urlscan.io logo urlscan.io
SecurityTrails logo

simulation.ma-solution-eco.com Open in urlscan Pro
104.18.19.37  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.news.infofranceeconomies.com/c/?t=08a5e4d-8lz-c1f1-2ea-0ll!z
Effective URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-...
Submission: On July 25 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 9 domains to perform 33 HTTP transactions. The main IP is 104.18.19.37, located in and belongs to CLOUDFLARENET, US. The main domain is simulation.ma-solution-eco.com.
TLS certificate: Issued by R3 on June 4th 2024. Valid for: 3 months.
This is the only time simulation.ma-solution-eco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.151.189.219 34993 (ODISO-AS)
1 2 34.140.227.143 396982 (GOOGLE-CL...)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 4 104.18.19.37 13335 (CLOUDFLAR...)
2 13.224.189.30 16509 (AMAZON-02)
1 4 188.114.97.3 13335 (CLOUDFLAR...)
2 34.120.104.209 396982 (GOOGLE-CL...)
9 13.32.99.8 16509 (AMAZON-02)
7 3.160.156.5 16509 (AMAZON-02)
1 188.114.96.3 13335 (CLOUDFLAR...)
33 10
1    185.151.189.219 (France)

ASN34993 (ODISO-AS, FR)
PTR: mindproxyvip.odiso.net
t.news.infofranceeconomies.com
2    34.140.227.143 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.227.140.34.bc.googleusercontent.com
ipe.ad.fr.nativ-ivi.fr
clk.eu.ivitrack.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
ipm.ivitrack.com
4    104.18.19.37 (None, )

ASN13335 (CLOUDFLARENET, US)
simulation.ma-solution-eco.com
2    13.224.189.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-30.fra2.r.cloudfront.net
builder-assets.unbounce.com
4    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
form.reflexleads.com
2    34.120.104.209 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 209.104.120.34.bc.googleusercontent.com
itm.ivitrack.com
9    13.32.99.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-8.fra60.r.cloudfront.net
fonts.ub-assets.com
7    3.160.156.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-156-5.fra60.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
lecoindelafinance.com
Apex Domain
Subdomains		 Transfer
9 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 38371
148 KB
7 cloudfront.net
d9hhrg4mnvzow.cloudfront.net
432 KB
4 reflexleads.com
form.reflexleads.com
6 KB
4 ma-solution-eco.com
simulation.ma-solution-eco.com
29 KB
4 ivitrack.com
clk.eu.ivitrack.com
ipm.ivitrack.com
itm.ivitrack.com — Cisco Umbrella Rank: 354549
16 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 38368
app.unbounce.com Failed
44 KB
1 lecoindelafinance.com
lecoindelafinance.com Failed
2 KB
1 nativ-ivi.fr
ipe.ad.fr.nativ-ivi.fr
491 B
1 infofranceeconomies.com
t.news.infofranceeconomies.com
855 B
33 9
Domain Requested by
9 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
7 d9hhrg4mnvzow.cloudfront.net simulation.ma-solution-eco.com
4 form.reflexleads.com 1 redirects simulation.ma-solution-eco.com
form.reflexleads.com
4 simulation.ma-solution-eco.com 1 redirects clk.eu.ivitrack.com
simulation.ma-solution-eco.com
2 itm.ivitrack.com simulation.ma-solution-eco.com
itm.ivitrack.com
2 builder-assets.unbounce.com simulation.ma-solution-eco.com
1 lecoindelafinance.com simulation.ma-solution-eco.com
1 ipm.ivitrack.com clk.eu.ivitrack.com
1 clk.eu.ivitrack.com
1 ipe.ad.fr.nativ-ivi.fr 1 redirects
1 t.news.infofranceeconomies.com 1 redirects
0 app.unbounce.com Failed simulation.ma-solution-eco.com
33 12

This site contains no links.

Subject Issuer Validity Valid
clk.europe-west1.ivitrack.com
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
itm.ivitrack.com
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh
simulation.ma-solution-eco.com
R3		 2024-06-04 -
2024-09-02		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M03		 2023-12-10 -
2025-01-07		 a year crt.sh
reflexleads.com
WE1		 2024-07-03 -
2024-10-01		 3 months crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M03		 2024-05-01 -
2025-05-31		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
lecoindelafinance.com
E1		 2024-05-28 -
2024-08-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Frame ID: CE1EEB7944701C3FDA859FE835A8D5D0
Requests: 32 HTTP requests in this frame

Frame: https://itm.ivitrack.com/v1/commander-frame/2.2426.1/itm.html
Frame ID: 7048971DF72ACC92A46D1E2B6E9C6DB4
Requests: 1 HTTP requests in this frame

Frame: https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6Ijc4NDM4NzdlLWFiMTctNGZkYy1iNGMxLTRhYWM5ZDg1MGE2YSIsImNhbXBhaWduX25hbWUiOiJGUi1QVi1OX0EtSVZJLURFU0siLCJhZF9uYW1lIjoiRmF0aW1hLTQ1In0=
Frame ID: A5D9D69BC762ACEC43F397B7F72F2CE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Face à la montée des prix de l'énergie

Page URL History Show full URLs

  1. https://t.news.infofranceeconomies.com/c/?t=08a5e4d-8lz-c1f1-2ea-0ll!z HTTP 302
    https://ipe.ad.fr.nativ-ivi.fr/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd09... HTTP 302
    https://clk.eu.ivitrack.com/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd09... Page URL
  2. https://simulation.ma-solution-eco.com/pv-2022?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=... HTTP 301
    https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id... Page URL

Page Statistics

33
Requests

88 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

10
IPs

5
Countries

675 kB
Transfer

927 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.news.infofranceeconomies.com/c/?t=08a5e4d-8lz-c1f1-2ea-0ll!z HTTP 302
    https://ipe.ad.fr.nativ-ivi.fr/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&o=0&source=528&sn=65ead3992a7f31ea5ca68a4b HTTP 302
    https://clk.eu.ivitrack.com/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&o=0&source=528&sn=65ead3992a7f31ea5ca68a4b Page URL
  2. https://simulation.ma-solution-eco.com/pv-2022?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45 HTTP 301
    https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://t.news.infofranceeconomies.com/c/?t=08a5e4d-8lz-c1f1-2ea-0ll!z HTTP 302
  • https://ipe.ad.fr.nativ-ivi.fr/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&o=0&source=528&sn=65ead3992a7f31ea5ca68a4b HTTP 302
  • https://clk.eu.ivitrack.com/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&o=0&source=528&sn=65ead3992a7f31ea5ca68a4b
Request Chain 31
  • https://form.reflexleads.com/common/gum-form/render?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6Ijc4NDM4NzdlLWFiMTctNGZkYy1iNGMxLTRhYWM5ZDg1MGE2YSIsImNhbXBhaWduX25hbWUiOiJGUi1QVi1OX0EtSVZJLURFU0siLCJhZF9uYW1lIjoiRmF0aW1hLTQ1In0= HTTP 301
  • https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6Ijc4NDM4NzdlLWFiMTctNGZkYy1iNGMxLTRhYWM5ZDg1MGE2YSIsImNhbXBhaWduX25hbWUiOiJGUi1QVi1OX0EtSVZJLURFU0siLCJhZF9uYW1lIjoiRmF0aW1hLTQ1In0=

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
nlc
clk.eu.ivitrack.com/
Redirect Chain
  • https://t.news.infofranceeconomies.com/c/?t=08a5e4d-8lz-c1f1-2ea-0ll!z
  • https://ipe.ad.fr.nativ-ivi.fr/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&o=0&source=528&sn=65ead3992a7f31ea5ca68a4b
  • https://clk.eu.ivitrack.com/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&o=0&source=528&sn=65ead3992a7f31ea5ca68a4b
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.eu.ivitrack.com/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&o=0&source=528&sn=65ead3992a7f31ea5ca68a4b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.140.227.143 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.227.140.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
785228b538ffaac6ee04c4dac546f2a90e6887a5bc64be9a560e68f3a287d065

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
content-type
text/html; charset=utf-8
date
Thu, 25 Jul 2024 01:46:03 GMT
expires
Fri, 24 Oct 1980 17:30:00 GMT
pragma
nocache
server
istio-envoy
x-envoy-upstream-service-time
21
x-ivi-hostname
programmatic-api-stable-7f67544797-v4p9n
x-robots-tag
noindex, nofollow

Redirect headers

content-length
207
content-type
text/html; charset=utf-8
date
Thu, 25 Jul 2024 01:46:03 GMT
location
https://clk.eu.ivitrack.com/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&o=0&source=528&sn=65ead3992a7f31ea5ca68a4b
server
istio-envoy
x-envoy-upstream-service-time
2
x-ivi-hostname
programmatic-api-stable-7f67544797-v4p9n
clktcr
ipm.ivitrack.com/trace/ 		42 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipm.ivitrack.com/trace/clktcr?uid=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&iid=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&cid=b72212ba-ddce-45e9-9e0d-ce6596d7862b
Requested by
Host: clk.eu.ivitrack.com
URL: https://clk.eu.ivitrack.com/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&o=0&source=528&sn=65ead3992a7f31ea5ca68a4b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://clk.eu.ivitrack.com/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&o=0&source=528&sn=65ead3992a7f31ea5ca68a4b
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 01:46:03 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
Primary Request /
simulation.ma-solution-eco.com/pv-2022/
Redirect Chain
  • https://simulation.ma-solution-eco.com/pv-2022?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fati...
  • https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fat...
70 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Requested by
Host: clk.eu.ivitrack.com
URL: https://clk.eu.ivitrack.com/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&o=0&source=528&sn=65ead3992a7f31ea5ca68a4b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c6a331373cbe9c0840fda629ea079350a486b07655258439c635fe3e6f9a63
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options nosniff

Request headers

Referer
https://clk.eu.ivitrack.com/nlc?n=64a438bad8ce90bcddabcea3&h=5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982&o=0&source=528&sn=65ead3992a7f31ea5ca68a4b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8a88795caf7c662b-AMS
content-encoding
gzip
content-length
12163
content-location
https://simulation.ma-solution-eco.com/pv-2022/
content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'
content-type
text/html; charset=utf-8
date
Thu, 25 Jul 2024 01:46:03 GMT
etag
"b:2ab15654810845fb811c1f8e5ea73405"
link
<https://simulation.ma-solution-eco.com/pv-2022/>; rel="canonical"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-content-type-options
nosniff
x-unbounce-pageid
cdd23eb5-b89f-4a36-b054-652667ade875
x-unbounce-variant
b
x-unbounce-visitorid
2ab15654-8108-45fb-811c-1f8e5ea73405

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8a88795c3f5c662b-AMS
content-length
0
date
Thu, 25 Jul 2024 01:46:03 GMT
location
/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
server
cloudflare
main-59ed514.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-59ed514.z.css
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59ed514fd33b3003e22be31ac180a0b4c519d8393eed635773e00ee739f71773
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Apr 2024 18:45:15 GMT
content-encoding
gzip
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-version-id
vv5icuidsXuesDOswQ7c1XUGmhkeADnJ
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
age
7455649
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2912
referrer-policy
no-referrer
last-modified
Mon, 29 Apr 2024 18:29:57 GMT
server
AmazonS3
etag
"1f0f1221a519c01a04109854bbda6568"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
U5KrFBT9J2UW13enG00v-DvsbKs_bW9u1J8Vg6-VnMCvyaCaAZqK2Q==
e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js
simulation.ma-solution-eco.com/_ub/static/ts/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://simulation.ma-solution-eco.com/_ub/static/ts/e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ab16fd7cfc53638fd929f76fae270e35d7748278bcdd7fe7d04dd3525f4928
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 01:46:03 GMT
content-encoding
br
via
1.1 6592b72953c66e8c26c29c332cf2edf0.cloudfront.net (CloudFront)
x-amz-version-id
y0uC0xE0yu95rDa35ZEYf2K128n3gwGH
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-cf-pop
AMS58-P1
age
6661241
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 08 May 2024 22:13:34 GMT
server
cloudflare
etag
W/"a7eeb377929f3b60727095f859013d59"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8a88795d0fa7662b-AMS
x-amz-cf-id
HTuMXz7JSZMJl4mLtwCtg5HyVzmXSi1taFTmXwouXuwp4DhNCN0_6A==
expires
Fri, 25 Jul 2025 01:46:03 GMT
main.bundle-4d218c1.z.js
builder-assets.unbounce.com/published-js/ 		137 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-4d218c1.z.js
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d218c1125cf232d4ac3c1dd4f0f2edd1774bc984ee303029522e6d1a42ff185
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 25 Jun 2024 03:59:21 GMT
content-encoding
gzip
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-version-id
QwbrFkZO.VbyFMMhu5gON.F2CHdtCN2D
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
age
2584002
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
41266
referrer-policy
no-referrer
last-modified
Mon, 03 Jun 2024 21:01:05 GMT
server
AmazonS3
etag
"86b26fea3c74d5cd6b91aed8e4b7fb14"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
o1vs5eYzgaKYz3iuxvLwK4ArB2dc8JREmptyw7qN8mlTY0HKDbz8yA==
94a00fd0-d223-4991-b04b-4f4ee50c5f8d
https://app.unbounce.com/ 		0
0
6ea86e19-42f2-435f-84e3-937c13a4af1f
https://app.unbounce.com/ 		0
0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
gum-iframe.js
form.reflexleads.com/common/gum-form/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-form/gum-iframe.js?v=1721871963780
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6012845403149959e199ac346105e5b7d570d725e43440481dc6a6b7e0b3d223

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 01:46:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 04 Oct 2023 14:28:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"651d7696-ca4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zkLaJRVBkZ3e7aqht59ovz5%2BY%2F4coGYGwGPY%2BeIpE4vcnJU2Sru4GylScfWCAyRWSXSCzdY6t4%2FsVvlihjHvwtUFP7fcZPnAk1RdC9Wtlw18IdZgdOjyMMeHFyEUyzdTiFrO9iDtSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf8
cache-control
max-age=315360000
cf-ray
8a88795e39f3f858-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
lecoindelafinance.com/common/gum-footer/render/ 		0
0
/
form.reflexleads.com/common/gum-consent/render/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-consent/render/?form_id=58
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.16
Resource Hash
8df942d89ed081c7ef545a46e7282d7079769d9adf461004a52535b73b85cace

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 01:46:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.16
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbjIRm6%2F8TaAtu2m7VUtMQgxxrcwydLNOv9k11oTN5gYZS8w5aziC5%2B7fbEYYJtz1s4vf6RaUGyqY%2BgBMRcw%2Bh7ygKPmfllC47POneTo1E0ew3wj42zXmFcGDOZl7Gmi8xpkAW4ZxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8a88795e39090b64-AMS
alt-svc
h3=":443"; ma=86400
itm.js
itm.ivitrack.com/v1/getupmedia-tag/ 		54 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itm.ivitrack.com/v1/getupmedia-tag/itm.js
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.104.209 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.104.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
3c241f094e8ecc97f1cc646f9d85bc96151ad777925daceecb517920052c2515

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 18:22:10 GMT
content-encoding
gzip
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
age
113033
etag
"3c241f094e8ecc97f1cc646f9d85bc96151ad777925daceecb517920052c2515"
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13109
i
simulation.ma-solution-eco.com/_ub/ 		2 B
269 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://simulation.ma-solution-eco.com/_ub/i
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/_ub/static/ts/e6c35f50fd3355ae56cc4292c3ae66e2e57ced28.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.37 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'

Request headers

Referer
https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Jul 2024 01:46:04 GMT
content-security-policy
default-src 'none'; style-src 'unsafe-inline'
referrer-policy
no-referrer
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://simulation.ma-solution-eco.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
cf-ray
8a88795dd800662b-AMS
content-length
2
b1859b78-fc55-4950-a3df-91b67c289fc1
https://simulation.ma-solution-eco.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://simulation.ma-solution-eco.com/b1859b78-fc55-4950-a3df-91b67c289fc1
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-4d218c1.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
5427
Content-Type
text/css
css
fonts.ub-assets.com/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,900,500%7CLato:regular,700
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-4d218c1.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
1135c691893d9a361ba8611efa8f51585555917b13d62d4b585b42cd71b82101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 09:11:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
232484
x-amzn-requestid
5ec09288-5009-4354-ace6-c505e58ff2ba
x-cache
RefreshHit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
bTpIvHdTIAMEqgA=
content-length
963
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-669e2237-2a514f7e4b89b0f71c837d68
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
5tz3kRMXbEE3SssODIMDg4tpxNjX6R4smkikX9J5cjNhmtyS4BLo-A==
fcc43b0c-54319771-0-ma-solution-eco-by-b_104m014000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/fcc43b0c-54319771-0-ma-solution-eco-by-b_104m014000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aab8744d1a1f6ecd2db44889ebd6a6eb2c321ed2fb1377042ce6288d64428520

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 13 May 2024 21:12:43 GMT
x-amz-version-id
6xANHYoZOZKgol1zaQzC7IGRC_5aOrE4
via
1.1 8bd22c4e977189bdb5963957ff8477de.cloudfront.net (CloudFront)
last-modified
Wed, 10 Apr 2024 11:32:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
6237201
etag
"eff0d13784aba2824de9d0e727d5bbb3"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2824
x-amz-cf-id
nW2CSMAZIy0OFQ1nS5acTC2LIGjNySODJ2pL5Zo0Lwpr2Ak9IUmpjQ==
a81242f5-accept_100y00y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		524 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/a81242f5-accept_100y00y000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3a142a36f0e7dd9836a5adeb4824f1251818c7d7bbf30422bbecc301b5d5dcb

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 13 May 2024 21:12:43 GMT
x-amz-version-id
6z3Li2Kd3dcRnlr.qv2KWSA9alWSW9bb
via
1.1 8bd22c4e977189bdb5963957ff8477de.cloudfront.net (CloudFront)
last-modified
Wed, 10 Apr 2024 11:32:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
6237201
etag
"c2a08f8c5019772eae4affee20608bef"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
524
x-amz-cf-id
uVQobZqEYU81yYn7RGZ-f7nL-dXGOfPJ7dH0-3Y_r9FrwlW1IgT4Gw==
8c15589c-pv03_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/8c15589c-pv03_1000000000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7daceebbd1be4c8fa379f8f5ffcfcb5e17f13f35bdd2b55598b79f97a9ae7d9

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 13 May 2024 21:12:43 GMT
x-amz-version-id
56MwHh2BuWvc.gXKiySBOmhAGIT4WrG2
via
1.1 8bd22c4e977189bdb5963957ff8477de.cloudfront.net (CloudFront)
last-modified
Wed, 10 Apr 2024 11:32:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
6237201
etag
"2d2e4f254fde64018a6c407116aa3584"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
119206
x-amz-cf-id
qI4SXZ27Ufv_tbEmgd4J4ZKbVvKPdCjSWeEKHdgBisPYpFZwqtf_Dg==
9b67fbfa-56042501-0-senior-age.gif
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/9b67fbfa-56042501-0-senior-age.gif
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6785d30173290c1cfd3a3e2e728d484830477f354b6a944d175b9ca860025118

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 13 May 2024 21:12:43 GMT
x-amz-version-id
1OP0YVegjV6mdomoqPQlifZIs5DX.wsk
via
1.1 8bd22c4e977189bdb5963957ff8477de.cloudfront.net (CloudFront)
last-modified
Wed, 10 Apr 2024 11:32:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
6237201
etag
"2f63aa7d5708755e54cae16bb97d5ecc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31557600
accept-ranges
bytes
content-length
126004
x-amz-cf-id
WldcfOcMwkRN01D-Z1dZCRsPJYi0Ugp0k7uiV3tSeh2jOwsOOOhgsg==
c92a33e1-france-map-green_10cw0d5000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/c92a33e1-france-map-green_10cw0d5000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d257823c52fc635ffe0f40ec778f6531d42910180e80c4125f89584227b5a03

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 13 May 2024 21:12:43 GMT
x-amz-version-id
ESG307M46bdIJy.DMsPNXSHtKfa.uJXb
via
1.1 8bd22c4e977189bdb5963957ff8477de.cloudfront.net (CloudFront)
last-modified
Wed, 10 Apr 2024 11:32:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
6237201
etag
"64357b8a8c6c9b832a18c87500268e2d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
11347
x-amz-cf-id
Y1c5Ah2ewHd0QTcfC1Oe5E3_9zo_uOe1yXSYopNvRLH3dUkg_R91eA==
e1003739-group-9-1_10ca0c3000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/e1003739-group-9-1_10ca0c3000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2f992e427cc69f3613adce548c3013d1427ffb850d99925adf5a384d9365727

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 13 May 2024 21:12:43 GMT
x-amz-version-id
hFo0P9D9qnrNoBX9hLsQDZr9wm1kQrYw
via
1.1 8bd22c4e977189bdb5963957ff8477de.cloudfront.net (CloudFront)
last-modified
Wed, 10 Apr 2024 11:32:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
6237201
etag
"b5a8935cd84477a12234aaaaf168b53b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
65808
x-amz-cf-id
3K_srolMYOy5ms8enncv6M23oqncC4yDb--kuBP-Cb2qcrY-ouhPLA==
f36157c6-pv02_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/simulation.ma-solution-eco.com/pv-2022/f36157c6-pv02_1000000000000000000028.png
Requested by
Host: simulation.ma-solution-eco.com
URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3410eb9224bbb9829288265b14e45982122ed9b69557e003b011bbced7614315

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 13 May 2024 21:12:43 GMT
x-amz-version-id
.QchfnfimYfuZvhlCS0IoEXlkUMVXa_H
via
1.1 8bd22c4e977189bdb5963957ff8477de.cloudfront.net (CloudFront)
last-modified
Wed, 10 Apr 2024 11:32:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
6237201
etag
"4c21f002ef2c5c758a163cbd26c54f6d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
112840
x-amz-cf-id
QAL6_DTu7CZkzpXR836pDbGu4qalHOke6r_3yA54GWo2o46O7zs1wg==
itm.html
itm.ivitrack.com/v1/commander-frame/2.2426.1/ Frame 7048 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://itm.ivitrack.com/v1/commander-frame/2.2426.1/itm.html
Requested by
Host: itm.ivitrack.com
URL: https://itm.ivitrack.com/v1/getupmedia-tag/itm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.104.209 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.104.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://simulation.ma-solution-eco.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-Width, Width, Sec-CH-Viewport-Width, Viewport-Width, Sec-CH-DPR, DPR
age
51988
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
gzip
content-length
8093
content-type
text/html; charset=utf-8
date
Wed, 24 Jul 2024 11:19:35 GMT
etag
"62e16111c5728d8e91720a7b3eb31dd060e6253d140f612bc6d8b609a114ea82"
server
istio-envoy
via
1.1 google
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
x-envoy-upstream-service-time
0
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,900,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://simulation.ma-solution-eco.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 09 Jun 2024 22:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15740
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
3898393
x-amzn-requestid
b20d53f7-10d7-47ca-84a6-a72542514a63
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
ZHzKeF9noAMEYJg=
content-length
15763
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-66663242-47a1a50e6158bc4271eb6d41
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
W5wWAVFIFRXkMPwle3muZtt_Dmrnn2n6Lb7dXzuKaOTO8Ua_Yv-PLQ==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,900,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://simulation.ma-solution-eco.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 21 May 2024 20:12:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15744
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
5549620
x-amzn-requestid
d441db8e-e38a-471d-bba5-fb06fd11bf09
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
YIz2IECQIAMEnnA=
content-length
15767
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-664d0026-79c1d1a33779518c01ce54b6
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
yuevXcTGUKYSS9Es79KIf4yDUydIUJuVOGOe--SxoWtaNV_FnxLAtA==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,900,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://simulation.ma-solution-eco.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 13 May 2024 02:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15860
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
6304952
x-amzn-requestid
b627576e-04b9-4a2f-a483-d492580fde1b
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
Xr_xhGf0oAMENFg=
content-length
15883
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 11 May 2022 19:24:42 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-664179a3-7a5312c21a4ead9c766ddb22
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
47T86iFFgDCWy9oHNtImj5GMz0Naj_T_cTlITS0K_z13kFjHDtnnRw==
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,900,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://simulation.ma-solution-eco.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 08:54:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
17508
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
16908703
x-amzn-requestid
bc72e7d3-3486-451e-8a59-99000e8d3b3d
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
RXftdF6oIAMEF_g=
content-length
17536
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 11 May 2022 19:24:41 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-659facbc-5aa8d8b15fb20a4813f84bcf
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
LsYXha6szPQPoGrOun0zRli-t8sah6O0eiHXvzfYQh-vvwKgxL7Q7Q==
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,900,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://simulation.ma-solution-eco.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Apr 2024 20:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15752
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
9262238
x-amzn-requestid
dbc42f6e-a124-46ff-a42a-2543ed76bc29
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
V7L1sHoDIAMEBTA=
content-length
15775
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 11 May 2022 19:24:56 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-661459bd-4e8d2fa70e6e587a684d1fcb
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
9fl6z6zEC0AjZNemR3vukifyc2uKvm-UOt6RHekcxWH6AMmS3LpVow==
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,900,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://simulation.ma-solution-eco.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Apr 2024 23:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15920
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
7784947
x-amzn-requestid
2424ae42-ea48-48a3-81d1-6d8aa316fa4d
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
WzigTGAVoAMEIhg=
content-length
15943
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 11 May 2022 19:24:45 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-662ae468-136a839c32069ca134fa6703
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
TOCIXDJsw27jJpkFebqoy_0iHL9b3siC5p3M7PYCxqL5gpwgQYJa1Q==
S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,900,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://simulation.ma-solution-eco.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 29 May 2024 04:53:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23580
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
4913530
x-amzn-requestid
5be7f9c6-a94e-4d25-9488-830443976713
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
YhEzNF7IoAMEN9g=
content-length
23578
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Tue, 02 May 2023 15:17:22 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6656b4e1-353d1cea3fb712505887cd7c
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
xWETMfJ78U0LvLQ9-6tIVKy_PXl9M7kAg4m1SXlxa50mLgiXHMOW1A==
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:300,regular,700,300italic,900,500%7CLato:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-8.fra60.r.cloudfront.net
Software
/
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://simulation.ma-solution-eco.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 12 Jun 2024 04:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23040
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
3704014
x-amzn-requestid
e4877e07-7bdd-4e47-ae63-2941ee9e6bb0
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
ZPNuKFJcoAMEh4A=
content-length
23041
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Tue, 02 May 2023 15:07:25 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6669298d-693732526709d0181dfd4961
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
a0nmUrsqnaMci0-vx7TWIssnWB5O6TVw9oZYVIRmbk1R8GpfqcSFaw==
/
form.reflexleads.com/common/gum-form/render/ Frame A5D9
Redirect Chain
  • https://form.reflexleads.com/common/gum-form/render?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJ...
  • https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLC...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6Ijc4NDM4NzdlLWFiMTctNGZkYy1iNGMxLTRhYWM5ZDg1MGE2YSIsImNhbXBhaWduX25hbWUiOiJGUi1QVi1OX0EtSVZJLURFU0siLCJhZF9uYW1lIjoiRmF0aW1hLTQ1In0=
Requested by
Host: form.reflexleads.com
URL: https://form.reflexleads.com/common/gum-form/gum-iframe.js?v=1721871963780
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.16
Resource Hash

Request headers

Referer
https://simulation.ma-solution-eco.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a88795faf1f7758-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 25 Jul 2024 01:46:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zyghhfn8gDnXDI8AfnNFZ6LuqrG06PI19PRCLIMbBTD09yqNGlwDxs8Acwhae4gits8iHAhMOvFG0af78AaW5tLZXgFKB1fuQEoe3rZk5u6opWpn1WG6CHVXZn24ED6fHHbCtuAfzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.2.16

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a88795efeee7758-AMS
content-type
text/html
date
Thu, 25 Jul 2024 01:46:04 GMT
location
https://form.reflexleads.com/common/gum-form/render/?parent_domain=https://simulation.ma-solution-eco.com&parent_path=/pv-2022/&form_id=9&gum_data=eyJjcmVhdG9yX2lkIjoiOTA0IiwiYWZmX2lkIjoiMjEzNzUiLCJvZmZlcl9pZCI6IjIxMzgwIiwic291cmNlIjoiaXZpZGVuY2UiLCJjbGlja19pZCI6Ijc4NDM4NzdlLWFiMTctNGZkYy1iNGMxLTRhYWM5ZDg1MGE2YSIsImNhbXBhaWduX25hbWUiOiJGUi1QVi1OX0EtSVZJLURFU0siLCJhZF9uYW1lIjoiRmF0aW1hLTQ1In0=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=evld5lDhe90JUV%2FP1c4UfGmpk5Dj9tm85LmeCdaJ%2BKnU%2BBN8MH8BSeFr9aE4OKA%2FzyFsDEup5SDc5C0p3GhJm7a%2BBhBNt36dVC1PbimD9b%2FlJrpU7YpAwaOGVeS3D6ooU8Fw1dFsWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
favicon.ico
lecoindelafinance.com/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lecoindelafinance.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49693889a25c8d6c5c94631c3516ac2c55c8e406a7ca608ff8ca3024faa983a3

Request headers

Referer
https://simulation.ma-solution-eco.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 01:46:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 May 2021 08:56:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1087025
etag
W/"6098f52a-1036"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQVqOVKgkKqvhxkLF%2BRSKjLGdw4D%2F%2FLx6i9lD3EX2g97BuoEb7mztojv%2FymiYG9IFP79TqwUBI3RtjEiZthKxUirPGTK%2FbaSC3KnLeF57%2Fh%2F4khcbFxB3t2wjpqu9bAZWsZunNtSysQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
8a8879678e5363eb-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.unbounce.com
URL
blob:https://app.unbounce.com/94a00fd0-d223-4991-b04b-4f4ee50c5f8d
Domain
app.unbounce.com
URL
blob:https://app.unbounce.com/6ea86e19-42f2-435f-84e3-937c13a4af1f
Domain
lecoindelafinance.com
URL
https://lecoindelafinance.com/common/gum-footer/render/?form_id=9

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ub object| GUMConsent string| keyword object| script object| request function| ivi function| ubSnowplow boolean| ubSnowplowInitialized function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam function| parseQueryString function| processMessage

9 Cookies

Domain/Path Name / Value
simulation.ma-solution-eco.com/pv-2022/ Name: ubpv
Value: b%2Ccdd23eb5-b89f-4a36-b054-652667ade875
t.news.infofranceeconomies.com/ Name: ASP.NET_SessionId
Value: enobqtgkczcmphd4qahcznoc
t.news.infofranceeconomies.com/ Name: SERVERID
Value: mindtrack3.odiso.net
.ivitrack.com/ Name: ivid2
Value: 5b705a418887936a6df52660b5c64e7692417acbd093ea9740b0d333fb11a982
.ivitrack.com/ Name: id
Value: ef92d5dc-8bef-45a0-9b1a-1b5f83fb1f35
.ivitrack.com/ Name: cmpgn.6066d19caf9d5220cfa86dcb
Value: %7B%22imp%22%3A%227843877e-ab17-4fdc-b4c1-4aac9d850a6a%22%2C%22time%22%3A1721871963%7D
.simulation.ma-solution-eco.com/ Name: __cf_bm
Value: CCZDhNXAyR1XUF5mQyF1f4Bv64KHzo8Yyow5Pa4eisk-1721871963-1.0.1.1-4GRMtkoAgqH4QtnDh9yuWf2s.1pC_aBX0BUJaPKGChZPcMFSTRVePLJ1P9smroOhIbJe_dyi3kYL86doY0Im_A
simulation.ma-solution-eco.com/ Name: ubvs
Value: 2ab15654-8108-45fb-811c-1f8e5ea73405
.ma-solution-eco.com/ Name: ubvt
Value: v2%7C2ab15654-8108-45fb-811c-1f8e5ea73405%7Ccdd23eb5-b89f-4a36-b054-652667ade875%3Ab%3Aweighted%3Aweighted

4 Console Messages

Source Level URL
Text
javascript error URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45(Line 9)
Message:
Not allowed to load local resource: blob:https://app.unbounce.com/94a00fd0-d223-4991-b04b-4f4ee50c5f8d
javascript error URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45(Line 9)
Message:
Not allowed to load local resource: blob:https://app.unbounce.com/6ea86e19-42f2-435f-84e3-937c13a4af1f
javascript error URL: https://simulation.ma-solution-eco.com/pv-2022/?creator_id=904&aff_id=21375&offer_id=21380&source=ividence&click_id=7843877e-ab17-4fdc-b4c1-4aac9d850a6a&campaign_name=FR-PV-N_A-IVI-DESK&ad_name=Fatima-45
Message:
Access to XMLHttpRequest at 'https://lecoindelafinance.com/common/gum-footer/render/?form_id=9' from origin 'https://simulation.ma-solution-eco.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://lecoindelafinance.com/common/gum-footer/render/?form_id=9
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.unbounce.com
builder-assets.unbounce.com
clk.eu.ivitrack.com
d9hhrg4mnvzow.cloudfront.net
fonts.ub-assets.com
form.reflexleads.com
ipe.ad.fr.nativ-ivi.fr
ipm.ivitrack.com
itm.ivitrack.com
lecoindelafinance.com
simulation.ma-solution-eco.com
t.news.infofranceeconomies.com
app.unbounce.com
lecoindelafinance.com
104.18.19.37
13.224.189.30
13.32.99.8
185.151.189.219
188.114.96.3
188.114.97.3
3.160.156.5
34.117.157.22
34.120.104.209
34.140.227.143
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc
0d257823c52fc635ffe0f40ec778f6531d42910180e80c4125f89584227b5a03
1135c691893d9a361ba8611efa8f51585555917b13d62d4b585b42cd71b82101
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3410eb9224bbb9829288265b14e45982122ed9b69557e003b011bbced7614315
3c241f094e8ecc97f1cc646f9d85bc96151ad777925daceecb517920052c2515
40c6a331373cbe9c0840fda629ea079350a486b07655258439c635fe3e6f9a63
49693889a25c8d6c5c94631c3516ac2c55c8e406a7ca608ff8ca3024faa983a3
4d218c1125cf232d4ac3c1dd4f0f2edd1774bc984ee303029522e6d1a42ff185
59ed514fd33b3003e22be31ac180a0b4c519d8393eed635773e00ee739f71773
6012845403149959e199ac346105e5b7d570d725e43440481dc6a6b7e0b3d223
6785d30173290c1cfd3a3e2e728d484830477f354b6a944d175b9ca860025118
785228b538ffaac6ee04c4dac546f2a90e6887a5bc64be9a560e68f3a287d065
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8df942d89ed081c7ef545a46e7282d7079769d9adf461004a52535b73b85cace
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a7daceebbd1be4c8fa379f8f5ffcfcb5e17f13f35bdd2b55598b79f97a9ae7d9
aab8744d1a1f6ecd2db44889ebd6a6eb2c321ed2fb1377042ce6288d64428520
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2f992e427cc69f3613adce548c3013d1427ffb850d99925adf5a384d9365727
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
c3a142a36f0e7dd9836a5adeb4824f1251818c7d7bbf30422bbecc301b5d5dcb
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4ab16fd7cfc53638fd929f76fae270e35d7748278bcdd7fe7d04dd3525f4928
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef