06466acfee8860f80b4f253262fc0b2064daed3e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://.unergie.com https://.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://.unergie.com:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /v2/js/chunk-vendors.31050008.js
pragma: no-cache
cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: espace-client.plum.fr
referer: https://espace-client.plum.fr/v2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:21 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Aug 2021 14:13:03 GMT
server: CERN httpd/2.03-beta
etag: W/"611d156f-25d3a6"
expect-ct: max-age=0; report-uri="https://espace-client.plum.fr/ct/reportOnly"
x-frame-options: SAMEORIGIN
content-type: text/javascript
set-cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723;Path=/; Expires=Tue, 12-Aug-2121 12:18:21 GMT; SameSite=None; Secure;
x-xss-protection: 1; mode=block
cache-control: no-cache
content-security-policy: default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://*.unergie.com https://*.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://*.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://*.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://*.unergie.com:*
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H2 200 main.69fc323a.js Show response
espace-client.plum.fr/v2/js/ 580 KB
583 KB 170ms
169ms Script
text/javascript 52.209.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://espace-client.plum.fr/v2/js/main.69fc323a.js

Requested by

Host: espace-client.plum.fr
URL: https://espace-client.plum.fr/v2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.209.58.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-58-104.eu-west-1.compute.amazonaws.com

Software

CERN httpd/2.03-beta /

Resource Hash

9624bf779b21dfb9748fce92c7e7b52adb0eb78857b0c5403432d343c8da0e54

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://.unergie.com https://.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://.unergie.com:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /v2/js/main.69fc323a.js
pragma: no-cache
cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: espace-client.plum.fr
referer: https://espace-client.plum.fr/v2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:21 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Aug 2021 14:13:03 GMT
server: CERN httpd/2.03-beta
etag: W/"611d156f-90f61"
expect-ct: max-age=0; report-uri="https://espace-client.plum.fr/ct/reportOnly"
x-frame-options: SAMEORIGIN
content-type: text/javascript
set-cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723;Path=/; Expires=Tue, 12-Aug-2121 12:18:21 GMT; SameSite=None; Secure;
x-xss-protection: 1; mode=block
cache-control: no-cache
content-security-policy: default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://*.unergie.com https://*.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://*.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://*.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://*.unergie.com:*
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 72ms
30ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=4dd3323e-521b-4d59-9bc6-71d4f32df57f

Requested by

Host: espace-client.plum.fr
URL: https://espace-client.plum.fr/v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: AFCHPMMQC0MR0QVW
x-amz-id-2: l9JORqewi1Kaf/MIfBVgW3lWKhzqm9pR/5W9w/bSwVNXHcE8Qt84drx+smNydS5Fnoe1r81m5Us=
last-modified: Wed, 09 Jun 2021 00:08:59 GMT
server: cloudflare
etag: W/"cc904f41324148b571599b3b02fdec0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40xk1QocNJpbp70gMi%2Fb5%2BaBy%2BsLjY8B7Eexq3C6aqtdvq5hAOFXR%2BHuvZwvoDJAnclNaVf9hxHAM5KqVFAt%2BnFKF42R2EkONu9Mv6wCOyBO60qpgoEt6goqd4K4Wcp%2FyHqZLF8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: VFukQxfz8SFs4LT0u8yzm_CAm2zq09sT
cf-ray: 689f66990b761d02-CPH

GET
H2 200 polyfill.min.js Show response
cdn.jsdelivr.net/npm/promise-polyfill@8/dist/ 4 KB
2 KB 18ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js

Requested by

Host: espace-client.plum.fr
URL: https://espace-client.plum.fr/v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e17ae17f90ae983832f3709e67de0f7902fe1014568410534615235a158d7af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 37329
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1372
etag: W/"f21-7y8qDdUZ0tHOjRWwA1LCbmu2V2I"
x-served-by: cache-fra19166-FRA
date: Sun, 05 Sep 2021 12:18:32 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 4dd3323e-521b-4d59-9bc6-71d4f32df57f Show response
ekr.zdassets.com/compose/ 446 B
1005 B 818ms
772ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/4dd3323e-521b-4d59-9bc6-71d4f32df57f

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4dd3323e-521b-4d59-9bc6-71d4f32df57f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

021604dfb0dae92bb24f3ed7e4e93c5c7826b198eb9a56acbb5273869b170ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:33 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: 76e2f591-5103-4f96-a136-5c6f6a868a4f
x-runtime: 0.002081
server: cloudflare
etag: W/"021604dfb0dae92bb24f3ed7e4e93c5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CC6gHNV%2Fv7l5orm6Gnk2uURJ%2FD1RgyYmdr%2FwfIerZjkNJ0Dta2ZwppsbPkryy8ZB2aiu%2F%2Fwc%2BtMgirZNOwd9RFcpLXAqgrUBN%2BK1bhv8hTImxsK0T0T5e6ZDCrBk1zuQ6iw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 689f66999c1410f3-CPH

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 272 KB
73 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WL84WGW&l=dataLayer

Requested by

Host: espace-client.plum.fr
URL: https://espace-client.plum.fr/v2/js/chunk-vendors.31050008.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

031fea69405bdc469be6f7694f342c4d38d333eb7103967322306d41952e25b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75111
x-xss-protection: 0
last-modified: Sun, 05 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Sep 2021 12:18:33 GMT

GET
H2 401 check-login Show response
espace-client.plum.fr/api-user/selfcare/ 42 B
746 B 54ms
53ms XHR
application/json 52.209.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://espace-client.plum.fr/api-user/selfcare/check-login

