demande.prefon-retraite.fr Open in urlscan Pro
185.11.188.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.e.mvinfos.com/c/?t=ecf9f98-4!s-eez-12x-8x1m4
Effective URL:
https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e...
Submission: On February 26 via api (February 26th 2021, 11:22:46 pm UTC) from BE

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 25 domains to perform 70 HTTP transactions. The main IP is 185.11.188.210, located in Paris, France and belongs to EQUINIX-CONNECT, GB. The main domain is demande.prefon-retraite.fr.
TLS certificate: Issued by R3 on January 13th 2021. Valid for: 3 months.

This is the only time demande.prefon-retraite.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a05:71c0:200... 2a05:71c0:2000::e	34993 (ODISO-AS) (ODISO-AS)
1 2	34.95.109.120 34.95.109.120	15169 (GOOGLE) (GOOGLE)
1	52.85.10.47 52.85.10.47	16509 (AMAZON-02) (AMAZON-02)
1	188.165.150.178 188.165.150.178	16276 (OVH) (OVH)
15	185.11.188.210 185.11.188.210	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	13.224.195.48 13.224.195.48	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	145.239.192.103 145.239.192.103	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	35.244.231.49 35.244.231.49	15169 (GOOGLE) (GOOGLE)
1	34.252.227.171 34.252.227.171	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
13	145.239.193.53 145.239.193.53	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.105.203.81 46.105.203.81	16276 (OVH) (OVH)
2 3	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	164.132.142.74 164.132.142.74	16276 (OVH) (OVH)
3 4	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
70	29

1 2a05:71c0:2000::e (France) 1 redirects

ASN34993 (ODISO-AS, FR)

t.e.mvinfos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.109.120 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.10.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-10-47.otp50.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.150.178 (France)

ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com

analytics.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.11.188.210 (Paris, France)

ASN15830 (EQUINIX-CONNECT, GB)

demande.prefon-retraite.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-48.fra2.r.cloudfront.net

try.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.192.103 (France)

ASN16276 (OVH, FR)

atout.email-match.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.231.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)

dcinfos-cache.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ariane.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.227.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

dcinfos.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 145.239.193.53 (France)

ASN16276 (OVH, FR)

asset.easydmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sqdt.mconso.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtg-sq.hopmailing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.203.81 (France)

ASN16276 (OVH, FR)

cdn.kdata.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.207.148 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 164.132.142.74 (France)

ASN16276 (OVH, FR)
PTR: cloud0-lb1.kdata.fr

tracking.kdata.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.37 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	prefon-retraite.fr demande.prefon-retraite.fr	291 KB
11	easydmp.net asset.easydmp.net	30 KB
6	googleapis.com maps.googleapis.com	199 KB
5	doubleclick.net 3 redirects ad.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	4 KB
5	abtasty.com try.abtasty.com dcinfos-cache.abtasty.com dcinfos.abtasty.com ariane.abtasty.com	106 KB
4	adnxs.com 3 redirects secure.adnxs.com	4 KB
4	tradedoubler.com 1 redirects clk.tradedoubler.com vht.tradedoubler.com analytics.tradedoubler.com	7 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com	1 KB
3	kdata.fr cdn.kdata.fr tracking.kdata.fr	4 KB
3	jquery.com code.jquery.com	151 KB
2	facebook.com www.facebook.com	557 B
2	gstatic.com maps.gstatic.com	5 KB
2	bing.com bat.bing.com	9 KB
2	facebook.net connect.facebook.net	94 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	google.de adservice.google.de www.google.de	852 B
2	google.com 1 redirects adservice.google.com www.google.com	804 B
1	hopmailing.com rtg-sq.hopmailing.com	413 B
1	mconso.fr sqdt.mconso.fr	415 B
1	zeotap.com spl.zeotap.com	24 KB
1	googleadservices.com www.googleadservices.com	13 KB
1	email-match.com atout.email-match.com	2 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	mvinfos.com 1 redirects t.e.mvinfos.com	626 B
70	25

	Domain	Requested by
15	demande.prefon-retraite.fr	demande.prefon-retraite.fr
11	asset.easydmp.net	atout.email-match.com asset.easydmp.net cdn.kdata.fr
6	maps.googleapis.com	demande.prefon-retraite.fr maps.googleapis.com
4	secure.adnxs.com	3 redirects
3	idsync.rlcdn.com	2 redirects
3	code.jquery.com	demande.prefon-retraite.fr
2	tracking.kdata.fr	cdn.kdata.fr
2	www.facebook.com	demande.prefon-retraite.fr
2	maps.gstatic.com	demande.prefon-retraite.fr
2	bat.bing.com	demande.prefon-retraite.fr
2	ariane.abtasty.com	try.abtasty.com
2	connect.facebook.net	demande.prefon-retraite.fr connect.facebook.net
2	www.google-analytics.com	demande.prefon-retraite.fr www.google-analytics.com
2	ad.doubleclick.net	2 redirects
2	clk.tradedoubler.com	1 redirects
1	rtg-sq.hopmailing.com	asset.easydmp.net
1	sqdt.mconso.fr	asset.easydmp.net
1	cm.g.doubleclick.net	1 redirects
1	cdn.kdata.fr	clk.tradedoubler.com
1	spl.zeotap.com	asset.easydmp.net
1	www.google.de	demande.prefon-retraite.fr
1	www.google.com	demande.prefon-retraite.fr
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	dcinfos.abtasty.com	try.abtasty.com
1	dcinfos-cache.abtasty.com	try.abtasty.com
1	www.googleadservices.com	www.googletagmanager.com
1	atout.email-match.com	demande.prefon-retraite.fr
1	adservice.google.de	demande.prefon-retraite.fr
1	adservice.google.com	1 redirects
1	try.abtasty.com	demande.prefon-retraite.fr
1	www.googletagmanager.com	demande.prefon-retraite.fr
1	cdnjs.cloudflare.com	demande.prefon-retraite.fr
1	analytics.tradedoubler.com	vht.tradedoubler.com
1	vht.tradedoubler.com	clk.tradedoubler.com
1	t.e.mvinfos.com	1 redirects
70	36

This site contains no links.

Subject Issuer	Validity	Valid
*.tradedoubler.com R3	`2021-01-23` - `2021-04-23`	3 months	crt.sh
demande.prefon-retraite.fr R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
try.abtasty.com Amazon	`2020-08-25` - `2021-09-24`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
er4.prixdesvoyages.com R3	`2021-02-06` - `2021-05-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
dcinfos-cache.abtasty.com R3	`2021-01-29` - `2021-04-29`	3 months	crt.sh
*.abtasty.com Amazon	`2020-10-21` - `2021-11-19`	a year	crt.sh
ariane.abtasty.com R3	`2021-01-22` - `2021-04-22`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
atout.easydmp.net R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.kdata.fr RapidSSL RSA CA 2018	`2019-04-11` - `2021-07-10`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
asset.azdmp.com R3	`2021-01-15` - `2021-04-15`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Frame ID: 9627EA172C83DFD9E1E5978E1190C815
Requests: 52 HTTP requests in this frame

Frame: https://asset.easydmp.net/client_iframe.html?t=224220
Frame ID: 771B7E04650365E540E36A6F59EC2174
Requests: 14 HTTP requests in this frame

Frame: https://spl.zeotap.com/mapper.js?env=mWeb&zdid=598&zctry=fra&eventType=map
Frame ID: 36AC99C4951D10E880AAC1D506CDCBB5
Requests: 1 HTTP requests in this frame

