urlscan.io logo urlscan.io
SecurityTrails logo

simulation.ma-solution-eco.com Open in urlscan Pro
3.69.136.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.prod1.emailing.notretemps.com/r/?id=h522ba315,5e77ccf4,7ffbc698&p1=bf394d10f88ba25d166a795f5a9d05d6
Effective URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickI...
Submission: On February 20 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 12 domains to perform 34 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is simulation.ma-solution-eco.com.
TLS certificate: Issued by R3 on December 15th 2022. Valid for: 3 months.
This is the only time simulation.ma-solution-eco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.76.113.180 16509 (AMAZON-02)
1 1 34.22.248.172 396982 (GOOGLE-CL...)
1 2 3.69.136.55 16509 (AMAZON-02)
2 99.86.4.38 16509 (AMAZON-02)
2 2600:9000:21f... 16509 (AMAZON-02)
1 8 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 99.86.4.81 16509 (AMAZON-02)
8 99.86.122.217 16509 (AMAZON-02)
1 34.238.109.20 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
34 12
1    54.76.113.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-113-180.eu-west-1.compute.amazonaws.com
t.prod1.emailing.notretemps.com
1    34.22.248.172 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.248.22.34.bc.googleusercontent.com
a.pwspace.com
2    3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
simulation.ma-solution-eco.com
2    99.86.4.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-38.fra6.r.cloudfront.net
builder-assets.unbounce.com
2    2600:9000:21f3:3800:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
8    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
form.reflexleads.com
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
lecoindelafinance.com
7    99.86.4.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-81.fra6.r.cloudfront.net
fonts.ub-assets.com
8    99.86.122.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-122-217.dub2.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    34.238.109.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-109-20.compute-1.amazonaws.com
events.ub-analytics.com
2    2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
473 KB
8 reflexleads.com
form.reflexleads.com
30 KB
7 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 25065
114 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
155 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 18261
36 KB
2 ma-solution-eco.com
simulation.ma-solution-eco.com
13 KB
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
949 B
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 24559
245 B
1 lecoindelafinance.com
lecoindelafinance.com
738 B
1 pwspace.com
a.pwspace.com — Cisco Umbrella Rank: 474789
365 B
1 notretemps.com
t.prod1.emailing.notretemps.com
428 B
34 12
Domain Requested by
8 d9hhrg4mnvzow.cloudfront.net simulation.ma-solution-eco.com
8 form.reflexleads.com 1 redirects simulation.ma-solution-eco.com
form.reflexleads.com
7 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
2 www.googletagmanager.com form.reflexleads.com
www.googletagmanager.com
2 d34qb8suadcc4g.cloudfront.net simulation.ma-solution-eco.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com simulation.ma-solution-eco.com
2 simulation.ma-solution-eco.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com form.reflexleads.com
1 events.ub-analytics.com simulation.ma-solution-eco.com
1 lecoindelafinance.com simulation.ma-solution-eco.com
1 a.pwspace.com 1 redirects
1 t.prod1.emailing.notretemps.com 1 redirects
34 13

This site contains no links.

Subject Issuer Validity Valid
simulation.ma-solution-eco.com
R3		 2022-12-15 -
2023-03-15		 3 months crt.sh
*.unbounce.com
Amazon		 2023-01-09 -
2024-02-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-15 -
2023-06-15		 a year crt.sh
*.lecoindelafinance.com
E1		 2023-02-10 -
2023-05-11		 3 months crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02		 2022-11-17 -
2023-12-17		 a year crt.sh
*.ub-analytics.com
Amazon		 2022-04-10 -
2023-05-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Frame ID: 82F790469EDFD971238E33A1D516CA8D
Requests: 26 HTTP requests in this frame

Frame: https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==
Frame ID: B9DBEEB7B47CEE628B713BA3A615F044
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Face à la montée des prix de l'énergie

Page URL History Show full URLs

  1. https://t.prod1.emailing.notretemps.com/r/?id=h522ba315,5e77ccf4,7ffbc698&p1=bf394d10f88ba25d166a795f5a9d05d6 HTTP 302
    https://a.pwspace.com/ndc/N5Y5J6R6?ps_ee=bf394d10f88ba25d166a795f5a9d05d6&ps_g=1&z=3 HTTP 302
    https://simulation.ma-solution-eco.com/pv-2022?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaig... HTTP 301
    https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campai... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

34
Requests

97 %
HTTPS

46 %
IPv6

12
Domains

13
Subdomains

12
IPs

4
Countries

834 kB
Transfer

1379 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.prod1.emailing.notretemps.com/r/?id=h522ba315,5e77ccf4,7ffbc698&p1=bf394d10f88ba25d166a795f5a9d05d6 HTTP 302
    https://a.pwspace.com/ndc/N5Y5J6R6?ps_ee=bf394d10f88ba25d166a795f5a9d05d6&ps_g=1&z=3 HTTP 302
    https://simulation.ma-solution-eco.com/pv-2022?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78 HTTP 301
    https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://form.reflexleads.com/common/gum-form/render?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ== HTTP 301
  • https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
simulation.ma-solution-eco.com/pv-2022/
Redirect Chain
  • https://t.prod1.emailing.notretemps.com/r/?id=h522ba315,5e77ccf4,7ffbc698&p1=bf394d10f88ba25d166a795f5a9d05d6
  • https://a.pwspace.com/ndc/N5Y5J6R6?ps_ee=bf394d10f88ba25d166a795f5a9d05d6&ps_g=1&z=3
  • https://simulation.ma-solution-eco.com/pv-2022?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
  • https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
73 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dda2584bc600dec471fd72df51618d28500267f790c726dad2675b31ee3cf3a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
11906
content-location
https://simulation.ma-solution-eco.com/pv-2022/
content-type
text/html; charset=utf-8
date
Mon, 20 Feb 2023 05:44:13 GMT
etag
"a:d5164537658e4cca83657941e16f84ca"
link
<https://simulation.ma-solution-eco.com/pv-2022/>; rel="canonical"
x-proxy-backend
page-server
x-unbounce-pageid
cdd23eb5-b89f-4a36-b054-652667ade875
x-unbounce-variant
a
x-unbounce-visitorid
d5164537-658e-4cca-8365-7941e16f84ca