Requested by

Host: espace-client.plum.fr
URL: https://espace-client.plum.fr/v2/js/chunk-vendors.31050008.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.209.58.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-58-104.eu-west-1.compute.amazonaws.com

Software

CERN httpd/2.03-beta /

Resource Hash

cfced806e3414c6b836b8060ed303964c8b498aca43836f2b0a087c56371ab74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' *.plum.fr plum.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /api-user/selfcare/check-login
pragma: no-cache
cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: espace-client.plum.fr
referer: https://espace-client.plum.fr/v2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:22 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 42
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: CERN httpd/2.03-beta
x-frame-options: DENY
etag: W/"2a-wR5773S5Iqr9hem819cTH8cvzZw"
expect-ct: max-age=0; report-uri="https://espace-client.plum.fr/ct/reportOnly"
x-urg-id-req: AU_bjw71jcs
access-control-allow-methods: POST, GET, DELETE, PUT, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://plum.fr
access-control-allow-credentials: true
content-security-policy: default-src 'self' *.plum.fr plum.fr
set-cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723;Path=/; Expires=Tue, 12-Aug-2121 12:18:22 GMT; SameSite=None; Secure;
access-control-allow-headers: Content-Type, Groups, X-Requested-With, Origin

GET
H2 401 check-login Show response
espace-client.plum.fr/api-user/selfcare/ 42 B
746 B 499ms
499ms XHR
application/json 52.209.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://espace-client.plum.fr/api-user/selfcare/check-login

Requested by

Host: espace-client.plum.fr
URL: https://espace-client.plum.fr/v2/js/chunk-vendors.31050008.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.209.58.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-58-104.eu-west-1.compute.amazonaws.com

Software

CERN httpd/2.03-beta /

Resource Hash

cfced806e3414c6b836b8060ed303964c8b498aca43836f2b0a087c56371ab74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' *.plum.fr plum.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /api-user/selfcare/check-login
pragma: no-cache
cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: espace-client.plum.fr
referer: https://espace-client.plum.fr/v2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:22 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 42
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: CERN httpd/2.03-beta
x-frame-options: DENY
etag: W/"2a-wR5773S5Iqr9hem819cTH8cvzZw"
expect-ct: max-age=0; report-uri="https://espace-client.plum.fr/ct/reportOnly"
x-urg-id-req: AU_wsyy37sm
access-control-allow-methods: POST, GET, DELETE, PUT, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://plum.fr
access-control-allow-credentials: true
content-security-policy: default-src 'self' *.plum.fr plum.fr
set-cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723;Path=/; Expires=Tue, 12-Aug-2121 12:18:22 GMT; SameSite=None; Secure;
access-control-allow-headers: Content-Type, Groups, X-Requested-With, Origin

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 169 KB
62 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H4F09VH8E7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL84WGW&l=dataLayer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93568f4ff77a001668b51aa946cbfc28c25ad06ec5963b3e27465b0e4737bf7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63363
x-xss-protection: 0
expires: Sun, 05 Sep 2021 12:18:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WL84WGW&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2774
date: Sun, 05 Sep 2021 11:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 05 Sep 2021 13:32:19 GMT

GET
H2 200 sdk.js Show response
static.axept.io/ 595 KB
166 KB 33ms
6ms Script
text/javascript 2600:9000:2240:8800:1c:f638:2940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.axept.io/sdk.js
Requested by: Host: espace-client.plum.fr
URL: https://espace-client.plum.fr/v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:8800:1c:f638:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c08063699ae478a991a749cc9a9c5b8200445f2c3fa22a7d344c367696c0a997

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 07:51:10 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 15:45:24 GMT
server: AmazonS3
age: 16044
etag: W/"49d4cffb23c27c9bad356838a5760dbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: potEaUYOvzirsedr7KEPvDXE4vbKDyHDhn5u7l-XElouTlr2UMs9zQ==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=2118637191&t=pageview&_s=1&dl=https%3A%2F%2Fespace-client.plum.fr%2Fv2&dp=%2Fv2&ul=en-us&de=UTF-8&dt=Pl%C3%BCm%20%C3%A9nergie%20%3A%20fournisseur%20d%27%C3%A9lectricit%C3%A9%20de%20nouvelle%20g%C3%A9n%C3%A9ration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1872977798&gjid=1874067196&cid=1747780855.1630844313&tid=UA-77876022-4&_gid=1380037151.1630844313&_r=1&gtm=2wg910WL84WGW&cd2=1747780855.1630844313&z=283764926

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 12:18:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://espace-client.plum.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=2118637191&t=event&ni=1&_s=1&dl=https%3A%2F%2Fespace-client.plum.fr%2Fv2&dp=%2Fv2&ul=en-us&de=UTF-8&dt=Pl%C3%BCm%20%C3%A9nergie%20%3A%20fournisseur%20d%27%C3%A9lectricit%C3%A9%20de%20nouvelle%20g%C3%A9n%C3%A9ration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50&el=%2Fv2&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1747780855.1630844313&tid=UA-77876022-4&_gid=1380037151.1630844313&gtm=2wg910WL84WGW&cd2=1747780855.1630844313&z=617842170

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 21:40:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52699
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 21:40:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52699
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=2118637191&t=event&ni=1&_s=1&dl=https%3A%2F%2Fespace-client.plum.fr%2Fv2&dp=%2Fv2&ul=en-us&de=UTF-8&dt=Pl%C3%BCm%20%C3%A9nergie%20%3A%20fournisseur%20d%27%C3%A9lectricit%C3%A9%20de%20nouvelle%20g%C3%A9n%C3%A9ration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=70&el=%2Fv2&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1747780855.1630844313&tid=UA-77876022-4&_gid=1380037151.1630844313&gtm=2wg910WL84WGW&cd2=1747780855.1630844313&z=161686569

