urlscan.io logo urlscan.io
SecurityTrails logo

beneficios.ahorra-energia.info Open in urlscan Pro
172.67.208.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://leadola.nl/?offer=424&uid=c15175c4-607a-4d2a-b72a-862678c0b8d2
Effective URL: https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef...
Submission: On September 13 via api from LU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 172.67.208.38, located in United States and belongs to CLOUDFLARENET, US. The main domain is beneficios.ahorra-energia.info.
TLS certificate: Issued by WR1 on August 12th 2024. Valid for: 3 months.
This is the only time beneficios.ahorra-energia.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 1 34.107.199.247 396982 (GOOGLE-CL...)
1 1 172.67.223.68 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 172.67.208.38 13335 (CLOUDFLAR...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
4 34.111.125.42 396982 (GOOGLE-CL...)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
11 2a00:1450:400... 15169 (GOOGLE)
1 172.67.174.244 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 142.250.186.52 15169 (GOOGLE)
1 52.152.143.207 8075 (MICROSOFT...)
33 10
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
leadola.nl
1    34.107.199.247 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.199.107.34.bc.googleusercontent.com
www.wlq2clk.com
1    172.67.223.68 (United States)

ASN13335 (CLOUDFLARENET, US)
mobi.haldest.com
1    2606:4700:3031::ac43:d3b1 (United States)

ASN13335 (CLOUDFLARENET, US)
tracklmc.com
1    172.67.208.38 (United States)

ASN13335 (CLOUDFLARENET, US)
beneficios.ahorra-energia.info
5    2606:4700:20::ac43:4aa7 (United States)

ASN13335 (CLOUDFLARENET, US)
fonts.heyflow.cloud
4    34.111.125.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.125.111.34.bc.googleusercontent.com
flows.heyflow.cloud
2    2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
11    2a00:1450:4001:80b::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    172.67.174.244 (United States)

ASN13335 (CLOUDFLARENET, US)
sms.promos-exclusives.info
2    2a00:1450:4001:827::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
zenflow-api.ey.r.appspot.com
3    2606:4700:20::681a:1f0 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.heyflow.cloud
3    142.250.186.52 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f20.1e100.net
zenflow-api.ey.r.appspot.com
1    52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
Apex Domain
Subdomains		 Transfer
12 heyflow.cloud
fonts.heyflow.cloud — Cisco Umbrella Rank: 365511
flows.heyflow.cloud — Cisco Umbrella Rank: 385717
tracking.heyflow.cloud — Cisco Umbrella Rank: 382450
240 KB
11 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 492
1 MB
5 appspot.com
zenflow-api.ey.r.appspot.com — Cisco Umbrella Rank: 342072
458 B
3 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
o.clarity.ms — Cisco Umbrella Rank: 12757
28 KB
1 promos-exclusives.info
sms.promos-exclusives.info
540 B
1 ahorra-energia.info
beneficios.ahorra-energia.info
12 KB
1 tracklmc.com
tracklmc.com
2 KB
1 haldest.com
mobi.haldest.com
572 B
1 wlq2clk.com
www.wlq2clk.com
739 B
1 leadola.nl
leadola.nl
561 B
33 10
Domain Requested by
11 storage.googleapis.com beneficios.ahorra-energia.info
flows.heyflow.cloud
5 zenflow-api.ey.r.appspot.com flows.heyflow.cloud
5 fonts.heyflow.cloud beneficios.ahorra-energia.info
fonts.heyflow.cloud
4 flows.heyflow.cloud beneficios.ahorra-energia.info
flows.heyflow.cloud
3 tracking.heyflow.cloud flows.heyflow.cloud
2 www.clarity.ms beneficios.ahorra-energia.info
www.clarity.ms
1 o.clarity.ms www.clarity.ms
1 sms.promos-exclusives.info flows.heyflow.cloud
1 beneficios.ahorra-energia.info
1 tracklmc.com 1 redirects
1 mobi.haldest.com 1 redirects
1 www.wlq2clk.com 1 redirects
1 leadola.nl 1 redirects
33 13

This site contains links to these domains. Also see Links.