Redirect headers

content-length
0
date
Mon, 20 Feb 2023 05:44:13 GMT
location
/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
x-proxy-backend
page-server
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-38.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 05:36:03 GMT
content-encoding
gzip
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-version-id
F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
last-modified
Wed, 23 Nov 2022 23:24:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
6480491
etag
"3d27e56a34e34b278ab5e182cbc3b587"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2902
x-amz-cf-id
W4JNzZBqyMNMF6gwDpUC84RFm59sN_fKTdqQ4IwfdP2erG7BHcTxfg==
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 21:41:41 GMT
content-encoding
gzip
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-version-id
TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified
Tue, 17 Jan 2023 21:14:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
2880153
etag
"fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1865
x-amz-cf-id
AXWxG1Qgmvczvu3OrV3BuyyweX6QVj4Ml-3i5w6VbpSHoUOGt6zHIw==
main.bundle-5dc4c52.z.js
builder-assets.unbounce.com/published-js/ 		103 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-38.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5dc4c52ad9b22df4e2f70580e03de8ba2b2a3fc8ec48edfb0a2bb8e858975c2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:35:05 GMT
content-encoding
gzip
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-amz-version-id
pKHv9xoCp.Oeede.gA0bUZ9Qn6jRS9cc
last-modified
Wed, 23 Nov 2022 23:24:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
6498549
etag
"0bf2d86152e7e3622dcf4ab19253e64e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33506
x-amz-cf-id
cHXOixwwdRmqDidkSkZI7Vz_7GGIeXvGjVmRtIfloDH8kltiKpvgyw==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 09:08:36 GMT
content-encoding
gzip
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
6122138
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30399
x-amz-cf-id
Ni6RmHK0pvb4Xh_iDPP2xJqdpLZQ07m9vQkBjTMA8lm6tXZDC6gvmw==
gum-iframe.js
form.reflexleads.com/common/gum-form/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-form/gum-iframe.js?v=1676871853456
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c78989e89f012996588e6f160d694dcd2a219b4e3970e06b0dc2642887630cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 05:44:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Jul 2022 10:07:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62c801ec-92a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0%2FkkIYjf9tf4XBflbINACnlSwtGO%2BeCqWl2HsCVJbN%2Ff0cvx1rqo37EijEbT4zZ48Xlqhzifk2%2FcS70Yyttdx1R0Rk2Qhrhl7Vfl7NlGaVzINMM2djPfyWFsdFCD%2BmHLXoRQB15OfjMt885fjwqDS0BMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
cache-control
max-age=315360000
cf-ray
79c4eddcaac4bbc7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
lecoindelafinance.com/common/gum-footer/render/ 		454 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lecoindelafinance.com/common/gum-footer/render/?form_id=9
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.29
Resource Hash
b286d22cc654f9eba6539816dc3412f981b33a774742f13084d965fbdcf0f78d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 05:44:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.29
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzR6E3QlaypcALri2GxSFVvju9DAAbNNJ21%2Br6Qgslp6Ic3f%2FSiwhR0Oxy%2Fscfh49JM5McihcLA0tOUT4wcrLChNSPKDHcTZp6hRN5UY3z6qT15qaFBMMyfWs1ICppPtRH%2B0w8d7jvICCS%2Bqi84e0t7vlJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
79c4eddcafdd925b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
form.reflexleads.com/common/gum-consent/render/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-consent/render/?form_id=58
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
1bcf046258ef4cfb331d740669502dfbc53513a4f69bea78678d5763495ba802