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 21:40:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52699
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=2118637191&t=event&ni=1&_s=1&dl=https%3A%2F%2Fespace-client.plum.fr%2Fv2&dp=%2Fv2&ul=en-us&de=UTF-8&dt=Pl%C3%BCm%20%C3%A9nergie%20%3A%20fournisseur%20d%27%C3%A9lectricit%C3%A9%20de%20nouvelle%20g%C3%A9n%C3%A9ration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=70&el=%2Fv2&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1747780855.1630844313&tid=UA-77876022-4&_gid=1380037151.1630844313&gtm=2wg910WL84WGW&cd2=1747780855.1630844313&cm8=1&z=1396580514

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 21:40:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52699
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=2118637191&t=event&ni=1&_s=1&dl=https%3A%2F%2Fespace-client.plum.fr%2Fv2&dp=%2Fv2&ul=en-us&de=UTF-8&dt=Pl%C3%BCm%20%C3%A9nergie%20%3A%20fournisseur%20d%27%C3%A9lectricit%C3%A9%20de%20nouvelle%20g%C3%A9n%C3%A9ration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=75&el=%2Fv2&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1747780855.1630844313&tid=UA-77876022-4&_gid=1380037151.1630844313&gtm=2wg910WL84WGW&cd2=1747780855.1630844313&cm8=1&z=1747281382

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 21:40:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52699
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=2118637191&t=event&ni=1&_s=1&dl=https%3A%2F%2Fespace-client.plum.fr%2Fv2&dp=%2Fv2&ul=en-us&de=UTF-8&dt=Pl%C3%BCm%20%C3%A9nergie%20%3A%20fournisseur%20d%27%C3%A9lectricit%C3%A9%20de%20nouvelle%20g%C3%A9n%C3%A9ration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=90&el=%2Fv2&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1747780855.1630844313&tid=UA-77876022-4&_gid=1380037151.1630844313&gtm=2wg910WL84WGW&cd2=1747780855.1630844313&cm9=1&z=1135216852

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 21:40:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52699
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=2118637191&t=event&ni=1&_s=1&dl=https%3A%2F%2Fespace-client.plum.fr%2Fv2&dp=%2Fv2&ul=en-us&de=UTF-8&dt=Pl%C3%BCm%20%C3%A9nergie%20%3A%20fournisseur%20d%27%C3%A9lectricit%C3%A9%20de%20nouvelle%20g%C3%A9n%C3%A9ration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=100&el=%2Fv2&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1747780855.1630844313&tid=UA-77876022-4&_gid=1380037151.1630844313&gtm=2wg910WL84WGW&cd2=1747780855.1630844313&z=360339648

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 21:40:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52699
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-77876022-4&cid=1747780855.1630844313&jid=1872977798&gjid=1874067196&_gid=1380037151.1630844313&_u=YEBAAEAAAAAAAC~&z=1605438399

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 05 Sep 2021 12:18:33 GMT
content-type: text/plain
access-control-allow-origin: https://espace-client.plum.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H4F09VH8E7&gtm=2oe910&_p=2118637191&sr=1600x1200&ul=en-us&cid=1747780855.1630844313&_s=1&dl=https%3A%2F%2Fespace-client.plum.fr%2Fv2&dt=Pl%C3%BCm%20%C3%A9nergie%20%3A%20fournisseur%20d%27%C3%A9lectricit%C3%A9%20de%20nouvelle%20g%C3%A9n%C3%A9ration&sid=1630844313&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4F09VH8E7&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 12:18:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://espace-client.plum.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5fd0ca8c4e162e63c3dc6636.json Show response
client.axept.io/ 21 KB
5 KB 32ms
7ms Fetch
application/json 2600:9000:223c:d400:19:61a3:b200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.axept.io/5fd0ca8c4e162e63c3dc6636.json?r=0
Requested by: Host: static.axept.io
URL: https://static.axept.io/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d400:19:61a3:b200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bfe8d9ffebe5968c3d723076a8563888eb0cdf90cc5abf124db769f66c4bb69

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 13:32:35 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 81959
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 02 Jul 2021 15:18:44 GMT
server: AmazonS3
etag: W/"389b07cf9c1c95894ed0e92fa07f691b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 6oppJpUha9kW0VQgwNM.FplqX4m01JVD
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
x-amz-cf-pop: FRA56-P2
content-type: application/json
x-amz-cf-id: uI_lWu-Wfs4Sju7X9dIULezC_zw-qUtzFRNJHaI3adywhbRzMRx8Fg==

GET
H2 200 web-widget-preload-c11c853e3495048c3769.js Show response
static.zdassets.com/web_widget/latest/ Frame 6757 88 KB
32 KB 32ms
31ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4dd3323e-521b-4d59-9bc6-71d4f32df57f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f931727f5587eac50af01b169fde29a7e697d292417ba65ebcc48fa0350f986d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815225
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: CVZ1819DPG95PJ9G
x-amz-id-2: p/1PVXObp5eHB+cnXDirIds42jAAf3YRX16m4WXghajyGs75jWiIOZcVJEXEFssTEI9vH4hLpsg=
last-modified: Fri, 27 Aug 2021 00:36:48 GMT
server: cloudflare
etag: W/"494cdcdbb9f8aabb90662f90e86713a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqxOgHFZI9O7O5G7BhqPo3VoRogdzbBN5qiW6p4fxFGaFp1Zy74Rj9jHF5RXI8guUJ%2BM808omG5Ah4DqQ7hV%2Fcewr91Wx9zUUvUh%2Fuc0DjLp46gPVmgwQ%2BrLk4dlSOZRdAdx0%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: qUzu2RsE4KTQBDKNYnerlPJrytK1UfHb
cf-ray: 689f669e7e391d02-CPH
expires: Sat, 27 Aug 2022 00:36:47 GMT