Frame: https://asset.easydmp.net/client_iframe.html?t=224220
Frame ID: 579EC155FCAB6B98E6A3CFF29BDE4A65
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.e.mvinfos.com/c/?t=ecf9f98-4!s-eez-12x-8x1m4 HTTP 302
https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/p... Page URL
https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/p... HTTP 302
https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affi... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

70
Requests

100 %
HTTPS

50 %
IPv6

25
Domains

36
Subdomains

29
IPs

6
Countries

1003 kB
Transfer

2650 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.e.mvinfos.com/c/?t=ecf9f98-4!s-eez-12x-8x1m4 HTTP 302
https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom= Page URL
https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom= HTTP 302
https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://t.e.mvinfos.com/c/?t=ecf9f98-4!s-eez-12x-8x1m4 HTTP 302
https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=

Request Chain 24

https://ad.doubleclick.net/ddm/activity/src=8702683;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75 HTTP 302
https://adservice.google.com/ddm/fls/p/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75;~oref=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php%3Forp%3DDARWIN_MAIL%26email%3D%26nom%3D%26prenom%3D HTTP 302
https://adservice.google.de/ddm/fls/p/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75;~oref=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php%3Forp%3DDARWIN_MAIL%26email%3D%26nom%3D%26prenom%3D

Request Chain 55

https://idsync.rlcdn.com/461249.gif?partner_uid=161438175070016290 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMGTHBIeChoIARC38wEaEjE2MTQzODE3NTA3MDAxNjI5MBAAGg0ItoXmgQYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESED2yw8PKWxVNSrguXBtSz1M&google_cver=1

Request Chain 61

https://secure.adnxs.com/getuid?https%3A%2F%2Ftracking.kdata.fr%2Fsync%3Feditor%3Dappnexus%26id_sync%3D$UID%26customer%3Dcapitaldata_crm HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftracking.kdata.fr%252Fsync%253Feditor%253Dappnexus%2526id_sync%253D%24UID%2526customer%253Dcapitaldata_crm HTTP 302
https://tracking.kdata.fr/sync?editor=appnexus&id_sync=4255551043664928740&customer=capitaldata_crm

Request Chain 62

https://secure.adnxs.com/setuid?entity=403&code=bdf98fdd-a9a9-4148-861d-98e454662d92 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D403%26code%3Dbdf98fdd-a9a9-4148-861d-98e454662d92

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

click Show response
clk.tradedoubler.com/
Redirect Chain

https://t.e.mvinfos.com/c/?t=ecf9f98-4!s-eez-12x-8x1m4
https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_mediu...

1 KB
2 KB

54ms
22ms

Document
text/html

34.95.109.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.109.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.109.95.34.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: 45efac1dd62963593e74de8595ca4d708d480d9057abb9aa7f9a29e1ae420c7d

Request headers

:method: GET
:authority: clk.tradedoubler.com
:scheme: https
:path: /click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=ISO-8859-1
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Fri, 26 Feb 2021 23:22:29 GMT
content-length: 1389
via: 1.1 google
alt-svc: clear

Redirect headers

cache-control: private
content-type: text/html; charset=utf-8
location: https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=sqcmbugfojwjutuzmbafh4fh; path=/; HttpOnly; SameSite=Lax SERVERID=mindtrack4.odiso.net; path=/; HttpOnly; Secure
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 26 Feb 2021 23:22:29 GMT
content-length: 408
strict-transport-security: max-age=31536000;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

GET
H/1.1 200
OK prefs.js Show response
vht.tradedoubler.com/fp/ 9 KB
4 KB 170ms
53ms Script
application/javascript 52.85.10.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vht.tradedoubler.com/fp/prefs.js
Requested by: Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.10.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-10-47.otp50.r.cloudfront.net
Software: Apache /
Resource Hash: 17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Feb 2021 03:44:37 GMT
Content-Encoding: gzip
Age: 502672
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 15 Oct 2018 09:28:46 GMT
Server: Apache
ETag: W/"2509-57841106334e6"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 07c99fcfb78057a95c831de1ef8afe60.cloudfront.net (CloudFront)
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: OTP50-C1
X-Amz-Cf-Id: han7gV0F8NFDW2hVJ5Q7GfLcCpj_DkhNi-PJ9ComQTSKVByRFld3Ng==
Expires: Sun, 28 Feb 2021 03:44:37 GMT

POST
H/1.1 200
OK /
analytics.tradedoubler.com/ 0
241 B 142ms
36ms Other
text/html 188.165.150.178
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tradedoubler.com/
Requested by: Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS: lb02.net.royalcactus.com
Software: nginx /
Resource Hash

Request headers

Referer: https://clk.tradedoubler.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 26 Feb 2021 23:22:29 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Primary Request demandedoc.php Show response
demande.prefon-retraite.fr/page-demande-documentation-65/
Redirect Chain

https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_mediu...
https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=

19 KB
7 KB

100ms
46ms

Document
text/html

185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

Software

Apache / PREFON ENGINE

Resource Hash

88ed2bbb39378f4e18036d693530f1c764dc1547a36fc2b71be17aa6cc5901ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Host: demande.prefon-retraite.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://clk.tradedoubler.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://clk.tradedoubler.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://clk.tradedoubler.com/

Response headers

Date: Fri, 26 Feb 2021 23:22:29 GMT
Server: Apache
X-Powered-By: PREFON ENGINE
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 +0000
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6418
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

location: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
set-cookie: EH_0=1z11z1zmoz1o2bjQzxs8yYk6TYwGyD91dvxgSgt7oAMPSMsC34CQUtL8c5TV5TB0UF97hRX2Gvh7meu%79oBZgO;expires=Sat, 26-Feb-2022 23:22:29 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure GUID=1z11zzmoz1jl7u4z007851785cac8293d6294c186f75b552;expires=Sat, 26-Feb-2022 23:22:29 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure TradeDoublerGUID=007851785cac8293d6294c186f75b552;expires=Sat, 26-Feb-2022 23:22:29 GMT;path=/;domain=.tradedoubler.com;SameSite=None; Secure
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Fri, 26 Feb 2021 23:22:29 GMT
content-length: 391
content-type: text/html; charset=ISO-8859-1
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK style.css
demande.prefon-retraite.fr/assets/p65/css/ 18 KB
4 KB 16ms
16ms Stylesheet
text/css 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://demande.prefon-retraite.fr/assets/p65/css/style.css
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: be4436e1985d20b9a819702ef5559861a4ef3d2e1b918c46254338eaf21fed0f

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 May 2020 12:19:21 GMT
Server: Apache
ETag: "476d-5a50de3fb9ab3-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3752

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.10.3/themes/cupertino/ 31 KB
6 KB 26ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.10.3/themes/cupertino/jquery-ui.css
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: a36c42c553d161be0176320c85f177e85f00517fdac9bf7852fcfc4e9f7753c3

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:30 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:08 GMT
server: nginx
etag: W/"54499a48-7db6"
vary: Accept-Encoding
x-hw: 1614381750.dop148.fr8.t,1614381750.cds224.fr8.hn,1614381750.cds134.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6199

GET
H/1.1 200
OK logo-prefon.gif
demande.prefon-retraite.fr/assets/p65/imgs/ 1 KB
2 KB 18ms
15ms Image
image/gif 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demande.prefon-retraite.fr/assets/p65/imgs/logo-prefon.gif
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: 189d5d3ba204aa13939748767787b30efaea3679f5f7baa83a83b6a9d7b298aa

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Last-Modified: Thu, 07 May 2020 12:19:24 GMT
Server: Apache
ETag: "52b-5a50de421d021"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1323

GET
H/1.1 200
OK loader.gif
demande.prefon-retraite.fr/assets/common/imgs/ 7 KB
7 KB 24ms
24ms Image
image/gif 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demande.prefon-retraite.fr/assets/common/imgs/loader.gif
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: ec80bea1355db7f5c5bf4f88741f7afe90a744f652f9358ba761da2783495ba2

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Last-Modified: Fri, 07 Jun 2019 08:15:47 GMT
Server: Apache
ETag: "1cc4-58ab7700c2125"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7364

GET
H2 200 jquery-1.12.2.min.js Show response
code.jquery.com/ 95 KB
33 KB 27ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.2.min.js
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9

Request headers

Origin: https://demande.prefon-retraite.fr
Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:30 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2016 17:45:51 GMT
server: nginx
etag: W/"56eaed4f-17bdc"
vary: Accept-Encoding
x-hw: 1614381750.dop148.fr8.t,1614381750.cds201.fr8.hn,1614381750.cds286.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33789

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/ 22 KB
7 KB 13ms
10ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/jquery.validate.min.js

Requested by

Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5426669
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6511
cf-request-id: 08823faf0500004dbe9a213000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-58a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=alCMpnqM4rYcNJZ7F4DqGATvx%2FOWn8KbS%2Fy7pOE6CORNuWgpYXtFFgy3oKT6BExckqhr9%2Fw3KnjTZweWgwnZvvWfxqJ9IqiMGUCkvWUM2B1hnLls8Jx1eP2Vjbun71i1Eg%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 627d6891a9eb4dbe-FRA
expires: Wed, 16 Feb 2022 23:22:30 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.11.4/ 460 KB
112 KB 26ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/jquery-ui.js
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:30 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2015 13:03:17 GMT
server: nginx
etag: W/"55003d15-72e44"
vary: Accept-Encoding
x-hw: 1614381750.dop148.fr8.t,1614381750.cds224.fr8.hn,1614381750.cds125.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 114093

GET
H/1.1 200
OK td.js Show response
demande.prefon-retraite.fr/assets//common/js/ 739 B
795 B 32ms
15ms Script
application/javascript 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://demande.prefon-retraite.fr/assets//common/js/td.js
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: 110973afe37ac008e0b5da625081cbdbe0da67ee31159d507bdd3f836c570b1e

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jun 2019 08:15:47 GMT
Server: Apache
ETag: "2e3-58ab770175c36-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 462

GET
H/1.1 200
OK messages_fr.min.js Show response
demande.prefon-retraite.fr/assets//common/js/ 3 KB
1 KB 49ms
16ms Script
application/javascript 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://demande.prefon-retraite.fr/assets//common/js/messages_fr.min.js
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: f4597c19f633ee2282afaae8ace31deca2abe4a98d96f372c0f63c6a857628c5

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jun 2019 08:15:47 GMT
Server: Apache
ETag: "c03-58ab77014db92-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1002

GET
H/1.1 200
OK datepick.fr.js Show response
demande.prefon-retraite.fr/assets//common/js/ 2 KB
1 KB 50ms
16ms Script
application/javascript 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://demande.prefon-retraite.fr/assets//common/js/datepick.fr.js
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: 37286ec8db5bfcce32cca42e7ca5bed7a8a656e8ebdcea8e00dc71831b1353c6

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jun 2019 08:15:47 GMT
Server: Apache
ETag: "60e-58ab77011ddee-gzip"
Vary: Accept-Encoding
Content-Language: fr
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=97
Content-Length: 703

GET
H/1.1 200
OK dqe_tele.js Show response
demande.prefon-retraite.fr/assets//common/js/ 8 KB
2 KB 71ms
23ms Script
application/javascript 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://demande.prefon-retraite.fr/assets//common/js/dqe_tele.js
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: de9e3d1d99a57979c8358cd4e9f2b5e1f99b5ec9f37c245d96a752271d0c67b6

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jun 2019 08:15:47 GMT
Server: Apache
ETag: "1ecf-58ab7701335b0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1979

GET
H/1.1 200
OK dqe_mail.js Show response
demande.prefon-retraite.fr/assets//common/js/ 8 KB
2 KB 66ms
16ms Script
application/javascript 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://demande.prefon-retraite.fr/assets//common/js/dqe_mail.js
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: 2a2c345436409e3c1e2bcb9183f46b2244af8daada471760f62fdef8f5fc5c29

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jun 2019 08:15:47 GMT
Server: Apache
ETag: "20a1-58ab770125aee-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2028

GET
H/1.1 200
OK geoloc.js Show response
demande.prefon-retraite.fr/assets//common/js/ 3 KB
1 KB 66ms
15ms Script
application/javascript 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://demande.prefon-retraite.fr/assets//common/js/geoloc.js
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: 186c0ac30a759e7c014ca6540a5a3e22b82d1175fe972270790252ef309095a4

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jun 2019 08:15:47 GMT
Server: Apache
ETag: "a1e-58ab770139370-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1055

GET
H/1.1 200
OK prefon.js Show response
demande.prefon-retraite.fr/assets//common/js/ 5 KB
2 KB 50ms
15ms Script
application/javascript 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://demande.prefon-retraite.fr/assets//common/js/prefon.js
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: a5239cb8d80d402be0054daaf6803449bd9d7115c877469cddaae6d11446c5ff

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jun 2019 08:15:47 GMT
Server: Apache
ETag: "14e3-58ab77015a6b3-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1540

GET
H/1.1 200
OK validation_standard_rgpd.js Show response
demande.prefon-retraite.fr/assets//common/js/ 8 KB
2 KB 25ms
24ms Script
application/javascript 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://demande.prefon-retraite.fr/assets//common/js/validation_standard_rgpd.js
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: ba622e86a75f1d66d2a671f704cbadf1b079ad5afec8ca4d5dd3d94dd3499d73

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jun 2019 08:15:47 GMT
Server: Apache
ETag: "1efb-58ab77018d338-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1537

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 131 KB
43 KB 58ms
37ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyApqdw7GEuGjYsIzYkgU_TKW3puCKWSeC0&signed_in=true&libraries=places&callback=initAutocomplete

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

a0752f694a8641c19ab6a70cef6277d5706c3f74f0624fff520951266a5446e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:30 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=23
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43473
x-xss-protection: 0
expires: Fri, 26 Feb 2021 23:52:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1025600998

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78a4f8afab4723c6be74ae8fa55ec1bf41f4ba6233b0722433a4cfb167fb3b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39389
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Feb 2021 23:22:30 GMT

GET
H2 200 4cf7cf0ad1318c66b9ec0faaf7ac6680.js Show response
try.abtasty.com/ 390 KB
105 KB 88ms
30ms Script
application/javascript 13.224.195.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/4cf7cf0ad1318c66b9ec0faaf7ac6680.js
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-48.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4f42ffd06f99282f34c8879189cf277bd1dc8292bd906798698a36e452794a02

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 08:45:38 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 17:22:22 GMT
server: CloudFront
age: 52613
etag: "9f405548baded5a5baba5fa98d3d92e8"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
cache-control: s-maxage=86400,max-age=30
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 106872
x-amz-cf-id: -yScPpehwHCCJYQlp0NwkXH4bKLVf-IpvTKg1EH6ToWOXGjhhmlvEw==

GET
H/1.1 200
OK prefon-logo.jpg
demande.prefon-retraite.fr/assets/p65/imgs/ 20 KB
20 KB 27ms
24ms Image
image/jpeg 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demande.prefon-retraite.fr/assets/p65/imgs/prefon-logo.jpg
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/assets/p65/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: efae7eb1ee84e8e66b07aa67e81264e2ebd3d18ce0d5b6be85774f1455c98f1a