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 05:44:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.24
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTEMSf6QFje8u3Qt8Rg9s%2BkgBO%2F6P1Jwtf5%2FtXFzSami36puctf6El%2BrWihH1Yvm7I%2FkY88CsxDNoCf1UmE2Lwn1TpAc1%2BiRd0Z3bYkJGVYCoOxmgA99DfzJtEbZDq2W%2FzJ8pnR4DTF1JoOmsT6rinlRkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
79c4eddc8dd22c29-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
43d03fdf-7e2a-4c90-8bd8-10eebd7a66b2
https://simulation.ma-solution-eco.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://simulation.ma-solution-eco.com/43d03fdf-7e2a-4c90-8bd8-10eebd7a66b2
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length
5611
Content-Type
text/css
css
fonts.ub-assets.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5dc4c52.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-81.fra6.r.cloudfront.net
Software
/
Resource Hash
e94a6a4a390f371f95ad5297e718a7bdb105f0d920969855c631ca93caf7c308
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 08:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
75059
x-amzn-requestid
73009529-8a60-4587-a110-c7a90ede00fa
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
AlB7HGl1IAMFzFw=
content-length
772
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-63f1e37a-14059320582a118343dc4095
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
1a01pN3IB0NvDhx_wdt4NML70WheW8968roUvBEE9g8bN9GSglMmzQ==
fcc43b0c-54319771-0-ma-solution-eco-by-b_106001g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/fcc43b0c-54319771-0-ma-solution-eco-by-b_106001g000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.122.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-122-217.dub2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bfa7fc5bcf1d76260f2fa3a0f2260033f9192a46e45700397dae082ec2eb449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 01:35:33 GMT
x-amz-version-id
fWgW67Jn9x0cEyvbZ9Tt.6qDxd9MBKOG
via
1.1 7d3f81ed0ad49a0602cc8ebb8a281f46.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jan 2023 15:56:47 GMT
server
AmazonS3
x-amz-cf-pop
DUB2-C1
age
3816521
etag
"55b5092433cf2e1aaa4095180eee0c8b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
4006
x-amz-cf-id
XWKbUAPAwxiwcWj0dn3FZfUr5uOWF82u9bfcUMcYLu-Q6qv-_RPZpg==
a81242f5-accept_100y00y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		524 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/a81242f5-accept_100y00y000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.122.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-122-217.dub2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3a142a36f0e7dd9836a5adeb4824f1251818c7d7bbf30422bbecc301b5d5dcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 08:37:09 GMT
x-amz-version-id
2ECw27waHfwvYWgFbGRqY1oB.Bwufdf4
via
1.1 7d3f81ed0ad49a0602cc8ebb8a281f46.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 13:39:40 GMT
server
AmazonS3
x-amz-cf-pop
DUB2-C1
age
680825
etag
"c2a08f8c5019772eae4affee20608bef"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
524
x-amz-cf-id
QqGWIrLy7USK2wnRxnAZrsC1kBEDglx9ELs-lB2g0s0lhcbNlLcCBw==
c93ec732-pv01_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/c93ec732-pv01_1000000000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.122.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-122-217.dub2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e850f09f5cb918d1a5617c6d5a0779f183772d892831f1d5b095cd5705c43682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 10:59:51 GMT