GET
H2 200 web-widget-framework-1b147c41a301f1c689d1.js Show response
static.zdassets.com/web_widget/latest/ Frame 6757 184 KB
59 KB 55ms
55ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-1b147c41a301f1c689d1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4dd3323e-521b-4d59-9bc6-71d4f32df57f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901b0c5f73b547d42ae394fdd0e64e844c04cc18bba2ef71b0530a940337e460

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815225
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: CVZEEB4GR9SWW9R9
x-amz-id-2: h1Gp7V55Sbr5KkiDoeHYPFtum4LT4jI7irARL3ty96+1ES8StrnLc+MWLMym26b6psGfvEjUdew=
last-modified: Fri, 27 Aug 2021 00:36:48 GMT
server: cloudflare
etag: W/"4ffd0070344c005afce1ff2d12d44e7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWN%2FZFTt3yGGs9EI79DLUNGAONZwaCcW6JApiX1fTxHFrdFhmpdU9L8CQ8xaX4EYhGnC9nCD%2FGKx9ys27xgPcJ7J48stzR5T549%2FdNu288pagojAL6FWqm605hGLPvORViEyhBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: v41TCMXJjPtMAYoQuoT1GMc4uDmGKEn1
cf-ray: 689f669e7e3a1d02-CPH
expires: Sat, 27 Aug 2022 00:36:47 GMT

GET
H2 200 config Show response
plum-energie.zendesk.com/embeddable/ 320 B
1 KB 154ms
84ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://plum-energie.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4dd3323e-521b-4d59-9bc6-71d4f32df57f

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f420f90e809a953cf9a24a0c1d7a8a5d8a73ecd58e333e35e4710c5d8b256e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-zendesk-origin-server: embeddable-app-server-6fc5ffcdd4-c5zp2
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
x-cached: MISS
x-request-id: 689f669f4fa510f3-FRA, 689f669f4fa510f3-FRA
x-runtime: 0.001169
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRWGscF1N0FICZE9MQku2rps3cYukPwcPKAeU%2F5Lhy%2FI7jNEpNYY5fSAuWM642MBjKpLwvH1wdo7tLpy32LTgc%2FuXBSj%2B7FVk%2FpXk0VpbvzcDY%2BckHp2zCfaZYylNFUE3VMBLg2JpYh%2BzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 689f669f4fa510f3-CPH

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=2118637191&t=pageview&_s=1&dl=https%3A%2F%2Fespace-client.plum.fr%2Fv2%2Fauth%2F&dp=%2Fv2%2Fauth%2F&ul=en-us&de=UTF-8&dt=Pl%C3%BCm%20%C3%A9nergie%20%3A%20fournisseur%20d%27%C3%A9lectricit%C3%A9%20de%20nouvelle%20g%C3%A9n%C3%A9ration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1747780855.1630844313&tid=UA-77876022-4&_gid=1380037151.1630844313&gtm=2wg910WL84WGW&cd2=1747780855.1630844313&z=806406326

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 21:40:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52699
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 provider-info Show response
espace-client.plum.fr/api/references/ 302 B
940 B 55ms
55ms XHR
application/json 52.209.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://espace-client.plum.fr/api/references/provider-info

Requested by

Host: espace-client.plum.fr
URL: https://espace-client.plum.fr/v2/js/chunk-vendors.31050008.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.209.58.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-58-104.eu-west-1.compute.amazonaws.com

Software

CERN httpd/2.03-beta /

Resource Hash

ee7e81f92ffc5fdd950d58d7a195f081ce9b3b9e3da8cf9865d442455022734b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' *.plum.fr plum.fr
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /api/references/provider-info
pragma: no-cache
cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723; _gid=GA1.2.1380037151.1630844313; _gat_UA-77876022-4=1; _ga_H4F09VH8E7=GS1.1.1630844313.1.0.1630844313.0; _ga=GA1.2.1747780855.1630844313
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: espace-client.plum.fr
referer: https://espace-client.plum.fr/v2/auth/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://espace-client.plum.fr/v2/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: CERN httpd/2.03-beta
x-frame-options: DENY
etag: W/"12e-vhno/6g7jHScQr7LFpLWRQ1lUn8"
expect-ct: max-age=0; report-uri="https://espace-client.plum.fr/ct/reportOnly"
x-urg-id-req: DA_s8b58gnw
access-control-allow-methods: POST, GET, DELETE, PUT, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://plum.fr
cache-control: no-cache
access-control-allow-credentials: true
content-security-policy: default-src 'self' *.plum.fr plum.fr
set-cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723;Path=/; Expires=Tue, 12-Aug-2121 12:18:22 GMT; SameSite=None; Secure;
access-control-allow-headers: Content-Type, Groups, X-Requested-With, Origin

GET
H2 200 plum-white.a6f726d4.png
espace-client.plum.fr/v2/img/ 155 KB
158 KB 54ms
54ms Image
image/png 52.209.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://espace-client.plum.fr/v2/img/plum-white.a6f726d4.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.209.58.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-58-104.eu-west-1.compute.amazonaws.com

Software

CERN httpd/2.03-beta /

Resource Hash

4e0676e5e02a40283818f57c7f72d17707dd6d948c883066e7733d266c59893d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://.unergie.com https://.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://.unergie.com:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /v2/img/plum-white.a6f726d4.png
pragma: no-cache
cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723; _gid=GA1.2.1380037151.1630844313; _gat_UA-77876022-4=1; _ga_H4F09VH8E7=GS1.1.1630844313.1.0.1630844313.0; _ga=GA1.2.1747780855.1630844313
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: espace-client.plum.fr
referer: https://espace-client.plum.fr/v2/auth/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://espace-client.plum.fr/v2/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:22 GMT
x-content-type-options: nosniff
content-length: 159014
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Aug 2021 14:13:02 GMT
server: CERN httpd/2.03-beta
x-frame-options: SAMEORIGIN
etag: "611d156e-26d26"
expect-ct: max-age=0; report-uri="https://espace-client.plum.fr/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
cache-control: no-cache
content-security-policy: default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://*.unergie.com https://*.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://*.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://*.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://*.unergie.com:*
set-cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723;Path=/; Expires=Tue, 12-Aug-2121 12:18:22 GMT; SameSite=None; Secure;
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13186bf40a054baa98d3d5aea44d5b8c88f6111e76312d3c757769143208d8d1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en-us-json-c92f040571c86c5604a4.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/ Frame 6757 33 KB
7 KB 42ms
42ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/en-us-json-c92f040571c86c5604a4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eb4e5bf06118c495126b1cf6f5f370f94bc7651c6525d6c606877170afbf53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762666
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 4W321VGJ1PA00VXA
x-amz-id-2: d1QqE2vQONIdW/oxrz04IxhLgnai31aOFDbl2B9ZU1jZNAX+oidwS5m5d3qryjOcCaodxe72zMg=
last-modified: Fri, 13 Aug 2021 00:23:14 GMT
server: cloudflare
etag: W/"38e7cc9c495c12720eec3517509bd5e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcBGFjK0ez4EQBcl9sVJkxeQNM4Z3O80Lb%2FKHtfeQA99Yh4gKx2BhFlnShEzCmCNCi8QLjuI4HiiIkTZyLATPXpL%2BoX2rhBeOzLfVudb%2BzPtzmcZ3vOkKwLznrPmzQ6YjIb%2FW1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: nxyhPh39LbwqesfRpjKXUZuzYoFcnoU5
cf-ray: 689f669fd8611d02-CPH
expires: Sat, 13 Aug 2022 00:23:13 GMT

GET
H2 200 web-widget-218-a0e6bddf78f556c0ba98.js Show response
static.zdassets.com/web_widget/latest/ Frame 6757 330 KB
100 KB 56ms
55ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-218-a0e6bddf78f556c0ba98.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dcaeb939318effbb2db3a742e54dba4b1d31e84858207fb43b75a4b6a576dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1482763
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: VQDB7V862BAHKY8G
x-amz-id-2: QLypeRJQYdJX0lzRmMRMaRRBv/T5J1EO/z9btyG9GuvOLReFsJJmV1OjDzWsm+/n8cvvM9kmc5M=
last-modified: Fri, 06 Aug 2021 01:28:07 GMT
server: cloudflare
etag: W/"d270a189c9839f5d9d7f3e49bbeae2d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IPn7S9A4OeXMkl61UBZupGfzf%2BZmUJ%2F6xCB2Vi4NqGUaNfEdkgMvRV3AvCD9eNfuBvaPKUFnEg4gqTjoHOX1kkqa32BUcPK9y5WWEZ2KzFYrpOsoBvlGatEhOE1JJO8iUrBoF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: IDVhfci7YwOGQmz1iV6E.SNv87invv.f
cf-ray: 689f669fd86d1d02-CPH
expires: Sat, 06 Aug 2022 01:28:06 GMT

GET
H2 200 web-widget-9829-5f3c12ec148288f64210.js Show response
static.zdassets.com/web_widget/latest/ Frame 6757 91 KB
25 KB 32ms
32ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-9829-5f3c12ec148288f64210.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0987ab417187ff28db7f13e2ba5a66623e2b2cc83ba11308c8735df9a9db2792

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762669
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 0TBMS77536PT5K1F
x-amz-id-2: IDorUNRtBRFA0fNjaP/1/qJmWbijdF2VMJf4OE0VfiW4xVjgXXEd/gAlLdiEelEQm5/9JcdBgxw=
last-modified: Fri, 13 Aug 2021 00:23:50 GMT
server: cloudflare
etag: W/"c416333951b19b5a604bb7f65785650e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9n0%2FkL7ZdSIYc9D5zxm%2FmYa51n8z7shi3GTPzv39PoLhvzP4Cu3yKwA8xH5ZppfHk5quX2OaWvyPzcvSATMuXTX%2F%2F2jOhJCUk%2B%2Fc6e0ZinWcPhpq2Ds8eCm0%2B9bJMoLVjW9mtoY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 49ot3h21npFAkxmz5L51VOsC2.m1cZtL
cf-ray: 689f669fd86e1d02-CPH
expires: Sat, 13 Aug 2022 00:23:49 GMT