Domain
hoy.ahorra-energia-hoy.info
Subject Issuer Validity Valid
beneficios.ahorra-energia.info
WR1		 2024-08-12 -
2024-11-10		 3 months crt.sh
heyflow.cloud
WE1		 2024-08-09 -
2024-11-07		 3 months crt.sh
flows.heyflow.cloud
WR3		 2024-08-29 -
2024-11-27		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
storage.googleapis.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
promos-exclusives.info
WE1		 2024-08-18 -
2024-11-16		 3 months crt.sh
*.appspot.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304
Frame ID: 774EC214A0E9A0954E12D7BD537C1C20
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Solar ES SMS

Page URL History Show full URLs

  1. https://leadola.nl/?offer=424&uid=c15175c4-607a-4d2a-b72a-862678c0b8d2 HTTP 302
    https://www.wlq2clk.com/2DDD1J1/4RCPXMB/?sub1=OTO0fe77e0da347797d7800c3c975b3a751 HTTP 302
    https://mobi.haldest.com/ofsy/3b83add1-69ef64db-29bfc7cb-cac0-c304/f5a706c2-1d374aa9-4a92fdb9-18d4-65... HTTP 303
    https://tracklmc.com/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=86... HTTP 302
    https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=86... Page URL

Page Statistics

33
Requests

100 %
HTTPS

43 %
IPv6

10
Domains

13
Subdomains

10
IPs

3
Countries

1668 kB
Transfer

2317 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://leadola.nl/?offer=424&uid=c15175c4-607a-4d2a-b72a-862678c0b8d2 HTTP 302
    https://www.wlq2clk.com/2DDD1J1/4RCPXMB/?sub1=OTO0fe77e0da347797d7800c3c975b3a751 HTTP 302
    https://mobi.haldest.com/ofsy/3b83add1-69ef64db-29bfc7cb-cac0-c304/f5a706c2-1d374aa9-4a92fdb9-18d4-65b0?Subid=868&sub_pubid=&externalid=c93e51df35594e3db413eac4ea77bd50 HTTP 303
    https://tracklmc.com/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304 HTTP 302
    https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
beneficios.ahorra-energia.info/
Redirect Chain
  • https://leadola.nl/?offer=424&uid=c15175c4-607a-4d2a-b72a-862678c0b8d2
  • https://www.wlq2clk.com/2DDD1J1/4RCPXMB/?sub1=OTO0fe77e0da347797d7800c3c975b3a751
  • https://mobi.haldest.com/ofsy/3b83add1-69ef64db-29bfc7cb-cac0-c304/f5a706c2-1d374aa9-4a92fdb9-18d4-65b0?Subid=868&sub_pubid=&externalid=c93e51df35594e3db413eac4ea77bd50
  • https://tracklmc.com/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304
  • https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304
75 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3f71e3a45d6348ada9110c4334220a49bee8a96317af7ef2ade9b7e2fb5911a5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8c254ebe8d659fe1-AMS
content-encoding
br
content-type
text/html
date
Fri, 13 Sep 2024 04:13:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kx7xiru8hixyTFnnHK5NfX5S93UVLmNhMdYA%2BfOKk16pqbFxRzs%2F8InaQ%2B%2F5Ozosyu0OHq9%2F%2FRRr0UPEYAulBtFrqSWO1AI6wMJzoN3pqC0AdRQlN90Dh%2FLAvR9y1Wo9Rkga1rvJiW2CjsKEmuurnXI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 google
x-cloud-trace-context
ebde44253e57d6089bc9af5f411b7928
x-powered-by
Express

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8c254ebd495e6abb-FRA
content-type
text/html; charset=UTF-8
date
Fri, 13 Sep 2024 04:13:56 GMT
location
https://beneficios.ahorra-energia.info?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IjcF%2FDqAxleMYaaQlgHihQI9sOdRvuXn2dpwdpM908NC7idVL9yQGqkyZvWzMe%2BUA%2FHf%2BDzl7e%2B%2B2sbcddh%2BJqO%2FpPmTQW4y%2F7D9AjLYGc6DaB4IS1psvNwGAvc6S9w1O%2BUg9f3P4pePyno%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
icon
fonts.heyflow.cloud/ 		472 B
859 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/icon?family=Material+Icons
Requested by
Host: beneficios.ahorra-energia.info
URL: https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bc75d2bf05221927704d5d29a4ed8e67b6436a2eebc3cd2c83f476ca6875895d

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
387290
cf-polished
origSize=571
x-powered-by
Express
last-modified
Sun, 08 Sep 2024 16:39:07 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QCJWHQ6FDm5%2Fb29QtXaEhyJLlWjierZVJwc6cm1zjXm4EUIhIbdECrB9NyWXeBzENA9uraXFVMgtOtn6%2BC6WaK2QnXmCxneU3HviL7%2F3IakxGcw1VuKLq%2BISGRH6RrsYgrtQ%2BEtH6SjV5fP2WY%2BcKA4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
cbbf6071591ea5304e542bf2a3e6d567
cache-control
private, max-age=604800
cf-ray
8c254ec08936d2e7-FRA
flow.css
flows.heyflow.cloud/solar-es-sms/www/dist/ 		172 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flows.heyflow.cloud/solar-es-sms/www/dist/flow.css
Requested by
Host: beneficios.ahorra-energia.info
URL: https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.125.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.125.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3bc086ff96a2e46b4392c4c16a35232e15e15de99e62a919bb14171948956ef7

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
content-encoding
gzip
via
1.1 google
x-guploader-uploadid
AD-8ljucJLBOe3Bpv-eAxVk3uLs_1UZp7CnqwR-dUwPJygMUsVcsb8o2Q5hcL180YAEX8NQsK8U
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27007
last-modified
Mon, 03 Jun 2024 10:57:43 GMT
server
UploadServer
etag
"281c2c1978aaf3e45f07ff310d9ee93f"
vary
Accept-Encoding
x-goog-generation
1717412263325453
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=Cm5CLQ==, md5=KBwsGXiq8+RfB/8xDZ7pPw==
access-control-expose-headers
Content-Type
cache-control
no-store, max-age=0
x-goog-stored-content-length
27007
accept-ranges
bytes
expires
Fri, 13 Sep 2024 04:13:57 GMT
commonjshelpers.chunk.js
flows.heyflow.cloud/solar-es-sms/www/dist/ 		772 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://flows.heyflow.cloud/solar-es-sms/www/dist/commonjshelpers.chunk.js
Requested by
Host: beneficios.ahorra-energia.info
URL: https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.125.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.125.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b4660a8d248ce2ca79617e581694fe6eb3ce712a4acf9e2ef8414531e6f05be3

Request headers

Referer
https://beneficios.ahorra-energia.info/
Origin
https://beneficios.ahorra-energia.info
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
content-encoding
gzip
via
1.1 google
x-guploader-uploadid
AD-8ljtKZe-dpLeATnrXDXG74jgVdpr5QhWxnn2iix2RBZ38XdqqCb2XMQtRjQB6omiMucBIQ95L2TiMtQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
422
last-modified
Mon, 03 Jun 2024 10:57:43 GMT
server
UploadServer
etag
"7d392937fdd9c40de0bcee098cbcd8b7"
vary
Accept-Encoding
x-goog-generation
1717412263254818
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=2xCHsg==, md5=fTkpN/3ZxA3gvO4JjLzYtw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-store, max-age=0
x-goog-stored-content-length
422
accept-ranges
bytes
expires
Fri, 13 Sep 2024 04:13:57 GMT
app.js
flows.heyflow.cloud/solar-es-sms/www/dist/ 		262 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Requested by
Host: beneficios.ahorra-energia.info
URL: https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.125.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.125.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5f3de092caf88a3a8b6788d97b175f7e0eb2760e8cc99203b651129bb4e9b499

Request headers

Referer
https://beneficios.ahorra-energia.info/
Origin
https://beneficios.ahorra-energia.info
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
content-encoding
gzip
via
1.1 google
x-guploader-uploadid
AD-8ljuwR1sLpAYjOOdM87Zqyz-W5lNL7j5VVCep4zpHAxqdGZ25adVDKC4yEhrTILlsJzbPN-zlWx8m0Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91237
last-modified
Mon, 03 Jun 2024 10:57:43 GMT
server
UploadServer
etag
"38f27a9297118a5302fc2d23f23dda44"
vary
Accept-Encoding
x-goog-generation
1717412263346897
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=xD438Q==, md5=OPJ6kpcRilMC/C0j8j3aRA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-store, max-age=0
x-goog-stored-content-length
91237
accept-ranges
bytes
expires
Fri, 13 Sep 2024 04:13:57 GMT
css
fonts.heyflow.cloud/ 		43 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Requested by
Host: beneficios.ahorra-energia.info
URL: https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9dd042af5f6d169cfda54185110b1f573f9899e723c9b0decf139d06f99d9ae7

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 13 Sep 2024 04:13:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m1kH98%2Bu31u20ZKp3OdVlUzGDihu23SVChdN5RqvAuUOovbYnU8n8veGlzevD1ynfQvp7eYvpLFhK%2FEGkKC5VRAg4imVTMB2ybirNxAJq4pLHvS8wlkS9AtoquUsaGzpDwVuNXbtXbdkouFtCjF510Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
a7796c79503c3b77205a983306d09550
cache-control
private, max-age=604800
cf-ray
8c254ec08938d2e7-FRA
mkjhk3wg5l
www.clarity.ms/tag/ 		501 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/mkjhk3wg5l
Requested by
Host: beneficios.ahorra-energia.info
URL: https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
966a66a68579d10a856ba7ec1cfd37de2b0da44c25129e851d929e6efb46982a

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date
Fri, 13 Sep 2024 04:13:57 GMT
x-azure-ref
20240913T041357Z-r1d95fb5999288hghg2402ssac00000000m0000000005h48
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
501
expires
-1
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.heyflow.cloud/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Request headers

Referer
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Origin
https://beneficios.ahorra-energia.info
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18325
x-powered-by
Express
content-length
18536
last-modified
Thu, 12 Sep 2024 23:08:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkgJQ2yVExdF25WdUNRVdCYiCqZUMgGM1a%2BNBGuWn6NkWz92Kn%2BUl8RURPG6N6n9alnPfPYSeYuZkQJnba2nwjoMeWL6Z7mGXhZgVxoCf2QnnVZe6ZpPXPxjjW9l04PPnbIlPeRQndphGdnMecsNCHE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
x-cloud-trace-context
02c89bc1282e758d06312c282a6f17c0
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8c254ec17efe92b9-FRA
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.heyflow.cloud/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Request headers

Referer
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Origin
https://beneficios.ahorra-energia.info
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18325
x-powered-by
Express
content-length
18596
last-modified
Thu, 12 Sep 2024 23:08:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WefcAiCIcy6oXafKCbv7IP%2BlMLzP45wEzC8KeVh0q%2B43boZ528NqIDqbArmuz3PqDjzGos%2B0lRtBd9hm0uJJbUYR9vqkQ9ArtP6m7UM5uOk7rjVI8A3EvC%2BnUjbNMJL6tTXvFsFT8JC3j2V3pyLsK4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
x-cloud-trace-context
8556074757f75f6608aca4ecf7575394
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8c254ec17eff92b9-FRA
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.heyflow.cloud/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aa7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Request headers

Referer
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Roboto:300,400,500,600,700,800&display=swap
Origin
https://beneficios.ahorra-energia.info
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
600135
x-powered-by
Express
content-length
18588
last-modified
Fri, 06 Sep 2024 05:31:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tjLh0tJeuoIPxpnq%2BCaIL8e3BeTOh3ty0szvjzmosaj3G6M5hcMP%2B9Uwat8ybli3lJC%2BaMQQeA1164wDgej4gYCRVxm2RJEzvxRxMQI5OXMFthKnMhKoaBMYxlGf0Kv1zBSf80xmLa7ZwSML7u%2Fn63Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
x-cloud-trace-context
1ee2b29398b7718f6c918d539088585b
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8c254ec17f0092b9-FRA
86e590c0-6305-443c-9fe9-3dfb37650abe.png
storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/86e590c0-6305-443c-9fe9-3dfb37650abe.png
Requested by
Host: beneficios.ahorra-energia.info
URL: https://beneficios.ahorra-energia.info/?c=6fdxHYGGR&co=1&tx_id=M2024091304-58412e0d99ff7ebc599bca1f07ebddc3&var4=868&spub=3b83add1-69ef64db-29bfc7cb-cac0-c304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3897cb5ff4962a3ecb01e5f1969ab2174a7e73a689d66ec39da5456dd563e9ec

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
age
0
x-guploader-uploadid
AD-8ljvQvTpWve17SaeqlA3InDKtJmdSCKtW5lhLdbo2Iqrg58hzTVcbOnALLl5PVHwWvJdnY5ijM0q_Ig
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 16 Apr 2024 11:03:46 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1713265426919340
x-goog-hash
crc32c=Gdqz9w==, md5=EXv4YVIu8WMHlkxOvJqjGQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
16737
content-type
image/png
accept-ranges
none
expires
Mon, 08 Sep 2025 04:13:57 GMT
token
sms.promos-exclusives.info/api/ 		45 B
540 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sms.promos-exclusives.info/api/token?url=https%3A%2F%2Fbeneficios.ahorra-energia.info%2F%3Fc%3D6fdxHYGGR%26co%3D1%26tx_id%3DM2024091304-58412e0d99ff7ebc599bca1f07ebddc3%26var4%3D868%26spub%3D3b83add1-69ef64db-29bfc7cb-cac0-c304
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2d48d74a743c9fc7ab2e513d631135a167109ef34b45e3aa58e254a3b34a80

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-ratelimit-remaining
59
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpqQzXuuqs4JdTw%2BDyiLN49S0M6sykXeZuwqcWc%2FLD36Oso2Z6oCUc6w3dcY%2F9dVBH1Dv2a7TXFJZ8nzA7o%2F6%2BExnp5PTjmtbZbKp7BniY1KCaOtIv5v95n49E2yOgvLwfTwu4oZPHGbYwrZaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
60
cf-ray
8c254ec18eb66703-AMS
alt-svc
h3=":443"; ma=86400
8cf95380-961f-446c-a61f-8f29ce81d938.png
storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/8cf95380-961f-446c-a61f-8f29ce81d938.png
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d51cac84511212ec5fa79e07f6c563721830623dc545f4253c500b6a0974a87f

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
x-guploader-uploadid
AD-8ljss1AdelxB-0AlqN_xhqORxoKOdNJledNVPU3lHpiJQCw9Wf2MfDrlaUAjtJd31TgmZlUg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 16 Apr 2024 11:03:46 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1713265426902934
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=6zvQ5Q==, md5=nvHFT+P1VtPsalIMQVxEiw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
10382
accept-ranges
none
expires
Mon, 08 Sep 2025 04:13:57 GMT
bb598a33-5ee7-459c-b5e3-a1ccaaa42f1e.png
storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/bb598a33-5ee7-459c-b5e3-a1ccaaa42f1e.png
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f262c16fced7405443b37c34b08e15ff917200aead0491517a8d5c2fd8aff0db

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
x-guploader-uploadid
AD-8ljuYr0ADpYSSSoFX5pd1IuJTn8kWH0faDs-YTjycffllyXJja92IwmLmqLNs7lnHxvNNClZjZWPPdg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 16 Apr 2024 11:03:46 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1713265426931523
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=oFV0Kg==, md5=iYlERQfzhVkyhN2XbNZ8hw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
6944
accept-ranges
none
expires
Mon, 08 Sep 2025 04:13:57 GMT
c664b25e-c06a-4cf8-aca0-f3a8aba412d6.png
storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/c664b25e-c06a-4cf8-aca0-f3a8aba412d6.png
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
24c07b93f516de0831704c0507d0bba68afa0199db500e2b2d633ba1aa718c63

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
x-guploader-uploadid
AD-8ljumBpyHlzWFO_NYUIyx8I65Lx-Rz77TCdKSVt4xRqUX_WYa6WiaIAJSYSRfXD0lUv23G_E
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 16 Apr 2024 11:03:46 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1713265426924169
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=+c42Zg==, md5=k6Z5LOUTva8Kn9DU6/Jjww==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
19601
accept-ranges
none
expires
Mon, 08 Sep 2025 04:13:57 GMT
2005d84f-e922-43bd-81bb-c8f499e26c28.jpeg
storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/ 		957 KB
958 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/2005d84f-e922-43bd-81bb-c8f499e26c28.jpeg
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9c8a10ae50b651d90909ee842d0df44f67b9cd9cd4b197ac9648eb544d050cb9

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
x-guploader-uploadid
AD-8ljvQcT8q07oFMsLAsvYZ1YTKWrSE2jZaL7TxHT_WU3tFHTFNwUFQvgGFb10Qm94upVWBa1z-cT-PVA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 16 Apr 2024 11:03:46 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1713265426893404
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=UY6DBw==, md5=jcR7YJvi7+LFuXugMdghzQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
979986
accept-ranges
none
expires
Mon, 08 Sep 2025 04:13:57 GMT
7c8a6711-4752-43ad-aeec-68133c7b28ca.webp
storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/7c8a6711-4752-43ad-aeec-68133c7b28ca.webp
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5541ab99d46e7266ed612d1b16914aee020d20240c3f2e1f82e3b71ab62217f1

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
x-guploader-uploadid
AD-8ljsnTFVn7QGUR0xrc0P-F2q2naB2a0s330dEJvVeS48oz5rhWLXuUmLrcZ6aj3AP24SoOjkAXUx3yw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 16 Apr 2024 11:03:47 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1713265427006322
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=qeqtMQ==, md5=Qx4W1ubFKlqvCAtJn0HvwA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
18089
accept-ranges
none
expires
Mon, 08 Sep 2025 04:13:57 GMT
c8440a18-355c-4e0a-a3c2-438e36de55a4.webp
storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/c8440a18-355c-4e0a-a3c2-438e36de55a4.webp
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a928a7800b5b1e38bd2337711893ac6baf8ae238adf22064be54840cb71caaae

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
x-guploader-uploadid
AD-8ljtUW62n7_oBrxOz-LXUQyPUm-xRIqSFwKpDyqVW4zoA7U9-q17fL5dQS7i8nvjjU4-AvFNB1K6v4Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 16 Apr 2024 11:03:46 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1713265426942080
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=6b0QNA==, md5=iDdr+G/Dt7dlpR2p8fh1WA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
21830
accept-ranges
none
expires
Mon, 08 Sep 2025 04:13:57 GMT
adb8dd0b-8d24-4685-a1c6-b2933e5c19bc.jpeg
storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/adb8dd0b-8d24-4685-a1c6-b2933e5c19bc.jpeg
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e41755415eaa0b42028244f4a30b4e86aa2190bff9318effb9149e46c714e45f

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
x-guploader-uploadid
AD-8ljt9GwWc7dAoHq6QrvRsnT2x3nK3adeiK_O27VwDZszu5dXn33RBxitElAaZqxdgqxeOOgLKrY2Hhg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 16 Apr 2024 11:03:46 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1713265426919164
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=A1bNAQ==, md5=tTy/hlNiolBb0k+2BGbDuQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
101330
accept-ranges
none
expires
Mon, 08 Sep 2025 04:13:57 GMT
269be53b-e0de-461a-984e-164f17c9b892.jpeg
storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/269be53b-e0de-461a-984e-164f17c9b892.jpeg
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7b21fb15329ddc11970e58145fb3fda0406631c01a525632b9fdfa809c13eac5

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
x-guploader-uploadid
AD-8ljskjzZAVG5RvTxhkCNn_180bnmNY7BZ74gyK0Lh_SOuO7Ot17QXs_u_rkmJenaa4LLSxjLQ4X4ACw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 16 Apr 2024 11:03:46 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1713265426886872
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=7kscLw==, md5=7g8PpGTz8nDZLL/l7ekOdg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
219944
accept-ranges
none
expires
Mon, 08 Sep 2025 04:13:57 GMT
logs
zenflow-api.ey.r.appspot.com/flow/solar-es-sms/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zenflow-api.ey.r.appspot.com/flow/solar-es-sms/logs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://beneficios.ahorra-energia.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html
date
Fri, 13 Sep 2024 04:13:57 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
server
Google Frontend
strict-transport-security
max-age=15552000; includeSubDomains
vary
Access-Control-Request-Headers
x-cloud-trace-context
95acc3ecdad3bf047d81efced7551a62
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
logs
zenflow-api.ey.r.appspot.com/flow/solar-es-sms/ 		26 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zenflow-api.ey.r.appspot.com/flow/solar-es-sms/logs
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Fri, 13 Sep 2024 04:13:57 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
expect-ct
max-age=0
access-control-allow-origin
*
content-type
application/json; charset=utf-8
x-cloud-trace-context
6a993f29d5900ea9d1eeafe59b6c1ad1
cache-control
private
libphone.chunk.js
flows.heyflow.cloud/solar-es-sms/www/dist/ 		237 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flows.heyflow.cloud/solar-es-sms/www/dist/libphone.chunk.js
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.125.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.125.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
49e3760da9f3a7773776ead6ab7d6999a051054268e45838b6ba7f0a675981d5

Request headers

Referer
https://beneficios.ahorra-energia.info/
Origin
https://beneficios.ahorra-energia.info
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
content-encoding
gzip
via
1.1 google
x-guploader-uploadid
AD-8ljugmRYVw6ehlqajGakzvoE67THqWi6yEYA_qj_vFfECcsKOCqZPiSf7ZoBCvMZog7Gk7EhfiuS4bw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63965
last-modified
Mon, 03 Jun 2024 10:57:43 GMT
server
UploadServer
etag
"57657e52e174204e1b2fda8daa544c52"
vary
Accept-Encoding
x-goog-generation
1717412263328648
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=lyHb/g==, md5=V2V+UuF0IE4bL9qNqlRMUg==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-store, max-age=0
x-goog-stored-content-length
63965
accept-ranges
bytes
expires
Fri, 13 Sep 2024 04:13:57 GMT
/
tracking.heyflow.cloud/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracking.heyflow.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://beneficios.ahorra-energia.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://beneficios.ahorra-energia.info
cf-cache-status
DYNAMIC
cf-ray
8c254ec1b96c90e8-FRA
content-type
text/html
date
Fri, 13 Sep 2024 04:13:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khBwfG2lpVqmJeuo2VmTwkYMJipotrWHE0%2FcH1la9wmpQf8CwWmlu26SETtdf%2BaXgE88SbQj13zaONixXy8dkFj7I2CmvOTCTwUD6JvMoQuEVbM7EunzYQtCZgxIdi0dnfaFZcqdSgGDFOh1D50U8NxzzfQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
64461cf6fdbaea491238a4819868b6e9
/
tracking.heyflow.cloud/ 		2 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.heyflow.cloud/
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JaQcrwgLlGwIIrmy0%2B9bxPN62kzmuq6uV16%2B3THmNPzLct9rN7zQD6J83xNCrBMwHoT6xZ4LJMDTjUlkaOC14GPrl01ggPVJnajckLyHCJ%2FVMAtpzCKoHt16vSwZ3jI6PQIcicRU1iCoSJTmcZQ4ka0kDoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://beneficios.ahorra-energia.info
x-cloud-trace-context
75fdfa80fbb9831e7cfd9aaabe4dcf00
cf-ray
8c254ec1f98c90e8-FRA
content-length
2
clarity.js
www.clarity.ms/s/0.7.46/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.46/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mkjhk3wg5l
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4ac65dcc5ed84285cfd19c18f2b715a53f07f708f34198aa96ed8b846a78ef58

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
content-encoding
br
last-modified
Thu, 12 Sep 2024 19:33:15 GMT
etag
W/"0x8DCD361BF61C3C9"
vary
Accept-Encoding
x-azure-ref
20240913T041357Z-r1d95fb5999288hghg2402ssac00000000m0000000005h4a
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1e1dc899-e01e-0003-3075-05cfbf000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
logs
zenflow-api.ey.r.appspot.com/flow/solar-es-sms/ 		26 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zenflow-api.ey.r.appspot.com/flow/solar-es-sms/logs
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.52 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f20.1e100.net
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Fri, 13 Sep 2024 04:13:57 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
expect-ct
max-age=0
access-control-allow-origin
*
content-type
application/json; charset=utf-8
x-cloud-trace-context
2eee60ccc1a935be5362cd7c851ed635
cache-control
private
/
tracking.heyflow.cloud/ 		2 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.heyflow.cloud/
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4jWVG0T6OQ2CUtXYys6CbCPkpCJl8ZdMT97pktU3EGi05iIOKtcFKJPE6ggNSGKh3pYqKpfBEWO0GxiTxZYeQojTyKGe7hOiAqOMeCMxQ8IjPEL%2FVklNWHPjPaRSX3KYApBE0R1iyFfP%2FqcuZZ3pM%2BvoPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://beneficios.ahorra-energia.info
x-cloud-trace-context
5268b035a82d58ce157b99d4e127a9d4
cf-ray
8c254ec37a1d90e8-FRA
content-length
2
logs
zenflow-api.ey.r.appspot.com/flow/solar-es-sms/ 		26 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zenflow-api.ey.r.appspot.com/flow/solar-es-sms/logs
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.52 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f20.1e100.net
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Fri, 13 Sep 2024 04:13:57 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
expect-ct
max-age=0
access-control-allow-origin
*
content-type
application/json; charset=utf-8
x-cloud-trace-context
bbd771e20864dd84e150bada032445ae
cache-control
private
logs
zenflow-api.ey.r.appspot.com/flow/solar-es-sms/ 		26 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zenflow-api.ey.r.appspot.com/flow/solar-es-sms/logs
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/solar-es-sms/www/dist/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.52 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f20.1e100.net
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Fri, 13 Sep 2024 04:13:57 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
expect-ct
max-age=0
access-control-allow-origin
*
content-type
application/json; charset=utf-8
x-cloud-trace-context
457b61e3597c6f6cd3139d6121e374c8
cache-control
private
850aafb3-dbd8-45ec-bd11-0f978d040fd2.png
storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/ 		22 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/850aafb3-dbd8-45ec-bd11-0f978d040fd2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e920448801969b4373d1ba4fb4cd5780beeedac698aa5676062473dc202fa3d6

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
x-guploader-uploadid
AD-8ljuJ87gbHLATWxlQLFoFu6B9HD7CtPykdCzSCWLrOlbkUFI81doOwDjd5m4W80w-Qsci3vRaAJlXPw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 16 Apr 2024 11:03:46 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1713265426896289
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=nSN5+Q==, md5=DiGh9F2q7a+6a0f6Qaiovg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
22762
accept-ranges
none
expires
Mon, 08 Sep 2025 04:13:57 GMT
collect
o.clarity.ms/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.46/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://beneficios.ahorra-energia.info
Date
Fri, 13 Sep 2024 04:14:01 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
850aafb3-dbd8-45ec-bd11-0f978d040fd2.png
storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/ 		22 KB
12 B 		Other
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/builder.zenflow.de/solar-es-sms/www/assets/850aafb3-dbd8-45ec-bd11-0f978d040fd2.png
Protocol
H2
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e920448801969b4373d1ba4fb4cd5780beeedac698aa5676062473dc202fa3d6

Request headers

Referer
https://beneficios.ahorra-energia.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.18 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 04:13:57 GMT
age
4
x-guploader-uploadid
AD-8ljuJ87gbHLATWxlQLFoFu6B9HD7CtPykdCzSCWLrOlbkUFI81doOwDjd5m4W80w-Qsci3vRaAJlXPw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 16 Apr 2024 11:03:46 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1713265426896289
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=nSN5+Q==, md5=DiGh9F2q7a+6a0f6Qaiovg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
22762
accept-ranges
none
expires
Mon, 08 Sep 2025 04:13:57 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| currentlyMounting object| heyflow function| onImageLoadError object| windowConstants function| clarity function| filterCSS function| filterXSS function| Cleave object| dataLayer

5 Cookies

Domain/Path Name / Value
leadola.nl/ Name: OTO-offer424
Value: 1
www.wlq2clk.com/ Name: uniqueClick_4RCPXMB
Value: f1b80ce9-838d-4d3a-b817-ea0a8e2c4534:1726200836
www.wlq2clk.com/ Name: transaction_id
Value: c93e51df35594e3db413eac4ea77bd50
tracklmc.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImRSTHdxUUZzalpoZ05yRGJBcHpHZkE9PSIsInZhbHVlIjoiUWV2SnBsSVYzaks5TVRqVGJ3MlZXbXhnZTJONlpSWmRBekozdVFjMzRCTGRhV0lPQWJGNjJUUXNIOGdaVUZLVC9tUS9yM0hOUSs3R3NZUTR1cG5Sd01BU0c3V0hZSXNKTUo4ODZSUzI2b1ZvMDZlcGJzVlB1WXBGa0k2cVJKcVgiLCJtYWMiOiI4ODllYTYyMTgwZGMyNGY5YTJmMjk5ZDk2ZTU1Y2I2NjQ3N2IyZmJhZGYzMGJiNGI1YTJhNzQzOTVjNGJkYTAyIiwidGFnIjoiIn0%3D
tracklmc.com/ Name: leadsmetal_session
Value: eyJpdiI6ImZRbmgreStERkFubW1FcmZhR2lSa3c9PSIsInZhbHVlIjoiRGtQdmYxMy80N1hjRC9sSlRYV1NRdS83bkg3V2EzYTFjaVNGbVZKK2hBak5aUTF1Sythdk5Yd3F1ZGYvR1ArQXVnQmxxNzJmYkZiZU1ONGRxdzJSWjlWMDhZTEhuZ3lyT1NnaDh5ekdoUHJNdXRHTEFRcVZzVWFaYUkrclh5RXciLCJtYWMiOiJkOTU4ZDBjZmFiYWRmYzZjMTkyYjQ2ODcxNGI0ODFkOTNlN2UxNTIyYWNkMGRjNTA4ODRhZTMyNTM3Y2JjNDc3IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beneficios.ahorra-energia.info
flows.heyflow.cloud
fonts.heyflow.cloud
leadola.nl
mobi.haldest.com
o.clarity.ms
sms.promos-exclusives.info
storage.googleapis.com
tracking.heyflow.cloud
tracklmc.com
www.clarity.ms
www.wlq2clk.com
zenflow-api.ey.r.appspot.com
142.250.186.52
172.67.174.244
172.67.208.38
172.67.223.68
188.114.97.3
2606:4700:20::681a:1f0
2606:4700:20::ac43:4aa7
2606:4700:3031::ac43:d3b1
2620:1ec:29:1::45
2a00:1450:4001:80b::201b
2a00:1450:4001:827::2014
34.107.199.247
34.111.125.42
52.152.143.207
24c07b93f516de0831704c0507d0bba68afa0199db500e2b2d633ba1aa718c63
3897cb5ff4962a3ecb01e5f1969ab2174a7e73a689d66ec39da5456dd563e9ec
3bc086ff96a2e46b4392c4c16a35232e15e15de99e62a919bb14171948956ef7
3f71e3a45d6348ada9110c4334220a49bee8a96317af7ef2ade9b7e2fb5911a5
49e3760da9f3a7773776ead6ab7d6999a051054268e45838b6ba7f0a675981d5
4ac65dcc5ed84285cfd19c18f2b715a53f07f708f34198aa96ed8b846a78ef58
5541ab99d46e7266ed612d1b16914aee020d20240c3f2e1f82e3b71ab62217f1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f3de092caf88a3a8b6788d97b175f7e0eb2760e8cc99203b651129bb4e9b499
7b21fb15329ddc11970e58145fb3fda0406631c01a525632b9fdfa809c13eac5
7c2d48d74a743c9fc7ab2e513d631135a167109ef34b45e3aa58e254a3b34a80
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
966a66a68579d10a856ba7ec1cfd37de2b0da44c25129e851d929e6efb46982a
9c8a10ae50b651d90909ee842d0df44f67b9cd9cd4b197ac9648eb544d050cb9
9dd042af5f6d169cfda54185110b1f573f9899e723c9b0decf139d06f99d9ae7
a928a7800b5b1e38bd2337711893ac6baf8ae238adf22064be54840cb71caaae
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b4660a8d248ce2ca79617e581694fe6eb3ce712a4acf9e2ef8414531e6f05be3
bc75d2bf05221927704d5d29a4ed8e67b6436a2eebc3cd2c83f476ca6875895d
d51cac84511212ec5fa79e07f6c563721830623dc545f4253c500b6a0974a87f
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41755415eaa0b42028244f4a30b4e86aa2190bff9318effb9149e46c714e45f
e920448801969b4373d1ba4fb4cd5780beeedac698aa5676062473dc202fa3d6
f262c16fced7405443b37c34b08e15ff917200aead0491517a8d5c2fd8aff0db