Request headers

Referer: https://demande.prefon-retraite.fr/assets/p65/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Last-Modified: Thu, 07 May 2020 12:19:24 GMT
Server: Apache
ETag: "5030-5a50de42dc6b0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20528

GET
H/1.1 200
OK conserver-votre-niveau-vie.jpg
demande.prefon-retraite.fr/assets/p65/imgs/ 233 KB
234 KB 25ms
24ms Image
image/jpeg 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demande.prefon-retraite.fr/assets/p65/imgs/conserver-votre-niveau-vie.jpg
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/assets/p65/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: 11f1c7b3e4eb2d346def6823e055aee661de59428f76533df9a49606d8be855a

Request headers

Referer: https://demande.prefon-retraite.fr/assets/p65/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Last-Modified: Mon, 07 Dec 2020 08:22:35 GMT
Server: Apache
ETag: "3a569-5b5db8744a478"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 238953

GET
H/1.1 200
OK lettre.jpg
demande.prefon-retraite.fr/assets/p65/imgs/ 5 KB
5 KB 25ms
24ms Image
image/jpeg 185.11.188.210
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demande.prefon-retraite.fr/assets/p65/imgs/lettre.jpg
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/assets/p65/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.11.188.210 Paris, France, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Apache /
Resource Hash: 381ee76ae5f41504a474435e21186861bc700590f74baed06fd137a6e70019eb

Request headers

Referer: https://demande.prefon-retraite.fr/assets/p65/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Last-Modified: Thu, 07 May 2020 12:19:23 GMT
Server: Apache
ETag: "1301-5a50de41d8a5c"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4865

GET
H2

200

demandedoc.php%3Forp%3DDARWIN_MAIL%26email%3D%26nom%3D%26prenom%3D
adservice.google.de/ddm/fls/p/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75;~oref=https:/...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8702683;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75?
https://ad.doubleclick.net/ddm/activity/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75?
https://adservice.google.com/ddm/fls/p/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75;~ore...
https://adservice.google.de/ddm/fls/p/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75;~oref...

42 B
744 B

63ms
43ms

Image
image/gif

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75;~oref=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php%3Forp%3DDARWIN_MAIL%26email%3D%26nom%3D%26prenom%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 23:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Feb 2021 23:22:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/src=8702683;dc_pre=COnYgtbYiO8CFZGlsgodMw4NyA;type=invmedia;cat=prefo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9146258578196.75;~oref=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php%3Forp%3DDARWIN_MAIL%26email%3D%26nom%3D%26prenom%3D
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK emafunc.js Show response
atout.email-match.com/ 2 KB
2 KB 186ms
30ms Script
application/javascript 145.239.192.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://atout.email-match.com/emafunc.js?t=224220

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.192.103 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

4ff4d85a1c01a81087bbeb9d15d75389807d0a467481b955ec57c55886ead264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 08:35:12 GMT
X-IPLB-Request-ID: 52661272:EF02_91EFC067:01BB_603982B6_29B64A:1014C
ETag: "60376140-456"
X-IPLB-Instance: 24907
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Type: application/javascript; charset=utf-8
Content-Length: 1110

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5713
date: Fri, 26 Feb 2021 21:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 26 Feb 2021 23:47:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
25 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: 0yIhZq31TFGtYeFXuYPFRsLl4ZMbHdHfj1peLgmD7PjA4ZRLVOv2NZjrzaUqjr67rBhE35ZzqurW+6EdtCYDXA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 26 Feb 2021 23:22:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/2/ 76 KB
28 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/2/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyApqdw7GEuGjYsIzYkgU_TKW3puCKWSeC0&signed_in=true&libraries=places&callback=initAutocomplete

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0230797e54d0649c0e667ad5c761091c7b5d06eb05ed9b62b96a6e2fe37d926a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 14:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 19:54:41 GMT
server: sffe
age: 32592
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28484
x-xss-protection: 0
expires: Sat, 26 Feb 2022 14:19:18 GMT

GET
H3-Q050 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/2/ 145 KB
54 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/2/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyApqdw7GEuGjYsIzYkgU_TKW3puCKWSeC0&signed_in=true&libraries=places&callback=initAutocomplete

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42032ffebf225507d2ae40244e8ec83c543494e18f1196fb86773caab99c24e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 06:24:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 19:54:41 GMT
server: sffe
age: 61059
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55198
x-xss-protection: 0
expires: Sat, 26 Feb 2022 06:24:51 GMT

GET
H3-Q050 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/2/ 214 KB
58 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/2/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyApqdw7GEuGjYsIzYkgU_TKW3puCKWSeC0&signed_in=true&libraries=places&callback=initAutocomplete

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ff20cb4f90a841573aef52d242ddb9865be992bf4883774ec2338ecb10b2ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 18:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 19:54:41 GMT
server: sffe
age: 191140
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58804
x-xss-protection: 0
expires: Thu, 24 Feb 2022 18:16:50 GMT

GET
H3-Q050 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/2/ 43 KB
16 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/2/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyApqdw7GEuGjYsIzYkgU_TKW3puCKWSeC0&signed_in=true&libraries=places&callback=initAutocomplete

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50308c844f977821494824a6fc1009ae55984c72052893c8169c1229b3649222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 18:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 19:54:41 GMT
server: sffe
age: 191130
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16606
x-xss-protection: 0
expires: Thu, 24 Feb 2022 18:17:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 31 KB
13 KB 87ms
33ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1025600998

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12348
x-xss-protection: 0
server: cafe
etag: 7672817363517198860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Feb 2021 23:22:30 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
397 B 46ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1297316263&t=pageview&_s=1&dl=https%3A%2F%2Fdemande.prefon-retraite.fr%2Fpage-demande-documentation-65%2Fdemandedoc.php%3Forp%3DDARWIN_MAIL%26utm_source%3Daffiliation%26utm_medium%3De-mail%26utm_campaign%3Daffiliation-lp65%26email%3D%26nom%3D%26prenom%3D&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&ul=en-us&de=UTF-8&dt=Prefon%2C%20la%20retraite%20et%20la%20pr%C3%A9voyance%20de%20la%20fonction%20publique&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1283150650&gjid=784975711&cid=136520513.1614381750&tid=UA-12569344-3&_gid=381148819.1614381750&_r=1&_slc=1&z=977934677

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 23:22:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://demande.prefon-retraite.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ua-parser Show response
dcinfos-cache.abtasty.com/v1/ 112 B
306 B 54ms
23ms Fetch
application/json 35.244.231.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/ua-parser

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/4cf7cf0ad1318c66b9ec0faaf7ac6680.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.231.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6f5c50fc095ff17fc72aee7a0270bf1cdd9410e7a3c015e9f4ee6945001ccada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Feb 2021 23:22:30 GMT
via: 1.1 google
age: 0
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
content-type: application/json
x-re: 0
access-control-allow-origin: *
x-len: 129
grpc-metadata-content-type: application/grpc
accept-ranges: bytes
alt-svc: clear
content-length: 112

GET
H/1.1 200
OK geolocAndWeather.php Show response
dcinfos.abtasty.com/ 184 B
429 B 152ms
32ms Script
application/json 34.252.227.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos.abtasty.com/geolocAndWeather.php?chID=4cf7cf0ad1318c66b9ec0faaf7ac6680&weather=false&dmp=false&vID=21022700223070180&callback=DCInfosCallback

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/4cf7cf0ad1318c66b9ec0faaf7ac6680.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.227.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

10f0ac01d9292425b4f7c3a54d9bf0ed77eb4c0ea444e016e9c53028f31d956a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600; includeSubdomains;

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 26 Feb 2021 23:22:30 GMT
Server: Apache
Connection: keep-alive
Content-Length: 184
Strict-Transport-Security: max-age=3153600; includeSubdomains;
Content-Type: application/json

POST
H2 200 /
ariane.abtasty.com/ 43 B
344 B 63ms
20ms Other
image/gif 35.244.231.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/4cf7cf0ad1318c66b9ec0faaf7ac6680.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.231.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
date: Fri, 26 Feb 2021 23:22:30 GMT
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://demande.prefon-retraite.fr
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
alt-svc: clear
content-length: 43

GET
H2 200 bat.js Show response
bat.bing.com/ 28 KB
9 KB 47ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0f8b92749ed5ae1a53b456979b6b1fa2157fbc804b8b6b871f0068316bbf1320

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:29 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 01:12:13 GMT
x-msedge-ref: Ref A: C9E519F8840B4D66A941B34A1E43DD89 Ref B: FRAEDGE1209 Ref C: 2021-02-26T23:22:30Z
etag: "8014993f13bd71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8512

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
92 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-12569344-3&cid=136520513.1614381750&jid=1283150650&gjid=784975711&_gid=381148819.1614381750&_u=IEBAAEAAAAAAAC~&z=392574955

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Feb 2021 23:22:30 GMT
content-type: text/plain
access-control-allow-origin: https://demande.prefon-retraite.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1649879995301842 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 47ms
47ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1649879995301842?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1bae009635440bc18f0af4dc1ff7db0a79917134618e4bbe17247f3d8932046

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: BQNFw+es4awzJNBeE9VkJCip+4KWhgKdQnbIxf9E6feS15T0tOijOoiPDiupjK0Nn04yZc53/GdJaMWB5ulgLQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 26 Feb 2021 23:22:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 35ms
13ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1616
x-xss-protection: 0
expires: Fri, 26 Feb 2021 23:22:30 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
3 KB 35ms
14ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3351
x-xss-protection: 0
expires: Fri, 26 Feb 2021 23:22:30 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5562557&Ver=2&mid=cf127a2c-0e08-4bb2-ae19-26553bbe6b02&sid=7f0e0190788911eb9aa5cb78b3f33802&vid=7f0e0e70788911ebab8161a669906550&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Prefon,%20la%20retraite%20et%20la%20pr%C3%A9voyance%20de%20la%20fonction%20publique&p=https%3A%2F%2Fdemande.prefon-retraite.fr%2Fpage-demande-documentation-65%2Fdemandedoc.php%3Forp%3DDARWIN_MAIL%26utm_source%3Daffiliation%26utm_medium%3De-mail%26utm_campaign%3Daffiliation-lp65%26email%3D%26nom%3D%26prenom%3D&r=https%3A%2F%2Fclk.tradedoubler.com%2F&lt=315&evt=pageLoad&msclkid=N&sv=1&rn=860759
Requested by: Host: demande.prefon-retraite.fr
URL: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 26 Feb 2021 23:22:29 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: C07C9DEC27FA4FBFBAA119642AC84780 Ref B: FRAEDGE1209 Ref C: 2021-02-26T23:22:30Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1025600998/ 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1025600998/?random=1614381750245&cv=9&fst=1614381750245&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdemande.prefon-retraite.fr%2Fpage-demande-documentation-65%2Fdemandedoc.php%3Forp%3DDARWIN_MAIL%26utm_source%3Daffiliation%26utm_medium%3De-mail%26utm_campaign%3Daffiliation-lp65%26email%3D%26nom%3D%26prenom%3D&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Prefon%2C%20la%20retraite%20et%20la%20pr%C3%A9voyance%20de%20la%20fonction%20publique&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

027cec7ec5e88eafcde1cf16ae99344dd90c27bbd64b159212f3f16251e0fe4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 23:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1179
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1025600998/ 42 B
109 B 24ms
21ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1025600998/?random=1614381750245&cv=9&fst=1614380400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdemande.prefon-retraite.fr%2Fpage-demande-documentation-65%2Fdemandedoc.php%3Forp%3DDARWIN_MAIL%26utm_source%3Daffiliation%26utm_medium%3De-mail%26utm_campaign%3Daffiliation-lp65%26email%3D%26nom%3D%26prenom%3D&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Prefon%2C%20la%20retraite%20et%20la%20pr%C3%A9voyance%20de%20la%20fonction%20publique&async=1&fmt=3&is_vtc=1&random=3610761875&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 23:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1025600998/ 42 B
108 B 24ms
23ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1025600998/?random=1614381750245&cv=9&fst=1614380400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdemande.prefon-retraite.fr%2Fpage-demande-documentation-65%2Fdemandedoc.php%3Forp%3DDARWIN_MAIL%26utm_source%3Daffiliation%26utm_medium%3De-mail%26utm_campaign%3Daffiliation-lp65%26email%3D%26nom%3D%26prenom%3D&ref=https%3A%2F%2Fclk.tradedoubler.com%2F&tiba=Prefon%2C%20la%20retraite%20et%20la%20pr%C3%A9voyance%20de%20la%20fonction%20publique&async=1&fmt=3&is_vtc=1&random=3610761875&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 23:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1649879995301842&ev=PageView&dl=https%3A%2F%2Fdemande.prefon-retraite.fr%2Fpage-demande-documentation-65%2Fdemandedoc.php%3Forp%3DDARWIN_MAIL%26utm_source%3Daffiliation%26utm_medium%3De-mail%26utm_campaign%3Daffiliation-lp65%26email%3D_removed_%26nom%3D%26prenom%3D%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522email%2522%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=https%3A%2F%2Fclk.tradedoubler.com%2F%3F_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&if=false&ts=1614381750294&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614381750293.1837062800&it=1614381750216&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 26 Feb 2021 23:22:30 GMT

GET
H/1.1 200
OK client.js Show response
asset.easydmp.net/js/ 8 KB
3 KB 154ms
34ms Script
application/javascript 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/js/client.js?t=224220

Requested by

Host: atout.email-match.com
URL: https://atout.email-match.com/emafunc.js?t=224220

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

3b606ddaa0745188104b1209c9308343fcdd48f430067463f0aa388199ff6fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 08:35:12 GMT
X-IPLB-Request-ID: 52661272:D8F4_91EFC135:01BB_603982B6_A5DA82A:AEDF
ETag: "60376140-c16"
X-IPLB-Instance: 36821
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Type: application/javascript; charset=utf-8
Content-Length: 3094

GET
H/1.1 200
OK client_iframe.html Show response
asset.easydmp.net/ Frame 771B 26 KB
9 KB 45ms
44ms Document
text/html 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/client_iframe.html?t=224220

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/js/client.js?t=224220

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

d508d4f6e89e7080a6acf4c2161aba7feb6cf114c2fead9451d2da66c0a626d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: asset.easydmp.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 25 Feb 2021 08:35:12 GMT
Transfer-Encoding: chunked
ETag: W/"60376140-636c"
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Encoding: gzip
X-IPLB-Request-ID: 52661272:D8F4_91EFC135:01BB_603982B6_A5DA82D:AEDF
X-IPLB-Instance: 36821

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 771B 0
415 B 55ms
54ms XHR
text/html 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224220

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: only-if-cached
Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 52661272:D8F4_91EFC135:01BB_603982B6_A5DA82F:AEDF
X-IPLB-Instance: 36821
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK collect_v3.php Show response
asset.easydmp.net/ Frame 771B 110 B
569 B 40ms
39ms XHR
application/json 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/collect_v3.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224220

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a4ab2829c6214372961f0bd5b9536a2a62ee07b2307e8e226eb937ae233d74ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 52661272:D8F4_91EFC135:01BB_603982B6_A5DA836:AEDF
X-UID: 161438175070016290
X-IPLB-Instance: 36821
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 771B 84 B
529 B 35ms
34ms XHR
text/html 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224220

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

2887f9103e3c3bf8041c5e35092960514f529abe62129e0b38df65cc2be526fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: no-cache
FullWarning0: 000000000000000002:s:0:eJwLCnIT4cnkEOQrK08slhRncWSL440oc8wqDqzj8JIvEBcptM6XBgCpIwk/;
Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Warning: set

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 52661272:D8F4_91EFC135:01BB_603982B6_A5DA83E:AEDF
Etag: W/"a52151e8e6a2fe879deefba5a86597ca"
X-IPLB-Instance: 36821
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK get_delivery_data.php Show response
asset.easydmp.net/ Frame 771B 852 B
1 KB 54ms
53ms XHR
application/json 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/get_delivery_data.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224220

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

4b57bffba36d682a200466d49f1eb3589edf0194796c0e5be8cb26a53551e354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 52661272:D8F4_91EFC135:01BB_603982B6_A5DA842:AEDF
X-UID: 161438175070016290
X-IPLB-Instance: 36821
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H2 200 mapper.js Show response
spl.zeotap.com/ Frame 36AC 73 KB
24 KB 30ms
15ms Script
application/javascript 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&zdid=598&zctry=fra&eventType=map
Requested by: Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224220
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d048201fe1053c295226f817e7d8891dd4bfdfffb354dad1c708c4726e06043

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:30 GMT
via: 1.1 google
cf-cache-status: HIT
age: 382
cf-polished: origSize=74926
content-encoding: br
cf-request-id: 08823fb23700004e31221dc000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 627d6896b8c24e31-FRA
access-control-allow-headers: *

GET
H2 200 tag.min.js Show response
cdn.kdata.fr/squadata/ Frame 771B 4 KB
2 KB 95ms
26ms Script
application/javascript 46.105.203.81
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.kdata.fr/squadata/tag.min.js

Requested by

Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=215648&a=2985330&g=24935962&url=https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.105.203.81 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

07a6bdc7007d0b30cc6924d875aa5c2728b7d1e05d86a5d6063cd8420484fc2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 00:15:28 GMT
content-encoding: br
last-modified: Tue, 18 Sep 2018 15:31:11 GMT
x-cdn-pop-ip: 137.74.120.32/27
etag: "5ba11a3f-11f2"
x-cacheable: Matched cache
strict-transport-security: max-age=15768000
content-type: application/javascript
cache-control: max-age=86400
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 1913
x-request-id: 356778911
expires: Sat, 27 Feb 2021 00:15:28 GMT

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 771B
Redirect Chain

https://idsync.rlcdn.com/461249.gif?partner_uid=161438175070016290
https://idsync.rlcdn.com/1000.gif?memo=CMGTHBIeChoIARC38wEaEjE2MTQzODE3NTA3MDAxNjI5MBAAGg0ItoXmgQYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESED2yw8PKWxVNSrguXBtSz1M&google_cver=1

42 B
317 B

21ms
20ms

Image
image/gif

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESED2yw8PKWxVNSrguXBtSz1M&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Feb 2021 23:22:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 26 Feb 2021 23:22:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESED2yw8PKWxVNSrguXBtSz1M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK get_delivery_data.php Show response
asset.easydmp.net/ Frame 771B 131 B
850 B 35ms
35ms XHR
application/json 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/get_delivery_data.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224220

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

b5a4a90b3159faf1bb138413b0bc1c40de056c147d467444ff8a0699746befc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 52661272:D8F4_91EFC135:01BB_603982B6_A5DA847:AEDF
X-UID: 161438175070016290
X-IPLB-Instance: 36821
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK get Show response
sqdt.mconso.fr/tmpPds/ Frame 771B 28 B
415 B 159ms
34ms Script
application/javascript 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://sqdt.mconso.fr/tmpPds/get?callback=callback862657690

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224220

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

14dd5240c7357c64bb8496e0ed60c20ee9b21001058fc574516b877815202d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-IPLB-Request-ID: 52661272:D918_91EFC135:01BB_603982B6_53BA76A:27A00
Date: Fri, 26 Feb 2021 23:22:31 GMT
X-IPLB-Instance: 24041
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK client.js Show response
asset.easydmp.net/js/ Frame 771B 8 KB
3 KB 35ms
34ms Script
application/javascript 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/js/client.js?t=224220

Requested by

Host: cdn.kdata.fr
URL: https://cdn.kdata.fr/squadata/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

3b606ddaa0745188104b1209c9308343fcdd48f430067463f0aa388199ff6fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 08:35:12 GMT
X-IPLB-Request-ID: 52661272:D8F4_91EFC135:01BB_603982B6_A5DA84A:AEDF
ETag: "60376140-c16"
X-IPLB-Instance: 36821
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Type: application/javascript; charset=utf-8
Content-Length: 3094

POST
H/1.1 200
OK tag Show response
tracking.kdata.fr/ Frame 771B 574 B
1 KB 119ms
34ms XHR
text/plain 164.132.142.74
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.kdata.fr/tag

Requested by

Host: cdn.kdata.fr
URL: https://cdn.kdata.fr/squadata/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

164.132.142.74 , France, ASN16276 (OVH, FR),

Reverse DNS

cloud0-lb1.kdata.fr

Software

Resource Hash

df025d15e481d31b7a4d63a9c256a34ff4d9044945bb73a192da3b2ef40c5c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Fri, 26 Feb 2021 23:22:31 GMT
Strict-Transport-Security: max-age=15768000
Access-Control-Allow-Methods: *
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://asset.easydmp.net
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 574

GET
H/1.1 200
OK client_iframe.html Show response
asset.easydmp.net/ Frame 579E 26 KB
9 KB 44ms
44ms Document
text/html 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/client_iframe.html?t=224220

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/js/client.js?t=224220

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

d508d4f6e89e7080a6acf4c2161aba7feb6cf114c2fead9451d2da66c0a626d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: asset.easydmp.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://asset.easydmp.net/client_iframe.html?t=224220
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ecdstpds1=000000000000000002%3As%3A0%3AeJwLCnIT4cnkEOQrK08slhRncWSL440oc8wqDqzj8JIvEBcptM6XBgCpIwk%2F%3B; capping=eyJlbWRtcGVhc3k6a2RhdGEiOiIxNjE0MzgxNzUwIiwiZW1kbXBlYXN5OmxpdmVyYW1wIjoiMTYxNDM4MTc1MCIsImVtZG1wZWFzeTp6ZW90YXBfcGlja2luZyI6IjE2MTQzODE3NTAifQ%3D%3D; easyCap=%7B%22d%22%3A%7B%22spread%22%3A%7B%22vlrtdmp%22%3A1614381750868%7D%2C%22DTPR%22%3A%7B%22sqdt.mconso.fr%22%3A1614381750890%7D%7D%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://asset.easydmp.net/client_iframe.html?t=224220

Response headers

Date: Fri, 26 Feb 2021 23:22:31 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 25 Feb 2021 08:35:12 GMT
Transfer-Encoding: chunked
ETag: W/"60376140-636c"
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: max-age=900, s-maxage=900, public
Content-Encoding: gzip
X-IPLB-Request-ID: 52661272:D8F4_91EFC135:01BB_603982B6_A5DA853:AEDF
X-IPLB-Instance: 36821

GET
H/1.1

200
OK

sync
tracking.kdata.fr/ Frame 771B
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Ftracking.kdata.fr%2Fsync%3Feditor%3Dappnexus%26id_sync%3D$UID%26customer%3Dcapitaldata_crm
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftracking.kdata.fr%252Fsync%253Feditor%253Dappnexus%2526id_sync%253D%24UID%2526customer%253Dcapitaldata_crm
https://tracking.kdata.fr/sync?editor=appnexus&id_sync=4255551043664928740&customer=capitaldata_crm

35 B
404 B

34ms
34ms

Image
image/gif

164.132.142.74
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.kdata.fr/sync?editor=appnexus&id_sync=4255551043664928740&customer=capitaldata_crm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

164.132.142.74 , France, ASN16276 (OVH, FR),

Reverse DNS

cloud0-lb1.kdata.fr

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 26 Feb 2021 23:22:31 GMT
Strict-Transport-Security: max-age=15768000
Access-Control-Allow-Methods: *
Content-Type: image/gif
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 35

Redirect headers

Pragma: no-cache
Date: Fri, 26 Feb 2021 23:22:31 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.36:80
AN-X-Request-Uuid: 1fc841ee-de9a-43c1-9453-1bceb1127ee5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://tracking.kdata.fr/sync?editor=appnexus&id_sync=4255551043664928740&customer=capitaldata_crm
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 771B
Redirect Chain

https://secure.adnxs.com/setuid?entity=403&code=bdf98fdd-a9a9-4148-861d-98e454662d92
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D403%26code%3Dbdf98fdd-a9a9-4148-861d-98e454662d92

43 B
845 B

24ms
24ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D403%26code%3Dbdf98fdd-a9a9-4148-861d-98e454662d92

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Feb 2021 23:22:31 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.73:80
AN-X-Request-Uuid: 60c39aca-bdf7-4a43-812b-3573ab8392e4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 26 Feb 2021 23:22:31 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.147:80
AN-X-Request-Uuid: a0738de3-2745-4785-9348-cf501c3787d1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D403%26code%3Dbdf98fdd-a9a9-4148-861d-98e454662d92
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK collect_v3.php Show response
asset.easydmp.net/ Frame 579E 237 B
676 B 40ms
40ms XHR
application/json 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/collect_v3.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224220

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

b85077bd38ec768da71c0bb4532a6d264993534a187f9943da294c67e6ac6991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-Em-Info: {"storage":"none","testMode":false,"consentData":{"usedTcf":false,"consent":true}}
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 26 Feb 2021 23:22:31 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 52661272:D8F4_91EFC135:01BB_603982B7_A5DA85D:AEDF
X-UID: 161438175070016290
X-IPLB-Instance: 36821
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK etag.php Show response
asset.easydmp.net/ Frame 771B 212 B
636 B 35ms
34ms XHR
text/html 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://asset.easydmp.net/etag.php

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224220

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

20a50025b9af7e94bc49d39fbcd68e17c1fb458bb41467757b19f8dcc0876181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: no-cache
FullWarning0: 000000000000000002:s:0:eJwLCnIT4cnkEOQrK08slhRncWSL440oc8wqDqzj8JIvEBcplBZgVvWQd2cK5fOJ4eaTjxBidHU2ERKT4jTiFgoJ4E9yCpev1MlUEeRj9mAOFA0od7DLjysJ8WNLc2WoZOEOyRLTzHGNlwzhCggXZHIIZBUM9nLlZUqXcGNh52Ov9GPTNAAAUlUblQ==;
Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Warning: set

Response headers

Date: Fri, 26 Feb 2021 23:22:31 GMT
Content-Encoding: gzip
X-IPLB-Request-ID: 52661272:D8F4_91EFC135:01BB_603982B7_A5DA863:AEDF
Etag: W/"e7acf33f65a41b58f88e8d3123cdd185"
X-IPLB-Instance: 36821
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: private, max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK get Show response
rtg-sq.hopmailing.com/tmpPds/ Frame 579E 27 B
413 B 184ms
44ms Script
application/javascript 145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://rtg-sq.hopmailing.com/tmpPds/get?callback=callback59426773

Requested by

Host: asset.easydmp.net
URL: https://asset.easydmp.net/client_iframe.html?t=224220

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

bf441416f6f55d6f8c08f3aae3843ddb070e8b85e9837bbc17759b713a799dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://asset.easydmp.net/client_iframe.html?t=224220
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-IPLB-Request-ID: 52661272:D936_91EFC135:01BB_603982B7_A5CF32A:0C0E
Date: Fri, 26 Feb 2021 23:22:31 GMT
X-IPLB-Instance: 36820
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Content-Type: application/javascript; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1649879995301842&ev=Microdata&dl=https%3A%2F%2Fdemande.prefon-retraite.fr%2Fpage-demande-documentation-65%2Fdemandedoc.php%3Forp%3DDARWIN_MAIL%26utm_source%3Daffiliation%26utm_medium%3De-mail%26utm_campaign%3Daffiliation-lp65%26email%3D%26nom%3D%26prenom%3D&rl=https%3A%2F%2Fclk.tradedoubler.com%2F&if=false&ts=1614381751798&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Prefon%2C%20la%20retraite%20et%20la%20pr%C3%A9voyance%20de%20la%20fonction%20publique%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614381750293.1837062800&it=1614381750216&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 23:22:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 26 Feb 2021 23:22:31 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
207 B 44ms
43ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fdemande.prefon-retraite.fr%2Fpage-demande-documentation-65%2Fdemandedoc.php%3Forp%3DDARWIN_MAIL%26utm_source%3Daffiliation%26utm_medium%3De-mail%26utm_campaign%3Daffiliation-lp65%26email%3D%26nom%3D%26prenom%3D&4sAIzaSyApqdw7GEuGjYsIzYkgU_TKW3puCKWSeC0&callback=_xdc_._cjxrd6&key=AIzaSyApqdw7GEuGjYsIzYkgU_TKW3puCKWSeC0&token=75825

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/2/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

3deee6610f77fd496332c038d1c4a1a010e3735e4549c2aefd94c06c59d889dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Feb 2021 23:22:35 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=30
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
ariane.abtasty.com/ 43 B
106 B 20ms
20ms Other
image/gif 35.244.231.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/4cf7cf0ad1318c66b9ec0faaf7ac6680.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.231.49 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php?orp=DARWIN_MAIL&utm_source=affiliation&utm_medium=e-mail&utm_campaign=affiliation-lp65&email=&nom=&prenom=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
date: Fri, 26 Feb 2021 23:22:35 GMT
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://demande.prefon-retraite.fr
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
alt-svc: clear
content-length: 43

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.prefon-retraite.fr/	1970-01-19 18:35:57	Name: _fbp Value: fb.1.1614381750293.1837062800
.prefon-retraite.fr/	1970-01-19 16:49:45	Name: _uetvid Value: 7f0e0e70788911ebab8161a669906550
.prefon-retraite.fr/	1970-01-19 16:27:48	Name: _uetsid Value: 7f0e0190788911eb9aa5cb78b3f33802
.prefon-retraite.fr/	1970-01-20 09:57:33	Name: _ga Value: GA1.2.136520513.1614381750
.prefon-retraite.fr/	1970-01-19 16:26:21	Name: _gat Value: 1
.prefon-retraite.fr/	1970-01-19 16:26:23	Name: ABTastySession Value: sen%3D1__referrer%3Dhttps%3A//clk.tradedoubler.com/__landingPage%3Dhttps%3A//demande.prefon-retraite.fr/page-demande-documentation-65/demandedoc.php%3Forp%3DDARWIN%5C_MAIL%26utm%5C_source%3Daffiliation%26utm%5C_medium%3De-mail%26utm%5C_campaign%3Daffiliation-lp65%26email%3D%26nom%3D%26prenom%3D
.prefon-retraite.fr/	1970-01-20 01:47:57	Name: ABTasty Value: uid%3D21022700223070180%26fst%3D1614381750180%26pst%3Dnull%26cst%3D1614381750180%26ns%3D1%26pvt%3D1%26pvis%3D1%26th%3D
.prefon-retraite.fr/	1970-01-19 16:27:48	Name: _gid Value: GA1.2.381148819.1614381750

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Removed URL query parameters due to potential violations.
console-api	log	URL: https://spl.zeotap.com/mapper.js?env=mWeb&zdid=598&zctry=fra&eventType=map(Line 1) Message: CMP is not yet loaded false
console-api	warning	URL: https://maps.googleapis.com/maps-api-v3/api/js/44/2/util.js(Line 222) Message: Google Maps JavaScript API warning: SignedInNotSupported https://developers.google.com/maps/documentation/javascript/error-messages#signed-in-not-supported

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.tradedoubler.com
ariane.abtasty.com
asset.easydmp.net
atout.email-match.com
bat.bing.com
cdn.kdata.fr
cdnjs.cloudflare.com
clk.tradedoubler.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
dcinfos-cache.abtasty.com
dcinfos.abtasty.com
demande.prefon-retraite.fr
googleads.g.doubleclick.net
idsync.rlcdn.com
maps.googleapis.com
maps.gstatic.com
rtg-sq.hopmailing.com
secure.adnxs.com
spl.zeotap.com
sqdt.mconso.fr
stats.g.doubleclick.net
t.e.mvinfos.com
tracking.kdata.fr
try.abtasty.com
vht.tradedoubler.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.224.195.48
142.250.185.226
142.250.185.230
142.250.186.34
145.239.192.103
145.239.193.53
164.132.142.74
185.11.188.210
188.165.150.178
2001:4de0:ac19::1:b:2b
2606:4700:10::6816:1957
2606:4700::6810:135e
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:400c:c07::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:71c0:2000::e
34.120.207.148
34.252.227.171
34.95.109.120
35.244.231.49
37.252.172.37
46.105.203.81
52.85.10.47
0230797e54d0649c0e667ad5c761091c7b5d06eb05ed9b62b96a6e2fe37d926a
027cec7ec5e88eafcde1cf16ae99344dd90c27bbd64b159212f3f16251e0fe4a
07a6bdc7007d0b30cc6924d875aa5c2728b7d1e05d86a5d6063cd8420484fc2a
0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f8b92749ed5ae1a53b456979b6b1fa2157fbc804b8b6b871f0068316bbf1320
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f0ac01d9292425b4f7c3a54d9bf0ed77eb4c0ea444e016e9c53028f31d956a
110973afe37ac008e0b5da625081cbdbe0da67ee31159d507bdd3f836c570b1e
11f1c7b3e4eb2d346def6823e055aee661de59428f76533df9a49606d8be855a
14dd5240c7357c64bb8496e0ed60c20ee9b21001058fc574516b877815202d77
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
186c0ac30a759e7c014ca6540a5a3e22b82d1175fe972270790252ef309095a4
189d5d3ba204aa13939748767787b30efaea3679f5f7baa83a83b6a9d7b298aa
20a50025b9af7e94bc49d39fbcd68e17c1fb458bb41467757b19f8dcc0876181
2887f9103e3c3bf8041c5e35092960514f529abe62129e0b38df65cc2be526fe
2a2c345436409e3c1e2bcb9183f46b2244af8daada471760f62fdef8f5fc5c29
37286ec8db5bfcce32cca42e7ca5bed7a8a656e8ebdcea8e00dc71831b1353c6
381ee76ae5f41504a474435e21186861bc700590f74baed06fd137a6e70019eb
3b606ddaa0745188104b1209c9308343fcdd48f430067463f0aa388199ff6fb0
3deee6610f77fd496332c038d1c4a1a010e3735e4549c2aefd94c06c59d889dd
42032ffebf225507d2ae40244e8ec83c543494e18f1196fb86773caab99c24e7
45efac1dd62963593e74de8595ca4d708d480d9057abb9aa7f9a29e1ae420c7d
4b57bffba36d682a200466d49f1eb3589edf0194796c0e5be8cb26a53551e354
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f42ffd06f99282f34c8879189cf277bd1dc8292bd906798698a36e452794a02
4ff4d85a1c01a81087bbeb9d15d75389807d0a467481b955ec57c55886ead264
50308c844f977821494824a6fc1009ae55984c72052893c8169c1229b3649222
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f5c50fc095ff17fc72aee7a0270bf1cdd9410e7a3c015e9f4ee6945001ccada
78a4f8afab4723c6be74ae8fa55ec1bf41f4ba6233b0722433a4cfb167fb3b30
88ed2bbb39378f4e18036d693530f1c764dc1547a36fc2b71be17aa6cc5901ea
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
9d048201fe1053c295226f817e7d8891dd4bfdfffb354dad1c708c4726e06043
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a0752f694a8641c19ab6a70cef6277d5706c3f74f0624fff520951266a5446e5
a1bae009635440bc18f0af4dc1ff7db0a79917134618e4bbe17247f3d8932046
a36c42c553d161be0176320c85f177e85f00517fdac9bf7852fcfc4e9f7753c3
a4ab2829c6214372961f0bd5b9536a2a62ee07b2307e8e226eb937ae233d74ce
a5239cb8d80d402be0054daaf6803449bd9d7115c877469cddaae6d11446c5ff
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
b5a4a90b3159faf1bb138413b0bc1c40de056c147d467444ff8a0699746befc5
b85077bd38ec768da71c0bb4532a6d264993534a187f9943da294c67e6ac6991
ba622e86a75f1d66d2a671f704cbadf1b079ad5afec8ca4d5dd3d94dd3499d73
be4436e1985d20b9a819702ef5559861a4ef3d2e1b918c46254338eaf21fed0f
bf441416f6f55d6f8c08f3aae3843ddb070e8b85e9837bbc17759b713a799dde
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d508d4f6e89e7080a6acf4c2161aba7feb6cf114c2fead9451d2da66c0a626d8
d7ff20cb4f90a841573aef52d242ddb9865be992bf4883774ec2338ecb10b2ae
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
de9e3d1d99a57979c8358cd4e9f2b5e1f99b5ec9f37c245d96a752271d0c67b6
df025d15e481d31b7a4d63a9c256a34ff4d9044945bb73a192da3b2ef40c5c94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec80bea1355db7f5c5bf4f88741f7afe90a744f652f9358ba761da2783495ba2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efae7eb1ee84e8e66b07aa67e81264e2ebd3d18ce0d5b6be85774f1455c98f1a
f4597c19f633ee2282afaae8ace31deca2abe4a98d96f372c0f63c6a857628c5

demande.prefon-retraite.fr Open in urlscan Pro 185.11.188.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

50 %IPv6

25 Domains

36 Subdomains

29 IPs

6 Countries

1003 kBTransfer

2650 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

demande.prefon-retraite.fr Open in urlscan Pro
185.11.188.210 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

50 %
IPv6

25
Domains

36
Subdomains

29
IPs

6
Countries

1003 kB
Transfer

2650 kB
Size

8
Cookies

70 HTTP transactions
0 data transactions