x-amz-version-id
rx56JlD3VRCHi2pULFEEUCnoqXg0SVXM
via
1.1 7d3f81ed0ad49a0602cc8ebb8a281f46.cloudfront.net (CloudFront)
last-modified
Tue, 20 Dec 2022 09:48:26 GMT
server
AmazonS3
x-amz-cf-pop
DUB2-C1
age
4646662
etag
"c301cf4282b78521f7ab3349e9d0a506"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
8006
x-amz-cf-id
KVsmAkORnD4F20y8Z56lKKODsn7g6Tpg8n6403xWzgo28foBBSD2Ig==
8c15589c-pv03_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/8c15589c-pv03_1000000000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.122.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-122-217.dub2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7daceebbd1be4c8fa379f8f5ffcfcb5e17f13f35bdd2b55598b79f97a9ae7d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 17:32:04 GMT
x-amz-version-id
S4RCkZgL0sjx5tAC3weiPJb5Nd3SnPXS
via
1.1 7d3f81ed0ad49a0602cc8ebb8a281f46.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jan 2023 15:56:47 GMT
server
AmazonS3
x-amz-cf-pop
DUB2-C1
age
4104730
etag
"2d2e4f254fde64018a6c407116aa3584"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
119206
x-amz-cf-id
NuA7scv8kaf6TlFsJrBYfjFWbMdFlgT2aMTMBopT0MmSiXHqClOaqQ==
9b67fbfa-56042501-0-senior-age.gif
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/9b67fbfa-56042501-0-senior-age.gif
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.122.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-122-217.dub2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6785d30173290c1cfd3a3e2e728d484830477f354b6a944d175b9ca860025118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 16:30:57 GMT
x-amz-version-id
Q795ibrgIQQPUOpDNNe16IPSj1zVC_ZG
via
1.1 7d3f81ed0ad49a0602cc8ebb8a281f46.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 13:39:40 GMT
server
AmazonS3
x-amz-cf-pop
DUB2-C1
age
3157997
etag
"2f63aa7d5708755e54cae16bb97d5ecc"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31557600
accept-ranges
bytes
content-length
126004
x-amz-cf-id
ifIfdOjBkYiRgeIx8WRjg89OcFFEsqB35POkFM2gJg5NuPOIxZbfBg==
c92a33e1-france-map-green_10cw0d5000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/c92a33e1-france-map-green_10cw0d5000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.122.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-122-217.dub2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d257823c52fc635ffe0f40ec778f6531d42910180e80c4125f89584227b5a03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 11:59:29 GMT
x-amz-version-id
7Wjc7Bd8BZ7IcDrqdlRkWIdHNouPaz.r
via
1.1 7d3f81ed0ad49a0602cc8ebb8a281f46.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jan 2023 15:56:47 GMT
server
AmazonS3
x-amz-cf-pop
DUB2-C1
age
3692685
etag
"64357b8a8c6c9b832a18c87500268e2d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
11347
x-amz-cf-id
HIgBuu4u9yE9PP9Pho4JomyVZFweLFI7MI5nIoRZIMGRldOtxAZUtA==
e1003739-group-9-1_10ca0c3000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/e1003739-group-9-1_10ca0c3000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.122.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-122-217.dub2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2f992e427cc69f3613adce548c3013d1427ffb850d99925adf5a384d9365727

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 01:35:34 GMT
x-amz-version-id
k3XSyMYROITvy.NRcVEMxD9dDyqL9_UC
via
1.1 7d3f81ed0ad49a0602cc8ebb8a281f46.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jan 2023 15:56:47 GMT
server
AmazonS3
x-amz-cf-pop
DUB2-C1
age
3816520
etag
"b5a8935cd84477a12234aaaaf168b53b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
65808
x-amz-cf-id
wJ5py706gkHH_NZ3X9a2dGKPwNlGlHOf108YL6VZyZ_657HF07o6uw==
f36157c6-pv02_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/f36157c6-pv02_1000000000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.122.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-122-217.dub2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3410eb9224bbb9829288265b14e45982122ed9b69557e003b011bbced7614315

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 03:37:43 GMT
x-amz-version-id
MJCnzc6vmZrZaSZl4sVBblmJGdmWWWor
via
1.1 7d3f81ed0ad49a0602cc8ebb8a281f46.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 13:39:40 GMT
server
AmazonS3
x-amz-cf-pop
DUB2-C1
age
3549991
etag
"4c21f002ef2c5c758a163cbd26c54f6d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
112840
x-amz-cf-id
Jvr5ztyG0nS3rsic8niqkg54RMieu34JPi5s3PQigQMukNy9Tfx22Q==
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1676871853511&e=pv&url=https%3A%2F%2Fsimulation.ma-solution-eco.com%2Fpv-2022%2F%3Fsource%3Dpowerspace%26creator_id%3D904%26aff_id%3D21375%26offer_id%3D21380%26campaign_name%3DPV666%26clickId%3D6b15332b-620b-4326-9e34-337884133f78&page=Face%20%C3%A0%20la%20mont%C3%A9e%20des%20prix%20de%20l%27%C3%A9nergie&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=87d9a282-4927-46b8-a991-3988449ba7ea&dtm=1676871853509&vp=1600x1200&ds=1600x5491&vid=1&sid=a2211f1c-258e-4715-849b-7f37452c02ad&duid=66de1d0c-beb4-4b89-b79a-5e5405bed8ed&uid=d5164537-658e-4cca-8365-7941e16f84ca&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2RkMjNlYjUtYjg5Zi00YTM2LWIwNTQtNjUyNjY3YWRlODc1IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?source=powerspace&creator_id=904&aff_id=21375&offer_id=21380&campaign_name=PV666&clickId=6b15332b-620b-4326-9e34-337884133f78
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.109.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-109-20.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 20 Feb 2023 05:44:13 GMT
access-control-allow-credentials
true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server
akka-http/10.0.9
content-length
43
content-type
image/gif
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-81.fra6.r.cloudfront.net
Software
/
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 01:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15740
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
7619250
x-amzn-requestid
15e3b1d6-ea5c-4057-9f6d-d204e20fd884
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
cFPfOGBRoAMFscg=
content-length
15763
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-637ec5fa-1b817c5302b552ac225a153d
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
24ro4M-Gcw2bIZLYwof0JP5nzoCI8y9ia6irdBwxxMBLsVeo3nm4Lw==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-81.fra6.r.cloudfront.net
Software
/
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 18:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15744
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1163499
x-amzn-requestid
0fef6eb3-af21-4c7c-be98-87200c43235a
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
f7gmXFVpIAMFVKg=
content-length
15767
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63e147c2-480ee7a4587e687365443980
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
-fHc9fC_X1p0PE-AtPW4moVUf6UfG30cpoL3xR72mt9a4She9Ska2A==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-81.fra6.r.cloudfront.net
Software
/
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15860
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3981866
x-amzn-requestid
ce8a5b2f-1170-4141-ab51-7dd486fc9794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
eP_0gGClIAMFheA=
content-length
15883
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63b64683-4c9d083f52fd04742c823b9b
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
TL3JZ9u1Y0tWYvO8MWjmoOxu9UXU0aaBXPoTUnflz4dbk_dVQRE-GQ==
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-81.fra6.r.cloudfront.net
Software
/
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 00:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15920
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
4078479
x-amzn-requestid
02db3c59-ee76-4394-ac44-107262ed55d9
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
eMT8tH8QoAMFxBw=
content-length
15943
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63b4cd1d-205fe2755139bd4011a49a2c
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
N7jstyYU8O84YgKFVgaV2xwvD5DzdulqMyCDmOrw8S-C8FMZfgSVFA==
S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-81.fra6.r.cloudfront.net
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 04:15:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23580
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2597345
x-amzn-requestid
013f78c5-4c90-4218-97ac-520a20d485b2
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
fEz_6EftoAMF6hw=
content-length
23578
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63cb66cc-7a77ca1857547dd628802e05
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
J0Ls_O6fIb77TRzk2Y3iFTzJCkflKJo72dkBZcxP-n8A4-1JFllbcg==
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-81.fra6.r.cloudfront.net
Software
/
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 02:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23040
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
7616209
x-amzn-requestid
d2b6c796-4a00-4c96-a9c6-68e9851b446a
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
cFW6bEY0IAMFRUQ=
content-length
23041
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-637ed1dc-36d7018c66bc7ecf50c5bea8
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
A2fLr-hoDgnYOlXrXFz7quJFpohXwAcLd3IgzuVhHsRd1kEjgRt5zA==
/
form.reflexleads.com/common/gum-form/render/ Frame B9DB
Redirect Chain
  • https://form.reflexleads.com/common/gum-form/render?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6Ijk...
  • https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6Ij...
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/gum-iframe.js?v=1676871853456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
c71e8f897a3bff70df3718a7dae7364088c295fe05c501d278b9df71abd58e35

Request headers

Referer
https://simulation.ma-solution-eco.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79c4edddeafc9bdc-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 20 Feb 2023 05:44:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8ijpYRPMlT%2BCeUe91vil6l1W0%2Bj452QxYPExqHdyVm4h0PjB02IEHVJ1IVbzN8PgUc6%2BEKzGE7nIpJ7ZYa%2Fmpj1URYw%2F78LBVGq3paxvzaGxtk5Y27XH3VLYkm%2BTbId3St6ofuj2A0xhpb%2BKTs%2FAvsyjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.24

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79c4eddd4b8abbc7-FRA
content-type
text/html
date
Mon, 20 Feb 2023 05:44:13 GMT
location
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScIJVvFRLwWV6SNs6R%2B5n7XYHqCje5ueg7N8LxMWbmqpBOoJG7wz8Xax9HtYRFHtbzguG%2B3JpG4sjgLr6BTcrS9Xin3Q47vOKCu0kyF%2FTVOtPsDrHvGMdrlJ2WLSTyIB%2B9N2e3CpqjPLIV7XefDTI8iABQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/ Frame B9DB 		218 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DYYC5C2ZHC
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
99bde5c232734dcac0e18963b01d6abfa581238c8232c5d34cba0bb56fdf65db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 05:44:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78054
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Feb 2023 05:44:14 GMT
gum-form.css
form.reflexleads.com/common/gum-form/ Frame B9DB 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-form/gum-form.css
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18f9124faa945c6a4a8d3f049fa1bbbaab304b469f811c16564218b226673fb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 05:44:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 Aug 2022 13:33:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11475003
etag
W/"62e927a8-1c04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WpJByUlubjs%2F1ldarHlYznd2W6msGUsR5UartR3fNcCNemWbZeXm7lrQuMoxWLKmeMUniu23Y1V7%2BO43R38ykUCOw%2FmZY%2BttW8oAh5WJfxGedux8i8xW7d3zQrAjdvDD5bm77i5VM1ArRWkKXfUoQbBcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
79c4eddedc349bdc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
gum-form.js
form.reflexleads.com/common/gum-form/ Frame B9DB 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-form/gum-form.js?v=87aa6d2117
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94b6a397c285dc0a0db232a47d3ae9151413b8c6012429aa97f8da8673c278d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 05:44:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Jan 2023 13:25:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1699306
etag
W/"63d916dd-6124"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsNFnBGNP%2BlB9ojALsIWv0sevP1Y9lqc2JuZjQ04ihlzJWpRrBdvw8gkBVUHu2FFmhoiLiHtE4quB1yKlWPpubR2UY0G5%2FQqDIAW%2Ft4SEjUL0M39sTYZdla%2BMaUG5qEwPrHNyrRr4RrIoRceB%2F4dwonW5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
cache-control
max-age=315360000
cf-ray
79c4eddedc369bdc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ Frame B9DB 		2 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/gum-form.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b56a96c8ac30c44981eff6d7f8a7b75bdcb55d8427f7fb078ae210c9cc136a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Feb 2023 05:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 03:45:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Feb 2023 05:44:14 GMT
/
form.reflexleads.com/common/gum-form/render/ Frame B9DB 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 05:44:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.24
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hg%2FkhFlT%2BShKxdoNnsQp20i6jbFJCKDkgwn6epJ5nnHcXHcI4%2Fp5G%2B%2Fe8YbnF1ULjBoP9zvXu2gM4c98miiO%2Flk7je7eHAgzqt0eyIIG9BBD0Yo5oLUOctU1njCREapDoPOYVN4cYtCxnNkDYqvGq113%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
79c4ede02d929bdc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame B9DB 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11dd041d74737fc472cedef6bbadd0062120f17ea5e5195eb1490eaaa0475812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://form.reflexleads.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 00:35:22 GMT
x-content-type-options
nosniff
age
364132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12580
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:58:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 00:35:22 GMT
js
www.googletagmanager.com/gtag/ Frame B9DB 		225 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DVVHXMJ1G9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DYYC5C2ZHC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07ab7c58dc22ac872db468d63709cfc37cd0df34e616aa18e9ddd2e862bb9553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 05:44:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79837
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Feb 2023 05:44:14 GMT
base64.min.js
form.reflexleads.com/common/gum-form/ Frame B9DB 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-form/base64.min.js?
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/gum-form.js?v=87aa6d2117
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c6d1c8195fe393af47c014346ebdcd629556a6365ea1f5a671cd507f914ce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJzb3VyY2UiOiJwb3dlcnNwYWNlIiwiY3JlYXRvcl9pZCI6IjkwNCIsImFmZl9pZCI6IjIxMzc1Iiwib2ZmZXJfaWQiOiIyMTM4MCIsImNhbXBhaWduX25hbWUiOiJQVjY2NiIsImNsaWNrSWQiOiI2YjE1MzMyYi02MjBiLTQzMjYtOWUzNC0zMzc4ODQxMzNmNzgifQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 05:44:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 08:25:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11475003
etag
W/"61c43271-1405"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrGssHXyzbN0TOhbvZIGG9FYOI58ROi27xARKMUvF0bMHqTp1Wk%2Fn%2F6h5suLgIxycZj%2FDLsKNz%2Fk38ilGhmTPl3i2ZJbptfI6fKtpJ8XuWvC8kXb8lgOcCqMeGgkJ0xqqjJcUlg0K0U%2Fan2hAw20WisXaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
cache-control
max-age=315360000
cf-ray
79c4ede1df969bdc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| ub object| GUMConsent boolean| isTracking string| keyword object| UnbounceSnowplowNamespace function| ubSnowplow object| script object| request function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow function| parseQueryString function| processMessage

7 Cookies

Domain/Path Name / Value
simulation.ma-solution-eco.com/pv-2022/ Name: ubpv
Value: a%2Ccdd23eb5-b89f-4a36-b054-652667ade875
.notretemps.com/ Name: uuid230
Value: a4d04fce-c6ce-41f8-af9d-0c1c5e3f27fd
.notretemps.com/ Name: nlid
Value: 522ba315|5e77ccf4
.notretemps.com/ Name: nllastdelid
Value: 5e77ccf4
.pwspace.com/ Name: pstuid
Value: 04f9c013-66b8-41b9-9cf2-e901ae277815
simulation.ma-solution-eco.com/ Name: ubvs
Value: d5164537-658e-4cca-8365-7941e16f84ca
.ma-solution-eco.com/ Name: ubvt
Value: v2%7Cd5164537-658e-4cca-8365-7941e16f84ca%7Ccdd23eb5-b89f-4a36-b054-652667ade875%3Aa%3Asingle

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pwspace.com
builder-assets.unbounce.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
fonts.ub-assets.com
form.reflexleads.com
lecoindelafinance.com
simulation.ma-solution-eco.com
t.prod1.emailing.notretemps.com
www.googletagmanager.com
2600:9000:21f3:3800:1d:11cf:5800:93a1
2a00:1450:400d:808::2008
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::200a
2a06:98c1:3120::c
2a06:98c1:3121::c
3.69.136.55
34.22.248.172
34.238.109.20
54.76.113.180
99.86.122.217
99.86.4.38
99.86.4.81
07ab7c58dc22ac872db468d63709cfc37cd0df34e616aa18e9ddd2e862bb9553
0d257823c52fc635ffe0f40ec778f6531d42910180e80c4125f89584227b5a03
11dd041d74737fc472cedef6bbadd0062120f17ea5e5195eb1490eaaa0475812
18f9124faa945c6a4a8d3f049fa1bbbaab304b469f811c16564218b226673fb2
1bcf046258ef4cfb331d740669502dfbc53513a4f69bea78678d5763495ba802
1bfa7fc5bcf1d76260f2fa3a0f2260033f9192a46e45700397dae082ec2eb449
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
3410eb9224bbb9829288265b14e45982122ed9b69557e003b011bbced7614315
3c78989e89f012996588e6f160d694dcd2a219b4e3970e06b0dc2642887630cb
5dc4c52ad9b22df4e2f70580e03de8ba2b2a3fc8ec48edfb0a2bb8e858975c2c
6785d30173290c1cfd3a3e2e728d484830477f354b6a944d175b9ca860025118
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94b6a397c285dc0a0db232a47d3ae9151413b8c6012429aa97f8da8673c278d0
99bde5c232734dcac0e18963b01d6abfa581238c8232c5d34cba0bb56fdf65db
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
a7daceebbd1be4c8fa379f8f5ffcfcb5e17f13f35bdd2b55598b79f97a9ae7d9
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b286d22cc654f9eba6539816dc3412f981b33a774742f13084d965fbdcf0f78d
b2f992e427cc69f3613adce548c3013d1427ffb850d99925adf5a384d9365727
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
c3a142a36f0e7dd9836a5adeb4824f1251818c7d7bbf30422bbecc301b5d5dcb
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c71e8f897a3bff70df3718a7dae7364088c295fe05c501d278b9df71abd58e35
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
dda2584bc600dec471fd72df51618d28500267f790c726dad2675b31ee3cf3a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b56a96c8ac30c44981eff6d7f8a7b75bdcb55d8427f7fb078ae210c9cc136a
e3c6d1c8195fe393af47c014346ebdcd629556a6365ea1f5a671cd507f914ce1
e850f09f5cb918d1a5617c6d5a0779f183772d892831f1d5b095cd5705c43682
e94a6a4a390f371f95ad5297e718a7bdb105f0d920969855c631ca93caf7c308
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef