urlscan.io logo urlscan.io
SecurityTrails logo

simulation.ma-solution-eco.com Open in urlscan Pro
54.219.121.125  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ipe.nqf.cybercartes.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0
Effective URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-...
Submission: On April 07 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 37 HTTP transactions. The main IP is 54.219.121.125, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is simulation.ma-solution-eco.com.
TLS certificate: Issued by R3 on February 22nd 2023. Valid for: 3 months.
This is the only time simulation.ma-solution-eco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 34.140.227.143 396982 (GOOGLE-CL...)
1 34.120.104.209 396982 (GOOGLE-CL...)
1 2 54.219.121.125 16509 (AMAZON-02)
2 13.224.189.14 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
1 9 2a06:98c1:312... 13335 (CLOUDFLAR...)
8 13.32.99.123 16509 (AMAZON-02)
8 52.222.250.38 16509 (AMAZON-02)
1 3.221.88.80 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
37 13
2    34.140.227.143 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.227.140.34.bc.googleusercontent.com
ipe.nqf.cybercartes.com
clk.eu.ivitrack.com
1    34.120.104.209 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 209.104.120.34.bc.googleusercontent.com
itm.ivitrack.com
2    54.219.121.125 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-121-125.us-west-1.compute.amazonaws.com
simulation.ma-solution-eco.com
2    13.224.189.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-14.fra2.r.cloudfront.net
builder-assets.unbounce.com
2    2600:9000:2250:5000:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
9    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
form.reflexleads.com
lecoindelafinance.com
8    13.32.99.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-123.fra60.r.cloudfront.net
fonts.ub-assets.com
8    52.222.250.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-38.fra60.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    3.221.88.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-88-80.compute-1.amazonaws.com
events.ub-analytics.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
473 KB
8 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 26112
132 KB
8 reflexleads.com
form.reflexleads.com
22 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
159 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 20467
37 KB
2 ma-solution-eco.com
simulation.ma-solution-eco.com
13 KB
2 ivitrack.com
clk.eu.ivitrack.com
itm.ivitrack.com — Cisco Umbrella Rank: 181404
3 KB
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
946 B
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 26311
282 B
1 lecoindelafinance.com
lecoindelafinance.com
741 B
1 cybercartes.com
ipe.nqf.cybercartes.com
215 B
37 12
Domain Requested by
8 d9hhrg4mnvzow.cloudfront.net simulation.ma-solution-eco.com
8 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
8 form.reflexleads.com 1 redirects simulation.ma-solution-eco.com
form.reflexleads.com
2 www.googletagmanager.com form.reflexleads.com
www.googletagmanager.com
2 d34qb8suadcc4g.cloudfront.net simulation.ma-solution-eco.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com simulation.ma-solution-eco.com
2 simulation.ma-solution-eco.com 1 redirects clk.eu.ivitrack.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com form.reflexleads.com
1 events.ub-analytics.com simulation.ma-solution-eco.com
1 lecoindelafinance.com simulation.ma-solution-eco.com
1 itm.ivitrack.com clk.eu.ivitrack.com
1 clk.eu.ivitrack.com
1 ipe.nqf.cybercartes.com 1 redirects
37 14

This site contains no links.

Subject Issuer Validity Valid
clk.europe-west1.ivitrack.com
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
itm.ivitrack.com
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
simulation.ma-solution-eco.com
R3		 2023-02-22 -
2023-05-23		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-15 -
2023-06-15		 a year crt.sh
*.lecoindelafinance.com
E1		 2023-02-10 -
2023-05-11		 3 months crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02		 2022-11-17 -
2023-12-17		 a year crt.sh
*.ub-analytics.com
Amazon RSA 2048 M01		 2023-03-11 -
2024-04-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Frame ID: 5DAD4855C404D14D5EE5AB281B9495AB
Requests: 29 HTTP requests in this frame

Frame: https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9
Frame ID: 45DADA1921D8AF6EFC5222F5ABF72A66
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Face à la montée des prix de l'énergie

Page URL History Show full URLs

  1. https://ipe.nqf.cybercartes.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0 HTTP 302
    https://clk.eu.ivitrack.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0 Page URL
  2. https://simulation.ma-solution-eco.com/pv-2022?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=... HTTP 301
    https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

37
Requests

97 %
HTTPS

42 %
IPv6

12
Domains

14
Subdomains

13
IPs

3
Countries

852 kB
Transfer

1412 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ipe.nqf.cybercartes.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0 HTTP 302
    https://clk.eu.ivitrack.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0 Page URL
  2. https://simulation.ma-solution-eco.com/pv-2022?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485 HTTP 301
    https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ipe.nqf.cybercartes.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0 HTTP 302
  • https://clk.eu.ivitrack.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0
Request Chain 21
  • https://form.reflexleads.com/common/gum-form/render?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9 HTTP 301
  • https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
nlc
clk.eu.ivitrack.com/
Redirect Chain
  • https://ipe.nqf.cybercartes.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0
  • https://clk.eu.ivitrack.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.eu.ivitrack.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.140.227.143 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.227.140.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
911434d33c8ef092cb8df11d8f3b1de37a1ebca82b041203da946b1c75348753

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
content-length
1922
content-type
text/html; charset=utf-8
date
Fri, 07 Apr 2023 08:38:04 GMT
expires
Fri, 24 Oct 1980 17:30:00 GMT
pragma
nocache
server
istio-envoy
x-envoy-upstream-service-time
18
x-ivi-hostname
programmatic-api-stable-84ffb969dd-lx7bh
x-robots-tag
noindex, nofollow

Redirect headers

content-length
128
content-type
text/html; charset=utf-8
date
Fri, 07 Apr 2023 08:38:04 GMT
location
https://clk.eu.ivitrack.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0
server
istio-envoy
x-envoy-upstream-service-time
1
x-ivi-hostname
programmatic-api-stable-84ffb969dd-lx7bh
clktcr
itm.ivitrack.com/trace/ 		42 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itm.ivitrack.com/trace/clktcr?uid=2b2480b8c8a04659457db732441c1c5b&iid=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Requested by
Host: clk.eu.ivitrack.com
URL: https://clk.eu.ivitrack.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.104.209 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.104.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clk.eu.ivitrack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 04:38:13 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
age
14391
content-type
image/gif
cache-control
public,max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
Primary Request /
simulation.ma-solution-eco.com/pv-2022/
Redirect Chain
  • https://simulation.ma-solution-eco.com/pv-2022?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
  • https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
74 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Requested by
Host: clk.eu.ivitrack.com
URL: https://clk.eu.ivitrack.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.219.121.125 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-121-125.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f1eb746b87c69b4c6156dfdc833fda680c467ef8c2b910a47d287fab0b43db9

Request headers

Referer
https://clk.eu.ivitrack.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
11969
content-location
https://simulation.ma-solution-eco.com/pv-2022/
content-type
text/html; charset=utf-8
date
Fri, 07 Apr 2023 08:38:05 GMT
etag
"a:587ff83af3754248921fcd6883c7a9f5"
link
<https://simulation.ma-solution-eco.com/pv-2022/>; rel="canonical"
x-proxy-backend
page-server
x-unbounce-pageid
cdd23eb5-b89f-4a36-b054-652667ade875
x-unbounce-variant
a
x-unbounce-visitorid
587ff83a-f375-4248-921f-cd6883c7a9f5