GET
H2 200 web_widget-34813b70768c992d1401.js Show response
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 6757 418 KB
90 KB 41ms
41ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-34813b70768c992d1401.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c11c853e3495048c3769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fce29588c56c8a1ebb6b76aa0f861097422a599b1f7f433a2281de08bf036b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 815225
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: SQF44JCFSJE7RAAS
x-amz-id-2: 0LwPAR5c5NZlJ0+HB4mTgXrJexrYM/pvY7gSLTD1UpCo8umtrwBXzJQAdRj2WJ/mMPGEbr2RSGg=
last-modified: Fri, 27 Aug 2021 00:35:05 GMT
server: cloudflare
etag: W/"fef0d8fa8ff30afd8c9006a9344f1afc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUDc38Idzsv9kQH3ddoxwCPYZxTCsbKgxKLFHL5Ut5R%2FpVEfRi2ZM%2B1OUzJPYdTYNPXPK8J38jLvdEyZenRSgNNQZJVJXSRfwNeQwF%2BMBxnRTcdcHuJYreOQkWgR%2Fabp4y0YeDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: wZHvAZ2moLXZQaNmJ3MYT.Dl0vKLvC3V
cf-ray: 689f669fd8701d02-CPH
expires: Sat, 27 Aug 2022 00:35:04 GMT

GET
H2 200 CentraNo2-Bold.woff2
espace-client.plum.fr/commons/fonts/centra/woff2/ 28 KB
30 KB 53ms
52ms Font
font/woff2 52.209.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://espace-client.plum.fr/commons/fonts/centra/woff2/CentraNo2-Bold.woff2

Requested by

Host: espace-client.plum.fr
URL: https://espace-client.plum.fr/v2/css/main.c27c748c.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.209.58.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-58-104.eu-west-1.compute.amazonaws.com

Software

CERN httpd/2.03-beta /

Resource Hash

faf61edbc219208b68122c7c9ca8c3c6ebd70e80e3df10d5b3bd6bba3e685a16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://.unergie.com https://.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://.unergie.com:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://espace-client.plum.fr
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723; _gid=GA1.2.1380037151.1630844313; _gat_UA-77876022-4=1; _ga_H4F09VH8E7=GS1.1.1630844313.1.0.1630844313.0; _ga=GA1.2.1747780855.1630844313
:path: /commons/fonts/centra/woff2/CentraNo2-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: espace-client.plum.fr
referer: https://espace-client.plum.fr/v2/css/main.c27c748c.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://espace-client.plum.fr
Referer: https://espace-client.plum.fr/v2/css/main.c27c748c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:22 GMT
x-content-type-options: nosniff
content-length: 29024
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Aug 2021 14:23:00 GMT
server: CERN httpd/2.03-beta
x-frame-options: SAMEORIGIN
etag: "61152ec4-7160"
expect-ct: max-age=0; report-uri="https://espace-client.plum.fr/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: font/woff2
cache-control: max-age=315360000 no-cache
content-security-policy: default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://*.unergie.com https://*.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://*.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://*.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://*.unergie.com:*
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CentraNo2-Book.woff2
espace-client.plum.fr/commons/fonts/centra/woff2/ 42 KB
44 KB 53ms
52ms Font
font/woff2 52.209.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://espace-client.plum.fr/commons/fonts/centra/woff2/CentraNo2-Book.woff2

Requested by

Host: espace-client.plum.fr
URL: https://espace-client.plum.fr/v2/css/main.c27c748c.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.209.58.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-58-104.eu-west-1.compute.amazonaws.com

Software

CERN httpd/2.03-beta /

Resource Hash

fcb109f12372d64d3880019e856f8281b802352d27a9b4aa366b360d2e3036d8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://.unergie.com https://.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://.unergie.com:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://espace-client.plum.fr
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: plumSession=24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723; _gid=GA1.2.1380037151.1630844313; _gat_UA-77876022-4=1; _ga_H4F09VH8E7=GS1.1.1630844313.1.0.1630844313.0; _ga=GA1.2.1747780855.1630844313
:path: /commons/fonts/centra/woff2/CentraNo2-Book.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: espace-client.plum.fr
referer: https://espace-client.plum.fr/v2/css/main.c27c748c.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://espace-client.plum.fr
Referer: https://espace-client.plum.fr/v2/css/main.c27c748c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:23 GMT
x-content-type-options: nosniff
content-length: 43280
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 Aug 2021 14:23:00 GMT
server: CERN httpd/2.03-beta
x-frame-options: SAMEORIGIN
etag: "61152ec4-a910"
expect-ct: max-age=0; report-uri="https://espace-client.plum.fr/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: font/woff2
cache-control: max-age=315360000 no-cache
content-security-policy: default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://*.unergie.com https://*.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://*.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://*.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://*.unergie.com:*
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embeddable_blip Show response
plum-energie.zendesk.com/ Frame 6757 0
334 B 85ms
84ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://plum-energie.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY29sb3IiOnsidGhlbWUiOiIjRkZCQTAwIiwibGF1bmNoZXJUZXh0IjoiI0ZGRkZGRiJ9LCJjb250YWN0Rm9ybSI6eyJzZWxlY3RUaWNrZXRGb3JtIjpbXSwic3ViamVjdCI6dHJ1ZX0sImhlbHBDZW50ZXIiOnsidGl0bGUiOnsiKiI6IlVuZSBxdWVzdGlvbiA%2FIn19LCJsYXVuY2hlciI6eyJsYWJlbCI6eyIqIjoiVW5lIHF1ZXN0aW9uID8ifX0sIm9mZnNldCI6eyJ2ZXJ0aWNhbCI6IjYwcHgifX19LCJidWlkIjoiYTM4ZmI0YTM3ODkwZWU5ODA3YTljYmYwNzE4OTA5YWIiLCJzdWlkIjoiZGQ4MTA2NmFjYTg1OGMzNjQyOWM2YWQzOTU0NjhmODEiLCJ2ZXJzaW9uIjoiNTM5OGNkMjgxIiwidGltZXN0YW1wIjoiMjAyMS0wOS0wNVQxMjoxODozMy44NzdaIiwidXJsIjoiaHR0cHM6Ly9lc3BhY2UtY2xpZW50LnBsdW0uZnIvdjIvYXV0aC8ifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-1b147c41a301f1c689d1.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:33 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iv%2FH5SZDOsz9qikZwd7%2Fwp8VaZsYOnGGrJ71%2F9vMwpLCNU3av225ybs%2Bv9dK0SV0HqBAeVWxkR8ApWdNXBidu1N5ZISBFdouPZRsTP7DUShPQaI%2FwZUGdUKy%2B0oie2sEwJcjZ8rfsYabFw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://espace-client.plum.fr
accept-ranges: bytes
cf-ray: 689f66a1cd1310f3-CPH
vary: Accept-Encoding
content-length: 0
x-request-id: 8d408cbd540a751bb9149a5b84f52c78

GET
H2 200 embeddable_blip Show response
plum-energie.zendesk.com/ Frame 6757 0
288 B 84ms
84ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://plum-energie.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9lc3BhY2UtY2xpZW50LnBsdW0uZnIvdjIiLCJ0aW1lIjozNCwibG9hZFRpbWUiOjU0LjA5OTk5ODQ3NDEyMTA5NCwibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IlBsw7xtIMOpbmVyZ2llIDogZm91cm5pc3NldXIgZCfDqWxlY3RyaWNpdMOpIGRlIG5vdXZlbGxlIGfDqW7DqXJhdGlvbiIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLGluaXRpYWwtc2NhbGU9MSIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiYWU0ZGZlN2FjODdjZjUxMDY1NGVjMWFmM2FjMzEzNjkiLCJzdWlkIjoiNTY0MjE1OWZiZjdmMDE3OTYyYWQzOWJhODI5ZWNhY2YiLCJ2ZXJzaW9uIjoiNTM5OGNkMjgxIiwidGltZXN0YW1wIjoiMjAyMS0wOS0wNVQxMjoxODozMy45MDJaIiwidXJsIjoiaHR0cHM6Ly9lc3BhY2UtY2xpZW50LnBsdW0uZnIvdjIvYXV0aC8ifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-1b147c41a301f1c689d1.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:33 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jf3DZOoKUTt2EomwpIXz03OJXtFtw%2BMWlduNnyRrFsPAx5PQBJQPiZYgOXExV54m9gW7U8w4xlHxoMo0hzqpkGl1Gs2qkvN2FCgZUNE5ZG0bRpDTNdLO%2FatS2TDzZtwD6M3epQV1znlxrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://espace-client.plum.fr
accept-ranges: bytes
cf-ray: 689f66a1fd8b10f3-CPH
vary: Accept-Encoding
content-length: 0
x-request-id: 121816d1628f68fd425994458a4ccfae

POST
H2 204 collect
www.google-analytics.com/g/ 0
76 B 13ms
13ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H4F09VH8E7&gtm=2oe910&_p=2118637191&sr=1600x1200&ul=en-us&cid=1747780855.1630844313&dl=https%3A%2F%2Fespace-client.plum.fr%2Fv2&dt=Pl%C3%BCm%20%C3%A9nergie%20%3A%20fournisseur%20d%27%C3%A9lectricit%C3%A9%20de%20nouvelle%20g%C3%A9n%C3%A9ration&sid=1630844313&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H4F09VH8E7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://espace-client.plum.fr/v2/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 12:18:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://espace-client.plum.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 C7.png
axeptio.imgix.net/2020/12/ 11 KB
11 KB 23ms
7ms Image
image/webp 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://axeptio.imgix.net/2020/12/C7.png?auto=format&fit=crop&w=170&h=auto&dpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2304445f35fb68fd4dd70264d7f0613c3db7a6a575138579577cba7a48fb39eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 03:50:23 GMT
server: imgix
age: 2190495
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 1286ada66eee6a18c42e4867f2015f9208b45352
accept-ranges: bytes
content-length: 11190
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10020-SJC, cache-fra19167-FRA

GET
H2 200 persos_site_suite_05.png
axeptio.imgix.net/2020/09/ 7 KB
8 KB 22ms
6ms Image
image/webp 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://axeptio.imgix.net/2020/09/persos_site_suite_05.png?auto=format&fit=crop&w=96&h=96&dpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

fe7f45d085a0401cb61b86e7c0e9001813db8280255eaceba6045af7aa1d73da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://espace-client.plum.fr/v2/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 12:18:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 09:50:57 GMT
server: imgix
age: 7698452
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: b2ccfbf1205d16a50855393cdb783ec0a29399fc
accept-ranges: bytes
content-length: 7578
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10059-SJC, cache-fra19167-FRA

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.plum.fr/	1970-01-20 14:31:56	Name: _ga Value: GA1.1.1747780855.1630844313
.plum.fr/	1970-01-19 21:00:44	Name: _gat_UA-77876022-4 Value: 1
.plum.fr/	1970-01-20 14:31:56	Name: _ga_H4F09VH8E7 Value: GS1.1.1630844313.1.0.1630844313.0
.plum.fr/	1970-01-19 21:02:10	Name: _gid Value: GA1.2.1380037151.1630844313
espace-client.plum.fr/	1970-02-25 09:00:44	Name: plumSession Value: 24a9af65-3bae-4261-990c-0e8c964ec8d1-a701efb44617f70dcefa9705d6a1683b-1630844301723

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; style-src 'self' https://fonts.googleapis.com http://unpkg.com/bootstrap/dist/css/bootstrap.min.css https://tagmanager.google.com/ https://use.fontawesome.com 'unsafe-inline'; script-src 'self' data: https://espace-client.plum.fr https://staging.espace-client.plum.fr https://static.axept.io https://secure.adnxs.com https://tag.zebestof.com https://s.pinimg.com https://platform.twitter.com https://script.hotjar.com https://static.hotjar.com https://tr.outbrain.com/cachedClickId https://www.gstatic.com https://www.google.com https://adservice.google.com https://adservice.google.fr https://www.googleadservices.com https://connect.facebook.net https://www.google-analytics.com https://bat.bing.com https://static.zdassets.com https://polyfill.io https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.googletagservices.com https://tagmanager.google.com/ https://www.googletagmanager.com/ https://cdn.jsdelivr.net/npm/promise-polyfill@8/dist/polyfill.min.js https://amplify.outbrain.com/cp/obtp.js https://googleads.g.doubleclick.net/ https://g.fastcdn.co https://cdn.instapagemetrics.com https://heatmap-events-collector.instapage.com https://js-agent.newrelic.com https://in.hotjar.com 'unsafe-inline' 'unsafe-eval'; img-src * data: https://ssl.gstatic.com/ 'unsafe-inline'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com 'unsafe-inline'; connect-src 'self' https://client.axept.io https://.unergie.com https://.plum.fr wss://int.plum.fr https://bat.bing.com/ https://stats.g.doubleclick.net/j/collect https://www.google-analytics.com https://ekr.zdassets.com https://plum-energie.zendesk.com https://.googlesyndication.com https://ec.instapagemetrics.com https://heatmap-events-collector.instapage.com; child-src 'self' https://www.gstatic.com https://www.google.com; frame-src 'self' https://checkout.slimpay.net https://checkout.preprod.slimpay.com https://platform.twitter.com https://vars.hotjar.com https://www.tf1.fr https://.facebook.com https://www.gstatic.com https://www.google.com https://googleads.g.doubleclick.net/ https://www.youtube.com https://app.adjust.com https://storage.googleapis.com/instapage-assets/* https://sdk.privacy-center.org/; frame-ancestors 'self' https://.unergie.com:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

axeptio.imgix.net
cdn.jsdelivr.net
client.axept.io
ekr.zdassets.com
espace-client.plum.fr
espace-clients.preprod.plum.fr
plum-energie.zendesk.com
static.axept.io
static.zdassets.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
104.16.53.111
104.18.70.113
104.18.72.113
2600:9000:223c:d400:19:61a3:b200:93a1
2600:9000:2240:8800:1c:f638:2940:93a1
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:400c:c08::9c
2a04:4e42:3::485
2a04:4e42:3::720
52.209.58.104
52.215.238.75
021604dfb0dae92bb24f3ed7e4e93c5c7826b198eb9a56acbb5273869b170ca8
031fea69405bdc469be6f7694f342c4d38d333eb7103967322306d41952e25b1
0987ab417187ff28db7f13e2ba5a66623e2b2cc83ba11308c8735df9a9db2792
13186bf40a054baa98d3d5aea44d5b8c88f6111e76312d3c757769143208d8d1
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
2304445f35fb68fd4dd70264d7f0613c3db7a6a575138579577cba7a48fb39eb
4e0676e5e02a40283818f57c7f72d17707dd6d948c883066e7733d266c59893d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfe8d9ffebe5968c3d723076a8563888eb0cdf90cc5abf124db769f66c4bb69
6eb4e5bf06118c495126b1cf6f5f370f94bc7651c6525d6c606877170afbf53a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d91bb431ff4f45d874d63f06466acfee8860f80b4f253262fc0b2064daed3e9
901b0c5f73b547d42ae394fdd0e64e844c04cc18bba2ef71b0530a940337e460
93568f4ff77a001668b51aa946cbfc28c25ad06ec5963b3e27465b0e4737bf7a
9624bf779b21dfb9748fce92c7e7b52adb0eb78857b0c5403432d343c8da0e54
9dcaeb939318effbb2db3a742e54dba4b1d31e84858207fb43b75a4b6a576dd7
a346f8c55ee0a3bbb94247edf6a4f27fdbab08a87cfc8e0a60c7f3573837a31c
c08063699ae478a991a749cc9a9c5b8200445f2c3fa22a7d344c367696c0a997
cfced806e3414c6b836b8060ed303964c8b498aca43836f2b0a087c56371ab74
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e17ae17f90ae983832f3709e67de0f7902fe1014568410534615235a158d7af0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee7e81f92ffc5fdd950d58d7a195f081ce9b3b9e3da8cf9865d442455022734b
f420f90e809a953cf9a24a0c1d7a8a5d8a73ecd58e333e35e4710c5d8b256e2d
f931727f5587eac50af01b169fde29a7e697d292417ba65ebcc48fa0350f986d
faf61edbc219208b68122c7c9ca8c3c6ebd70e80e3df10d5b3bd6bba3e685a16
fc1523e4c0aeb8e567d0bd83ce6c8a3b5c9fbba8458df59da2370bfdefb32085
fcb109f12372d64d3880019e856f8281b802352d27a9b4aa366b360d2e3036d8
fce29588c56c8a1ebb6b76aa0f861097422a599b1f7f433a2281de08bf036b5c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe7f45d085a0401cb61b86e7c0e9001813db8280255eaceba6045af7aa1d73da

espace-client.plum.fr Open in urlscan Pro 52.209.58.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

58 %IPv6

9 Domains

12 Subdomains

12 IPs

5 Countries

4279 kBTransfer

7599 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

espace-client.plum.fr Open in urlscan Pro
52.209.58.104 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

58 %
IPv6

9
Domains

12
Subdomains

12
IPs

5
Countries

4279 kB
Transfer

7599 kB
Size

5
Cookies

41 HTTP transactions
1 data transactions