Redirect headers

content-length
0
date
Fri, 07 Apr 2023 08:38:05 GMT
location
/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
x-proxy-backend
page-server
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-14.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 01:22:01 GMT
content-encoding
gzip
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-version-id
F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
last-modified
Wed, 23 Nov 2022 23:24:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
6592565
etag
"3d27e56a34e34b278ab5e182cbc3b587"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2902
x-amz-cf-id
1fGd7fyj4lgWOCLuQ5ukKxBMvSiswaI27p89ZxSG-aVTEGoEznBoEA==
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990113
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 00:08:55 GMT
content-encoding
gzip
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-version-id
TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified
Tue, 17 Jan 2023 21:14:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
4523351
etag
"fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1865
x-amz-cf-id
E_a6tIQh8D7wluIbVtOwB1yh8pot_qrzjAcj41l9nJUhgfqSJL0Zzg==
main.bundle-85a7477.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-14.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 19:49:55 GMT
content-encoding
gzip
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-version-id
TbQKLyFxqupjak3Mea65SB0HvILXqPo2
x-amz-cf-pop
FRA2-C1
age
3329291
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33747
last-modified
Mon, 27 Feb 2023 19:12:56 GMT
server
AmazonS3
etag
"b4081a636463cc60b1faf49e579e8cb9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
tcrvs45hbCfn8TTecTCEc4lRkiWtHijrKCp3gn0g3TjvMJ2cgByoLw==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
gum-iframe.js
form.reflexleads.com/common/gum-form/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-form/gum-iframe.js?v=1680856685324
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c78989e89f012996588e6f160d694dcd2a219b4e3970e06b0dc2642887630cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 08:38:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Jul 2022 10:07:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62c801ec-92a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PTBdtV%2Fs%2Ff8tC4svrQ1YPmLpEQk28JQPYgZEohuLXD2cyW0dPwWw6PD8Msw4CTkxLllvPw%2FUFpOs8%2Bx3UW6KvT5By2OOugvGUMsOCqoN10GKEAxh79AT%2F4aZdZ8UrsNkfA3xWGaHeGZ%2B3EP5raLcwEdIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
cache-control
max-age=315360000
cf-ray
7b40f3cb88dd2c1a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
lecoindelafinance.com/common/gum-footer/render/ 		454 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lecoindelafinance.com/common/gum-footer/render/?form_id=9
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.29
Resource Hash
b286d22cc654f9eba6539816dc3412f981b33a774742f13084d965fbdcf0f78d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 08:38:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.29
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xpx51RLV2U3gid%2BemZRf1pTu4t%2F6YcXHbYHWMgqJHkc%2Fqli3uL7qKwL65aGIMe15O52O2ifLsObz5Namy7k6CpUG25DiXqwjRrzK4vPXyQ6UJcUzRvt4w5%2BORu1RXXfpnGU%2FZ3qd%2FKeSSUFj3xpavJ2HslU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7b40f3cb8d1030c0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
form.reflexleads.com/common/gum-consent/render/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-consent/render/?form_id=58
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
0d8657e2d27f44f0e9b4aecb749f5458110024b3b2763a3948e19afcbb548209

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 08:38:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.24
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BV9TDqAqbUxNi%2B%2BKbq0AYoU4h%2BfjXnnD1v%2B1XUMgTPuVVon6LgwJR4aYQRZcfjNZhDLt67evXasaIMxkt%2FYIHNmbnlalVC6rN5os8TtzmKkuwc1baqnbLAIuoqHk%2BISFGn9RG2lZJ63nHAhyV3idcq%2FlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7b40f3cb89e4bb7f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:5000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
content-encoding
gzip
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date
Sun, 05 Mar 2023 17:27:36 GMT
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
6325086
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30399
x-amz-cf-id
vcZXq8c2tNsc_nDd6uwuwsv40J6_582xLtmv2qzpdhwQQmqaoy5XFw==
bee8edc7-5fd8-432c-92e7-42f017d2e5b1
https://simulation.ma-solution-eco.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://simulation.ma-solution-eco.com/bee8edc7-5fd8-432c-92e7-42f017d2e5b1
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length
5523
Content-Type
text/css
css
fonts.ub-assets.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
21ea83d562f70111df8a84ef89bbabee20380a87078fb38627c958bc6314f806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 08:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
463e04d0-bc57-4fbc-9c5d-d547eace5c80
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
C_5xLFP7IAMFn-w=
content-length
851
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-642fd66d-025ccad7403476d8593ad923
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
cZnhi0IoXqaQCw4g2odhnBNFu7PiSh183tYubjpLgvlPq4elOZypBQ==
fcc43b0c-54319771-0-ma-solution-eco-by-b_106001g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/fcc43b0c-54319771-0-ma-solution-eco-by-b_106001g000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bfa7fc5bcf1d76260f2fa3a0f2260033f9192a46e45700397dae082ec2eb449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:54:25 GMT
x-amz-version-id
zXAamHRpZktoO2pis4MB00Bd8Xz.h9OD
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 08:51:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14168621
etag
"55b5092433cf2e1aaa4095180eee0c8b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
4006
x-amz-cf-id
kLIBSYolvJ_o4jYV_rQqGvJMFSNgVfWIA-xqlZNhw4IMgKRWFKQZKQ==
a81242f5-accept_100y00y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		524 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/a81242f5-accept_100y00y000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3a142a36f0e7dd9836a5adeb4824f1251818c7d7bbf30422bbecc301b5d5dcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:54:25 GMT
x-amz-version-id
ZRNM8ZBhmmsw.rMk2.A2yEM.JEMDLU_G
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 08:51:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14168621
etag
"c2a08f8c5019772eae4affee20608bef"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
524
x-amz-cf-id
yIDccueA8oQQTUSEb1Q3UEFdo_IPlAYF2p_Qt9LBKbys1yCoq4FImA==
c93ec732-pv01_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/c93ec732-pv01_1000000000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e850f09f5cb918d1a5617c6d5a0779f183772d892831f1d5b095cd5705c43682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:19:36 GMT
x-amz-version-id
MiPiX31LKbEqc9n3xo7gjurdZkHA8veo
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Mon, 12 Dec 2022 09:18:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
10019910
etag
"c301cf4282b78521f7ab3349e9d0a506"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
8006
x-amz-cf-id
MVnObFyk5bmyfMK6u9OkhENuRfuDM-XsRiy01AH1Cl15lnCZSX6u5Q==
8c15589c-pv03_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/8c15589c-pv03_1000000000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7daceebbd1be4c8fa379f8f5ffcfcb5e17f13f35bdd2b55598b79f97a9ae7d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:54:25 GMT
x-amz-version-id
wLdF1phJsMW2uw8q1UXgU5Fb3vqj_O1v
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 08:51:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14168621
etag
"2d2e4f254fde64018a6c407116aa3584"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
119206
x-amz-cf-id
o0fqdBG-qLwmzEukvbx2QW2fL_1mcfUePCF8ShEBvLFVM82xb8Slaw==
9b67fbfa-56042501-0-senior-age.gif
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/9b67fbfa-56042501-0-senior-age.gif
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6785d30173290c1cfd3a3e2e728d484830477f354b6a944d175b9ca860025118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:54:25 GMT
x-amz-version-id
oD5L4WTfoeaGbdonJeQ3uYosDcoCzbPG
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 08:51:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14168621
etag
"2f63aa7d5708755e54cae16bb97d5ecc"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31557600
accept-ranges
bytes
content-length
126004
x-amz-cf-id
HqGMc36WM1x3rXFFjBa5Lg3YQ8OxJ0hflqq3Azt9UovVJqy39ph2hA==
c92a33e1-france-map-green_10cw0d5000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/c92a33e1-france-map-green_10cw0d5000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d257823c52fc635ffe0f40ec778f6531d42910180e80c4125f89584227b5a03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:54:25 GMT
x-amz-version-id
6RPITAuMmgZTAhjOqu.Aqemzwp32_9Vl
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 08:51:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14168621
etag
"64357b8a8c6c9b832a18c87500268e2d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
11347
x-amz-cf-id
8LH5-kJuF2OX-JN-0cn6JiHB1dOLc78DU9SyGh3vnXlwKvoEtUfKZw==
e1003739-group-9-1_10ca0c3000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/e1003739-group-9-1_10ca0c3000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2f992e427cc69f3613adce548c3013d1427ffb850d99925adf5a384d9365727

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:54:25 GMT
x-amz-version-id
9gM9gYzkqpe_QkkG6N8lFwYPScevRyef
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 08:51:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14168621
etag
"b5a8935cd84477a12234aaaaf168b53b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
65808
x-amz-cf-id
L2uu-MryoRvMg0ejY_Wz9WVc3vkSqOwKdcRp3RYBAkK4UFcsQTaaOA==
f36157c6-pv02_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/f36157c6-pv02_1000000000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3410eb9224bbb9829288265b14e45982122ed9b69557e003b011bbced7614315

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:54:25 GMT
x-amz-version-id
jMUXUXidP3mXyvCZE.kquepEE9rfMy5n
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 25 Oct 2022 08:51:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14168621
etag
"4c21f002ef2c5c758a163cbd26c54f6d"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
112840
x-amz-cf-id
BiS2rDo-61fmVgep2ynUXWCzv40Hb7ooqheUDEk0B86FXVPlIhXfSA==
i
events.ub-analytics.com/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1680856685384&e=pv&url=https%3A%2F%2Fsimulation.ma-solution-eco.com%2Fpv-2022%2F%3Fcreator_id%3D904%26aff_id%3D21375%26offer_id%3D21380%26source%3Dividence%26click_id%3Dac2aa0c4-8e5e-499b-a814-5ca800b17485&page=Face%20%C3%A0%20la%20mont%C3%A9e%20des%20prix%20de%20l%27%C3%A9nergie&refr=https%3A%2F%2Fclk.eu.ivitrack.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=ab9a98c2-2fb3-4d8e-be08-ff9e0ac09284&dtm=1680856685383&vp=1600x1200&ds=1600x5353&vid=1&sid=519d3af7-c05b-4205-bc34-c297eb4eb22c&duid=2227a474-c919-42fb-982e-6dd760543f6b&uid=587ff83a-f375-4248-921f-cd6883c7a9f5&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2RkMjNlYjUtYjg5Zi00YTM2LWIwNTQtNjUyNjY3YWRlODc1IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=ac2aa0c4-8e5e-499b-a814-5ca800b17485
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.88.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-88-80.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 08:38:05 GMT
server
akka-http/10.2.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
/
form.reflexleads.com/common/gum-form/render/ Frame 45DA
Redirect Chain
  • https://form.reflexleads.com/common/gum-form/render?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJ...
  • https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLC...
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/gum-iframe.js?v=1680856685324
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
7f06c4c268acb1e29c046be91ed5b67a877204788e1cdc21c502c34053739485

Request headers

Referer
https://simulation.ma-solution-eco.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b40f3cccc3f3836-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 07 Apr 2023 08:38:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21ZbZOGxdShbzKRNouEdKJm4AVFVracx4ehfy%2F0bE%2FHlSVh3SAWN0Q3yPQQE16JTlT3Npwp%2BFNVjT%2B%2BYbDpvbvOlWzk0DM3Wh1iwEiIVgbWhx7fKgygf7uKw3dRhg4wodUnq6sYDEC5VSA8igtfjUufDtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.24

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b40f3cc19ad2c1a-FRA
content-type
text/html
date
Fri, 07 Apr 2023 08:38:05 GMT
location
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXv8FPDJf7fZUvm5Se9Q2D%2FHj8UnmFdXTD0tG2RfhamrsHU6%2BFxf5IOEtp7%2F3MAs%2B27xh2XP1WUeXJg4QDgxetNJaRFbH%2B%2BKdEM1W%2BtbIhG%2FipNbGAFuIiQfz4doTXXRqfs%2FhejFPBqriBgGZCTst%2FNkQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/ Frame 45DA 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DYYC5C2ZHC
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32ce57fe868ffee4c6e09f1bdbddabfec79a3e7d7b316fc5ed7a867c557a7595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 08:38:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79305
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 07 Apr 2023 08:38:05 GMT
gum-form.css
form.reflexleads.com/common/gum-form/ Frame 45DA 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-form/gum-form.css
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84656a4d837de9fead3dd3f9ee2f59d3e3a852478d2adec7b01300e14556f4e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 08:38:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 15:35:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5635590
etag
W/"636d1a50-1c9e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hca1sUgjuGXSSDDnoN%2F8TkITJ22lBFDOxEVh8EIOVBSNI6852BnUbPPhyathZ6C3ykUtltTliJ9CFvWhNefIiYfHUttWzCGHrQ9RMcGY5xvMWAl6sabpwJWPeHrGkTeAo4E7eOqpuAi9WFIsQ%2BeVX7Zqng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7b40f3cd9d5b3836-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
gum-form.js
form.reflexleads.com/common/gum-form/ Frame 45DA 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-form/gum-form.js?v=ad8ed07a9d
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b1f56bed2b83bdb649a513956ca9845c47612b826e2a0602da420ee3db77ba9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 08:38:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Mar 2023 10:24:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2498669
etag
W/"6409b3f8-5fa4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2Fe5IpKUU%2BDVIvL6CVLLEutpUv4s5IH04Tt4jyjvNXQxmd3lP8pv%2Bx6rZ4zyR3eiTF7dfLzYjWg7L5aBtzAQje9VfHjKXt%2FgdiYRH%2BZspls2yojna5jpRlPaT9Ya8EYHLuh9xQy9LgtyfYyOmPuJnXmHZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
cache-control
max-age=315360000
cf-ray
7b40f3cd9d5d3836-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ Frame 45DA 		2 KB
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/gum-form.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
08858feba3ee5ab05ffb490f1e7514e990e800fad163e27ccaf2abb81c6567c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Apr 2023 08:38:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Apr 2023 07:24:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Apr 2023 08:38:05 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 00:47:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15740
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
4434635
x-amzn-requestid
a358f42d-c53e-42ee-b392-742c7974cbb4
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
AWvBdFB8oAMFviQ=
content-length
15763
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63ec2ba2-0c8553043a02442b027a697a
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
5CJVBgYAVS2paemOszUzguk5GjNgufl0kcWEkeqpoOXwcSgMEretNw==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 01:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15744
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2359880
x-amzn-requestid
bc80415a-38b4-412f-b431-11a6b999608a
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
Bl4V8EYCoAMF7XQ=
content-length
15767
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-640bd425-1ceecde01fec85fc66f458a6
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
4ZQqqkVVXIBBWlCGr3ELo54O1vr8xC1q_A7NLbWThCB3d_LCtq3omA==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 26 Feb 2023 20:04:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15860
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
3414799
x-amzn-requestid
e2ee13a0-ae51-4ddb-b17f-cf1621b41c86
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
A9o2xE3nIAMF4Qg=
content-length
15883
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63fbbb5e-349c0b256f27effa782e5f55
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
X3KqHqcHW0BIYZ6_Yra4MAQg6LtNFEocuhN2CtKkR2-EKduBRjztPg==
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 06:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
17508
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
11586001
x-amzn-requestid
bc2d6c14-2f21-4c9e-ad60-6f7473680d6d
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
cF7ohE4IoAMFXcw=
content-length
17536
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-637f0c9c-689a17425811ce9d32cbb7a0
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
cHYW-gJnUfRDEeHGDlvVXt7YZtvk2TgjXglUGnBc-Kbc05FWAazIwA==
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 21:25:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15920
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
4533182
x-amzn-requestid
823732ec-3a04-4e86-92cf-8660bc177cab
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
AS-bYEggIAMF8pg=
content-length
15943
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63eaaaae-084122ae51c2a95042249e42
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
kPvI6Dkk-MZTa5mZlY_tQCutGBNAa9dv5MZVWrPnPEMhUvawPffwBA==
S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 19:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23580
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
4541423
x-amzn-requestid
509c95d3-d3f5-450b-8dc9-809d9e060ac8
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
ASqTvGLXoAMF24w=
content-length
23578
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63ea8a7e-62e0d88b0540430257ad28f9
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
xSkwmcXDJKX6J1ZEuSwSITpOiTjCZRwR34V-ZxjgvHMHmFCIk3v3Yw==
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,500%7CLato:regular,700
Origin
https://simulation.ma-solution-eco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 22:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23040
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
4528430
x-amzn-requestid
35ad0eaa-45b2-44ed-8c1f-e72d038ed981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
ATKCBHF_oAMFswA=
content-length
23041
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63eabd3f-2544a270629baf0b10ca5257
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
B8xZvfzYUvJSUPBDeohTMunrdtIsPpeOPH9iii1H4IFNdUpYC3Tlmg==
/
form.reflexleads.com/common/gum-form/render/ Frame 45DA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.24
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 08:38:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.24
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdYwAW8nhMG56%2BmtSI34CE1OoraZx9YExxeu9wufUSN1Y96W45Abo73yTx%2FjJFlDhhXuIMg1PCVDGz2vOPiIyywWyQHTvyMIGEnJdgwZ7pZKUvrRMVsFcJ5Ebg5n%2FeW7pjSGCGNBKQjF1dcJoqBR6qQijw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7b40f3ce2e1f3836-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 45DA 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11dd041d74737fc472cedef6bbadd0062120f17ea5e5195eb1490eaaa0475812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://form.reflexleads.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 11:39:23 GMT
x-content-type-options
nosniff
age
248322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12580
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:58:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Apr 2024 11:39:23 GMT
js
www.googletagmanager.com/gtag/ Frame 45DA 		237 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DVVHXMJ1G9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DYYC5C2ZHC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
593af7334e9460c7df75f737f0e8614c64c08b01784223f6790fc5b9fed498c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 08:38:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82972
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 07 Apr 2023 08:38:05 GMT
base64.min.js
form.reflexleads.com/common/gum-form/ Frame 45DA 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-form/base64.min.js?
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/gum-form.js?v=ad8ed07a9d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c6d1c8195fe393af47c014346ebdcd629556a6365ea1f5a671cd507f914ce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6ImFjMmFhMGM0LThlNWUtNDk5Yi1hODE0LTVjYTgwMGIxNzQ4NSJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 08:38:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 08:25:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5635590
etag
W/"61c43271-1405"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDzfQPv7S8RhtAXm5RXIaQHid%2BxZfLYENgS5fcPyzzxTEUc2klQ96Da7i%2BV1SpXzhY2Xoun65vDeuUl5SEEnNNpm%2FSwIQhtwUxgL9ejNE7BVRIc64cF4oV%2Fm0wYlIGXKXxFlYs6AWyXcdFulg0NHcFeGZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
cache-control
max-age=315360000
cf-ray
7b40f3cedfaf3836-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| ub object| GUMConsent boolean| isTracking string| keyword object| script object| request object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow function| parseQueryString function| processMessage

6 Cookies

Domain/Path Name / Value
simulation.ma-solution-eco.com/pv-2022/ Name: ubpv
Value: a%2Ccdd23eb5-b89f-4a36-b054-652667ade875
.ivitrack.com/ Name: ivid
Value: 2b2480b8c8a04659457db732441c1c5b
.ivitrack.com/ Name: id
Value: a1137989-c074-4e47-9a02-f37c61506e06
.ivitrack.com/ Name: cmpgn.6066d19caf9d5220cfa86dcb
Value: %7B%22imp%22%3A%22ac2aa0c4-8e5e-499b-a814-5ca800b17485%22%2C%22time%22%3A1680856684%7D
simulation.ma-solution-eco.com/ Name: ubvs
Value: 587ff83a-f375-4248-921f-cd6883c7a9f5
.ma-solution-eco.com/ Name: ubvt
Value: v2%7C587ff83a-f375-4248-921f-cd6883c7a9f5%7Ccdd23eb5-b89f-4a36-b054-652667ade875%3Aa%3Asingle

1 Console Messages

Source Level URL
Text
security warning URL: https://clk.eu.ivitrack.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0
Message:
Mixed Content: The page at 'https://clk.eu.ivitrack.com/nlc?n=63c814d51ce1c75151b4c4d0&h=2b2480b8c8a04659457db732441c1c5b&o=0' was loaded over HTTPS, but requested an insecure element 'http://itm.ivitrack.com/trace/clktcr?uid=2b2480b8c8a04659457db732441c1c5b&iid=ac2aa0c4-8e5e-499b-a814-5ca800b17485'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

builder-assets.unbounce.com
clk.eu.ivitrack.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
fonts.ub-assets.com
form.reflexleads.com
ipe.nqf.cybercartes.com
itm.ivitrack.com
lecoindelafinance.com
simulation.ma-solution-eco.com
www.googletagmanager.com
13.224.189.14
13.32.99.123
2600:9000:2250:5000:1d:11cf:5800:93a1
2a00:1450:4001:813::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a06:98c1:3120::3
3.221.88.80
34.120.104.209
34.140.227.143
52.222.250.38
54.219.121.125
08858feba3ee5ab05ffb490f1e7514e990e800fad163e27ccaf2abb81c6567c4
0d257823c52fc635ffe0f40ec778f6531d42910180e80c4125f89584227b5a03
0d8657e2d27f44f0e9b4aecb749f5458110024b3b2763a3948e19afcbb548209
11dd041d74737fc472cedef6bbadd0062120f17ea5e5195eb1490eaaa0475812
1bfa7fc5bcf1d76260f2fa3a0f2260033f9192a46e45700397dae082ec2eb449
21ea83d562f70111df8a84ef89bbabee20380a87078fb38627c958bc6314f806
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2f1eb746b87c69b4c6156dfdc833fda680c467ef8c2b910a47d287fab0b43db9
32ce57fe868ffee4c6e09f1bdbddabfec79a3e7d7b316fc5ed7a867c557a7595
3410eb9224bbb9829288265b14e45982122ed9b69557e003b011bbced7614315
3c78989e89f012996588e6f160d694dcd2a219b4e3970e06b0dc2642887630cb
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
593af7334e9460c7df75f737f0e8614c64c08b01784223f6790fc5b9fed498c3
6785d30173290c1cfd3a3e2e728d484830477f354b6a944d175b9ca860025118
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7f06c4c268acb1e29c046be91ed5b67a877204788e1cdc21c502c34053739485
84656a4d837de9fead3dd3f9ee2f59d3e3a852478d2adec7b01300e14556f4e1
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
911434d33c8ef092cb8df11d8f3b1de37a1ebca82b041203da946b1c75348753
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9b1f56bed2b83bdb649a513956ca9845c47612b826e2a0602da420ee3db77ba9
a7daceebbd1be4c8fa379f8f5ffcfcb5e17f13f35bdd2b55598b79f97a9ae7d9
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b286d22cc654f9eba6539816dc3412f981b33a774742f13084d965fbdcf0f78d
b2f992e427cc69f3613adce548c3013d1427ffb850d99925adf5a384d9365727
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
c3a142a36f0e7dd9836a5adeb4824f1251818c7d7bbf30422bbecc301b5d5dcb
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c6d1c8195fe393af47c014346ebdcd629556a6365ea1f5a671cd507f914ce1
e850f09f5cb918d1a5617c6d5a0779f183772d892831f1d5b095cd5705c43682
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef