urlscan.io logo urlscan.io
SecurityTrails logo

budgetdevis.com Open in urlscan Pro
34.141.100.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.lecarrefourdesentrepreneurs.com/c/iP4/FKa/Nnet0WNP4bX2JDY60MlILy/F/FsM_/F/6ff5029c
Effective URL: https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Submission: On December 14 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 6 countries across 19 domains to perform 47 HTTP transactions. The main IP is 34.141.100.75, located in Frankfurt am Main, Germany and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is budgetdevis.com.
TLS certificate: Issued by R3 on November 27th 2022. Valid for: 3 months.
This is the only time budgetdevis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 176.126.250.255 47544 (IQPL-AS)
1 3 34.159.45.57 396982 (GOOGLE-CL...)
2 142.250.186.40 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 35.186.231.97 15169 (GOOGLE)
1 108.156.60.34 16509 (AMAZON-02)
1 188.165.150.178 16276 (OVH)
1 8 34.141.100.75 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... ()
1 108.156.60.117 16509 (AMAZON-02)
2 178.62.248.152 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 88.221.169.78 ()
2 2600:9000:223... ()
3 3 2620:1ec:22::14 ()
1 13.107.42.14 ()
2 70.42.32.159 ()
1 2a03:2880:f12... ()
47 26
1    176.126.250.255 (Poland)

ASN47544 (IQPL-AS, PL)
PTR: 176-126-250-255.rev.iq.pl
links.lecarrefourdesentrepreneurs.com
3    34.159.45.57 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: laravel.kontikimedia.com
krs.lecarrefourdesentrepreneurs.com
2    142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net
www.googletagmanager.com
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ru
3    35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com
clk.tradedoubler.com
1    108.156.60.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-34.ams1.r.cloudfront.net
vht.tradedoubler.com
1    188.165.150.178 (France)

ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com
analytics.tradedoubler.com
8    34.141.100.75 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: minisites.kontikimedia.com
budgetdevis.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f080:9:face:b00c:0:3 (None, )

ASN- ()
connect.facebook.net
1    108.156.60.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-117.ams1.r.cloudfront.net
hst.tradedoubler.com
2    178.62.248.152 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
ipmeta.io
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
1    88.221.169.78 (None, )

ASN- ()
amplify.outbrain.com
2    2600:9000:223d:a00:2:53b2:240:93a1 (None, )

ASN- ()
cdn.linkedin.oribi.io
3    2620:1ec:22::14 (None, )

ASN- ()
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (None, )

ASN- ()
px4.ads.linkedin.com
2    70.42.32.159 (None, )

ASN- ()
tr.outbrain.com
1    2a03:2880:f128:83:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
Apex Domain
Subdomains		 Transfer
8 budgetdevis.com
budgetdevis.com
170 KB
6 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 120051
vht.tradedoubler.com — Cisco Umbrella Rank: 151654
analytics.tradedoubler.com — Cisco Umbrella Rank: 221672
hst.tradedoubler.com — Cisco Umbrella Rank: 248785
7 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
3 KB
4 google.com
analytics.google.com — Cisco Umbrella Rank: 366
region1.analytics.google.com — Cisco Umbrella Rank: 6986
789 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
20 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
272 KB
4 lecarrefourdesentrepreneurs.com
links.lecarrefourdesentrepreneurs.com
krs.lecarrefourdesentrepreneurs.com
4 KB
3 outbrain.com
amplify.outbrain.com
tr.outbrain.com
6 KB
2 oribi.io
cdn.linkedin.oribi.io
375 B
2 ipmeta.io
ipmeta.io — Cisco Umbrella Rank: 42159
2 KB
2 facebook.net
connect.facebook.net
112 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
5 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
378 B
1 facebook.com
www.facebook.com
185 B
1 google.fr
www.google.fr — Cisco Umbrella Rank: 17022
501 B
1 gstatic.com
fonts.gstatic.com
15 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 903
43 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
1 google.ru
www.google.ru — Cisco Umbrella Rank: 10684
501 B
47 19
Domain Requested by
8 budgetdevis.com 1 redirects budgetdevis.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com krs.lecarrefourdesentrepreneurs.com
www.googletagmanager.com
budgetdevis.com
3 region1.analytics.google.com www.googletagmanager.com
3 clk.tradedoubler.com 2 redirects krs.lecarrefourdesentrepreneurs.com
3 krs.lecarrefourdesentrepreneurs.com 1 redirects krs.lecarrefourdesentrepreneurs.com
2 tr.outbrain.com amplify.outbrain.com
budgetdevis.com
2 px.ads.linkedin.com 2 redirects
2 cdn.linkedin.oribi.io snap.licdn.com
2 ipmeta.io www.googletagmanager.com
ipmeta.io
2 connect.facebook.net krs.lecarrefourdesentrepreneurs.com
connect.facebook.net
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 stats.g.doubleclick.net www.googletagmanager.com
1 www.facebook.com budgetdevis.com
1 px4.ads.linkedin.com budgetdevis.com
1 www.linkedin.com 1 redirects
1 amplify.outbrain.com krs.lecarrefourdesentrepreneurs.com
1 www.google.fr budgetdevis.com
1 fonts.gstatic.com fonts.googleapis.com
1 hst.tradedoubler.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 fonts.googleapis.com budgetdevis.com
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 www.google.ru krs.lecarrefourdesentrepreneurs.com
1 analytics.google.com www.googletagmanager.com
1 links.lecarrefourdesentrepreneurs.com 1 redirects
47 27

This site contains links to these domains. Also see Links.

Domain
kontikimedia.com
remailme.fr
notify.ag
www.acxiom.fr
www.squadata.net
www.cnil.fr
Subject Issuer Validity Valid
krs.lecarrefourdesentrepreneurs.com
R3		 2022-11-22 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com.ru
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.tradedoubler.com
R3		 2022-12-12 -
2023-03-12		 3 months crt.sh
budgetdevis.com
R3		 2022-11-27 -
2023-02-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-22 -
2022-12-21		 3 months crt.sh
ipmeta.io
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Frame ID: E90EC5902148343F9745DBFD4327099B
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Investir dans un Ehpad

Page URL History Show full URLs

  1. https://links.lecarrefourdesentrepreneurs.com/c/iP4/FKa/Nnet0WNP4bX2JDY60MlILy/F/FsM_/F/6ff5029c HTTP 302
    https://krs.lecarrefourdesentrepreneurs.com/jp?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berang... HTTP 301
    https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Beran... Page URL
  2. http://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investi... HTTP 302
    https://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investi... Page URL
  3. https://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investi... HTTP 302
    https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmorn... HTTP 301
    https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmor... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

47
Requests

94 %
HTTPS

56 %
IPv6

19
Domains

27
Subdomains

26
IPs

6
Countries

660 kB
Transfer

1779 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.lecarrefourdesentrepreneurs.com/c/iP4/FKa/Nnet0WNP4bX2JDY60MlILy/F/FsM_/F/6ff5029c HTTP 302
    https://krs.lecarrefourdesentrepreneurs.com/jp?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058 HTTP 301
    https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058 Page URL
  2. http://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918 HTTP 302
    https://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918 Page URL
  3. https://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918 HTTP 302
    https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918 HTTP 301
    https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://links.lecarrefourdesentrepreneurs.com/c/iP4/FKa/Nnet0WNP4bX2JDY60MlILy/F/FsM_/F/6ff5029c HTTP 302
  • https://krs.lecarrefourdesentrepreneurs.com/jp?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058 HTTP 301
  • https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058
Request Chain 12
  • http://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918 HTTP 302
  • https://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Request Chain 40
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4241689&time=1671033395869&url=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone%5D%26email%3Dbmornet%40henner.fr%26a%3D3283918 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4241689%26time%3D1671033395869%26url%3Dhttps%253A%252F%252Fbudgetdevis.com%252Finvestissements%252Fehpad%252F%253Ffname%253DBerangere%2526lname%253DMornet%2526phone%253D%255Bphone%255D%2526email%253Dbmornet%2540henner.fr%2526a%253D3283918%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4241689&time=1671033395869&url=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone%5D%26email%3Dbmornet%40henner.fr%26a%3D3283918&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4241689&time=1671033395869&url=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone%5D%26email%3Dbmornet%40henner.fr%26a%3D3283918&liSync=true&e_ipv6=AQIx80h5biLZfgAAAYURWhwOFmEziLQTvqQuLYfPHL32aboJjhId3uHkYFY5rW97iQaJMdE

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
krs.lecarrefourdesentrepreneurs.com/jp/
Redirect Chain
  • https://links.lecarrefourdesentrepreneurs.com/c/iP4/FKa/Nnet0WNP4bX2JDY60MlILy/F/FsM_/F/6ff5029c
  • https://krs.lecarrefourdesentrepreneurs.com/jp?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&ut...
  • https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&u...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.159.45.57 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
laravel.kontikimedia.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3142b49c22c3ce3e813fe5ab49546960c3c5ebe3fc4cb49ae332145085954659

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=ISO-8859-1
Date
Wed, 14 Dec 2022 15:56:32 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Wed, 14 Dec 2022 15:56:32 GMT
Location
https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058
Server
nginx/1.18.0 (Ubuntu)
redirect1.gif
krs.lecarrefourdesentrepreneurs.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://krs.lecarrefourdesentrepreneurs.com/images/redirect1.gif
Requested by
Host: krs.lecarrefourdesentrepreneurs.com
URL: https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.159.45.57 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
laravel.kontikimedia.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
da1e92fc3fb9a19f018b1d0f6bf371f2a7499b72476879ac01ca86264d6a2ed8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 15:56:32 GMT
Last-Modified
Mon, 16 May 2022 14:56:18 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62826612-5ac"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1452
gtm.js
www.googletagmanager.com/ 		131 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T2D9W3L
Requested by
Host: krs.lecarrefourdesentrepreneurs.com
URL: https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
18a013db32ab9ca3580acc5b7db9496e00aede66abb66ee5e90869f884cb907c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://krs.lecarrefourdesentrepreneurs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50078
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 15:56:32 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2D9W3L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://krs.lecarrefourdesentrepreneurs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 15:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2446
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 14 Dec 2022 17:15:46 GMT
js
www.googletagmanager.com/gtag/ 		178 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5VKFC3JRFW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2D9W3L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b0dba95cb120b700a1a9474387b8cdb670e30393b3974dd3ad40b1ac02f4e9b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://krs.lecarrefourdesentrepreneurs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
67029
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 15:56:32 GMT
collect
analytics.google.com/g/ 		0
361 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-5VKFC3JRFW&gtm=2oebu0&_p=808535901&_gaz=1&cid=402290857.1671033393&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671033392&sct=1&seg=0&dl=https%3A%2F%2Fkrs.lecarrefourdesentrepreneurs.com%2Fjp%2F%3Fh%3Dbd94b5b269551c195291a915f21ed6c4%26email%3Dbmornet%2540henner.fr%26fname%3DBerangere%26lname%3DMornet%26emailmd5%3D0c524a8ba5a5dcb1c2cb84a820735c06%26utm_source%3DLCDE%26utm_medium%3Dcpl%26utm_term%3DFinance%26countkey%3DFR%26dbid%3D30892%26adv%3DEhpad%26brd%3DEhpad%26clt%3DKontiki_media%26trm%3DAlex%26creaid%3D51058&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&ep.UserId=0c524a8ba5a5dcb1c2cb84a820735c06&up.adv=Ehpad&up.brd=Ehpad&up.clt=Kontiki_media&up.countkey=FR&up.dbid=30892&up.trm=Alex&up.UserId=0c524a8ba5a5dcb1c2cb84a820735c06&up.call=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VKFC3JRFW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://krs.lecarrefourdesentrepreneurs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 15:56:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://krs.lecarrefourdesentrepreneurs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
361 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5VKFC3JRFW&cid=402290857.1671033393&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VKFC3JRFW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://krs.lecarrefourdesentrepreneurs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 15:56:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://krs.lecarrefourdesentrepreneurs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ru/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ru/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5VKFC3JRFW&cid=402290857.1671033393&gtm=2oebu0&aip=1&z=432646780
Requested by
Host: krs.lecarrefourdesentrepreneurs.com
URL: https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://krs.lecarrefourdesentrepreneurs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 15:56:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=808535901&t=pageview&_s=1&dl=https%3A%2F%2Fkrs.lecarrefourdesentrepreneurs.com%2Fjp%2F%3Fh%3Dbd94b5b269551c195291a915f21ed6c4%26email%3Dbmornet%2540henner.fr%26fname%3DBerangere%26lname%3DMornet%26emailmd5%3D0c524a8ba5a5dcb1c2cb84a820735c06%26utm_source%3DLCDE%26utm_medium%3Dcpl%26utm_term%3DFinance%26countkey%3DFR%26dbid%3D30892%26adv%3DEhpad%26brd%3DEhpad%26clt%3DKontiki_media%26trm%3DAlex%26creaid%3D51058&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1776658375&gjid=1034565504&cid=402290857.1671033393&uid=0c524a8ba5a5dcb1c2cb84a820735c06&tid=UA-117927431-4&_gid=476866804.1671033393&_r=1&gtm=2wgbu0T2D9W3L&cd1=30892&cd2=Ehpad&cd3=Ehpad&cd4=Kontiki_media&cd5=Alex&cd6=FR&cd7=0c524a8ba5a5dcb1c2cb84a820735c06&cd8=undefined&z=1491912080
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://krs.lecarrefourdesentrepreneurs.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 15:56:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://krs.lecarrefourdesentrepreneurs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=808535901&t=pageview&_s=1&dl=https%3A%2F%2Fkrs.lecarrefourdesentrepreneurs.com%2Fjp%2F%3Fh%3Dbd94b5b269551c195291a915f21ed6c4%26email%3Dbmornet%2540henner.fr%26fname%3DBerangere%26lname%3DMornet%26emailmd5%3D0c524a8ba5a5dcb1c2cb84a820735c06%26utm_source%3DLCDE%26utm_medium%3Dcpl%26utm_term%3DFinance%26countkey%3DFR%26dbid%3D30892%26adv%3DEhpad%26brd%3DEhpad%26clt%3DKontiki_media%26trm%3DAlex%26creaid%3D51058&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=402290857.1671033393&uid=0c524a8ba5a5dcb1c2cb84a820735c06&tid=UA-117927431-4&_gid=476866804.1671033393&gtm=2wgbu0T2D9W3L&cd1=30892&cd2=Ehpad&cd3=Ehpad&cd4=Kontiki_media&cd5=Alex&cd6=FR&cd7=0c524a8ba5a5dcb1c2cb84a820735c06&cd8=undefined&z=2023447478
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://krs.lecarrefourdesentrepreneurs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 19:44:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72753
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=808535901&t=pageview&_s=1&dl=https%3A%2F%2Fkrs.lecarrefourdesentrepreneurs.com%2Fjp%2F%3Fh%3Dbd94b5b269551c195291a915f21ed6c4%26email%3Dbmornet%2540henner.fr%26fname%3DBerangere%26lname%3DMornet%26emailmd5%3D0c524a8ba5a5dcb1c2cb84a820735c06%26utm_source%3DLCDE%26utm_medium%3Dcpl%26utm_term%3DFinance%26countkey%3DFR%26dbid%3D30892%26adv%3DEhpad%26brd%3DEhpad%26clt%3DKontiki_media%26trm%3DAlex%26creaid%3D51058&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=402290857.1671033393&uid=0c524a8ba5a5dcb1c2cb84a820735c06&tid=UA-117927431-4&_gid=476866804.1671033393&gtm=2wgbu0T2D9W3L&cd1=30892&cd2=Ehpad&cd3=Ehpad&cd4=Kontiki_media&cd5=Alex&cd6=FR&cd7=0c524a8ba5a5dcb1c2cb84a820735c06&cd8=undefined&z=1118144473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://krs.lecarrefourdesentrepreneurs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 19:44:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72754
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		0
0
click
clk.tradedoubler.com/
Redirect Chain
  • http://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
  • https://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Requested by
Host: krs.lecarrefourdesentrepreneurs.com
URL: https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.231.186.35.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
15334f5a956be03d5055ceac76870d3899a48164f2fbd7c955e44b9604658467

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
1212
content-type
text/html; charset=ISO-8859-1
date
Wed, 14 Dec 2022 15:56:34 GMT
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
referrer-policy
origin
server
TXServerHttp
via
1.1 google

Redirect headers

Content-Length
401
Content-Type
text/html; charset=ISO-8859-1
Date
Wed, 14 Dec 2022 15:56:34 GMT
Location
https://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Via
1.1 google
collect
analytics.google.com/g/ 		0
0
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-34.ams1.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 16:55:50 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Via
1.1 76a2ca53c94ecdb2669e24612a611a48.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P2
Age
428445
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3705
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
EXxSXNYR8-QwyK2SffHs9E3feNny-AAdjXcw8CojHlleYq7JPPVlIw==
/
analytics.tradedoubler.com/ 		0
176 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
188.165.150.178 , France, ASN16276 (OVH, FR),
Reverse DNS
lb02.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
gzip
x-via-popn
primary
server
nginx
vary
Accept-Encoding
x-via-poph
replica1
content-type
text/html; charset=UTF-8
Primary Request /
budgetdevis.com/investissements/ehpad/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=333915&a=3283918&g=25311224&epi=&url=https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
  • https://budgetdevis.com/investissements/ehpad?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
  • https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.141.100.75 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
minisites.kontikimedia.com
Software
nginx /
Resource Hash
ebe25161294b74235728b62643e2aceaa148c76305e332c13af5a6e6f970b80c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://clk.tradedoubler.com
Referer
https://clk.tradedoubler.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 15:56:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

content-length
162
content-type
text/html
date
Wed, 14 Dec 2022 15:56:35 GMT
location
https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
app.css
budgetdevis.com/investissements/ehpad/assets/css/ 		52 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://budgetdevis.com/investissements/ehpad/assets/css/app.css?version=1671033395
Requested by
Host: budgetdevis.com
URL: https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.141.100.75 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
minisites.kontikimedia.com
Software
nginx /
Resource Hash
8c39f2099fae86a36fa920bb010f2879199aad3ae97bce99fe7978ea39d6c1ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 Oct 2022 15:25:18 GMT
server
nginx
etag
W/"6359515e-cf35"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=31536000
expires
Thu, 14 Dec 2023 15:56:35 GMT
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@900&display=swap
Requested by
Host: budgetdevis.com
URL: https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf4650ff9a7c89a15786f8460b0b1882f627a7474d64cc8e5b56669bdbeb2fec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 15:56:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Dec 2022 15:56:35 GMT
logo.WebP
budgetdevis.com/investissements/ehpad/assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://budgetdevis.com/investissements/ehpad/assets/images/logo.WebP
Requested by
Host: budgetdevis.com
URL: https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.141.100.75 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
minisites.kontikimedia.com
Software
nginx /
Resource Hash
f6ffcfb98480919fb450a85393107d970e6fc09b6bfd900e364698ed9061b2c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 Oct 2022 15:36:49 GMT
server
nginx
etag
"634ec811-13aa"
x-frame-options
SAMEORIGIN
content-type
image/webp
accept-ranges
bytes
content-length
5034
app.js
budgetdevis.com/investissements/ehpad/assets/js/ 		178 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://budgetdevis.com/investissements/ehpad/assets/js/app.js?version=1671033395
Requested by
Host: budgetdevis.com
URL: https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.141.100.75 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
minisites.kontikimedia.com
Software
nginx /
Resource Hash
1f70a8827c2900bb8ea1869a56ad05f9c03fdd3771a48856b83cfad4c5f436d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Nov 2022 13:14:58 GMT
server
nginx
etag
W/"6363bed2-2c7cf"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=31536000
expires
Thu, 14 Dec 2023 15:56:35 GMT
gtm.js
www.googletagmanager.com/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WC2PTV4
Requested by
Host: budgetdevis.com
URL: https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
784453a3661e4d5c335ba0878032cd14a5c5557aecdc3af1736e9b812a4f8a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80563
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 15:56:35 GMT
header.WebP
budgetdevis.com/investissements/ehpad/assets/images/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://budgetdevis.com/investissements/ehpad/assets/images/header.WebP
Requested by
Host: budgetdevis.com
URL: https://budgetdevis.com/investissements/ehpad/assets/css/app.css?version=1671033395
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.141.100.75 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
minisites.kontikimedia.com
Software
nginx /
Resource Hash
fd3798a050f82494cf3ea1e86440b1a412b0bcafaa6c8c08aa000236dcaed2db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/investissements/ehpad/assets/css/app.css?version=1671033395
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 26 Oct 2022 15:03:17 GMT
server
nginx
etag
"63594c35-a72e"
x-frame-options
SAMEORIGIN
content-type
image/webp
accept-ranges
bytes
content-length
42798
optimize.js
www.googleoptimize.com/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-MVDTKG8
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WC2PTV4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6377af3cc57f415a0a15745db499d0ada653f74fb2a06113c9f081935df7be8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43949
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 15:56:35 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1017 B
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WC2PTV4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
891c693ce3d3cf4785ef8ce23e9acad133d41dd2b4586d0a5f8d8b0571f913b7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
626
date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 10:30:30 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=66823
accept-ranges
bytes
content-length
490
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: krs.lecarrefourdesentrepreneurs.com
URL: https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Dec 2022 15:56:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27320
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
fu7RNqsa0obuo2+kicQYhbrjLxJXivqkf8CTbOS2mqmbLHw/v6eC5CPyBl4WQh5PF8G4MgTXKGPEaNKKz2M9pQ==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
landingPageGTM_min.js
hst.tradedoubler.com/file/47446/ 		747 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hst.tradedoubler.com/file/47446/landingPageGTM_min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WC2PTV4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-117.ams1.r.cloudfront.net
Software
Apache /
Resource Hash
32c833a9dcac280174a601aea083e84deba1def1f9dcf69a0ccf43a560a96e5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 09:06:01 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Via
1.1 4a3271596b4750a635e84d92a47448bc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P2
Age
197434
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
454
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 17 Sep 2018 10:57:55 GMT
Server
Apache
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
xe0X1Kj_1UKSwYakJGgZDK_oyZedXm0aV47f6obfRHn3TrYL7h0hzA==
plugin.js
ipmeta.io/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipmeta.io/plugin.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WC2PTV4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
178.62.248.152 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
32b55b3f053f3b28b4e4494f32b1729ab902042eefc361441c8ed274e554f54d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.17.3
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400, public
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		231 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8JG1BLK5ZC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WC2PTV4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b879be9daeea22e630a8331ad0bffbe2460c57f3d63c53580d4dbba457d0a530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80568
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 15:56:35 GMT
legal.php
budgetdevis.com/views/templates/ 		85 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://budgetdevis.com/views/templates/legal.php
Requested by
Host: budgetdevis.com
URL: https://budgetdevis.com/investissements/ehpad/assets/js/app.js?version=1671033395
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.141.100.75 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
minisites.kontikimedia.com
Software
nginx /
Resource Hash
5d886958e04bf5c252c1a53094ca2ff2f572643af64d1547c9b5d0814cae0dd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
10
budgetdevis.com/support/api/lp/is_active/1/ 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://budgetdevis.com/support/api/lp/is_active/1/10
Requested by
Host: budgetdevis.com
URL: https://budgetdevis.com/investissements/ehpad/assets/js/app.js?version=1671033395
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.141.100.75 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
minisites.kontikimedia.com
Software
nginx /
Resource Hash
925008b91e751435bd739377bd6a8978095c2689348187205e9b0c3ad8c8cadb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
x-ratelimit-remaining
59
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
60
x-frame-options
SAMEORIGIN
XRXI3I6Li01BKofiOc5wtlZ2di8HDBImdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDBImdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
228ad600962c755632e336274b6795f406f2351ba6dde02eaa7efe58bf9155ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://budgetdevis.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 00:41:30 GMT
x-content-type-options
nosniff
age
141305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14296
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 00:41:30 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8JG1BLK5ZC&gtm=2oebu0&_p=690202317&_gaz=1&cid=1847624031.1671033396&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1671033395&sct=1&seg=0&dl=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone%5D%26email%3Dbmornet%40henner.fr%26a%3D3283918&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Investir%20dans%20un%20Ehpad&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&ep.anonymize_ip=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8JG1BLK5ZC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 15:56:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://budgetdevis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8JG1BLK5ZC&cid=1847624031.1671033396&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8JG1BLK5ZC&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 15:56:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://budgetdevis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8JG1BLK5ZC&cid=1847624031.1671033396&gtm=2oebu0&aip=1&z=825826540
Requested by
Host: budgetdevis.com
URL: https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 15:56:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8JG1BLK5ZC&gtm=2oebu0&_p=690202317&cid=1847624031.1671033396&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1671033395&sct=1&seg=0&dl=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone%5D%26email%3Dbmornet%40henner.fr%26a%3D3283918&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Investir%20dans%20un%20Ehpad&en=URL_complete&ep.debug_mode=true&ep.anonymize_ip=true&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8JG1BLK5ZC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 15:56:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://budgetdevis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
338 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8JG1BLK5ZC&gtm=2oebu0&_p=690202317&cid=1847624031.1671033396&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=3&sid=1671033395&sct=1&seg=0&dl=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone%5D%26email%3Dbmornet%40henner.fr%26a%3D3283918&dr=https%3A%2F%2Fclk.tradedoubler.com%2F&dt=Investir%20dans%20un%20Ehpad&en=scroll&ep.debug_mode=true&ep.anonymize_ip=true&epn.percent_scrolled=90&_et=9
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8JG1BLK5ZC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 15:56:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://budgetdevis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: krs.lecarrefourdesentrepreneurs.com
URL: https://krs.lecarrefourdesentrepreneurs.com/jp/?h=bd94b5b269551c195291a915f21ed6c4&email=bmornet%40henner.fr&fname=Berangere&lname=Mornet&emailmd5=0c524a8ba5a5dcb1c2cb84a820735c06&utm_source=LCDE&utm_medium=cpl&utm_term=Finance&countkey=FR&dbid=30892&adv=Ehpad&brd=Ehpad&clt=Kontiki_media&trm=Alex&creaid=51058
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.169.78 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1ccdc085b5be138822c5352d11f93edad63feaf4a7cbcac15314705a863492e7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 15:56:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Nov 2022 14:22:05 GMT
Server
AkamaiNetStorage
ETag
"fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5269
Expires
Wed, 14 Dec 2022 16:16:35 GMT
enrich
ipmeta.io/api/ 		53 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipmeta.io/api/enrich
Requested by
Host: ipmeta.io
URL: https://ipmeta.io/plugin.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
178.62.248.152 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
6c4322550c72ebbcbbbfd3c82a7a815e88647a7332406c9e6e8b9c43bb8fdc11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://budgetdevis.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.17.3
vary
Accept-Encoding
x-ratelimit-remaining
59
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
60
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:35 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 16:10:50 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=78893
accept-ranges
bytes
content-length
4581
token
cdn.linkedin.oribi.io/partner/4241689/domain/budgetdevis.com/ 		36 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4241689/domain/budgetdevis.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:a00:2:53b2:240:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://budgetdevis.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 15:25:55 GMT
content-encoding
gzip
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
1840
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
r-cjVjW7MHQD2ymo3fHODJFTVToanYgvyXGe6kkeF7rqhDoPPb5s9w==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4241689&time=1671033395869&url=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone%...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4241689%26time%3D1671033395869%26url%3Dhttps%253A%252F%252Fbudgetdevis.com%252Fin...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4241689&time=1671033395869&url=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone%...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4241689&time=1671033395869&url=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4241689&time=1671033395869&url=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone%5D%26email%3Dbmornet%40henner.fr%26a%3D3283918&liSync=true&e_ipv6=AQIx80h5biLZfgAAAYURWhwOFmEziLQTvqQuLYfPHL32aboJjhId3uHkYFY5rW97iQaJMdE
Requested by
Host: budgetdevis.com
URL: https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:56:36 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9882A55A95CD46CAB889DD190B496AF1 Ref B: LTSEDGE2110 Ref C: 2022-12-14T15:56:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvy8f/6t5rMQV1UPCJIg==

Redirect headers

date
Wed, 14 Dec 2022 15:56:35 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 473D035000E9457A910AF1EAAED11876 Ref B: LON212050703053 Ref C: 2022-12-14T15:56:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4241689&time=1671033395869&url=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone%5D%26email%3Dbmornet%40henner.fr%26a%3D3283918&liSync=true&e_ipv6=AQIx80h5biLZfgAAAYURWhwOFmEziLQTvqQuLYfPHL32aboJjhId3uHkYFY5rW97iQaJMdE
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvy8f9RopWTh9GvKhhDg==
token
cdn.linkedin.oribi.io/partner/4241689/domain/budgetdevis.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4241689/domain/budgetdevis.com/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:a00:2:53b2:240:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://budgetdevis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
19017
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 14 Dec 2022 10:39:38 GMT
via
1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
x-amz-cf-id
sP8wE2RZ9MAkoCfSNqOjR5HfzhoFitUv_oqO5JY_clz7DWntMAfbbQ==
x-amz-cf-pop
FRA56-P3
x-cache
Hit from cloudfront
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00e406f5be406db1a4be0b669fe31cead1
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 15:56:36 GMT
content-encoding
gzip
X-TraceId
c582eb8f579d312f611eea4a484471f4
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00e406f5be406db1a4be0b669fe31cead1&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone%5D%26email%3Dbmornet%40henner.fr%26a%3D3283918&optOut=false&bust=020786739169077872&referrer=https%3A%2F%2Fclk.tradedoubler.com%2F
Requested by
Host: budgetdevis.com
URL: https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 15:56:36 GMT
Cache-Control
no-cache
content-encoding
gzip
X-TraceId
23070567002fbcc840fe8b5b4dacd384
Content-Length
60
Content-Type
image/gif;
1970547156428661
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1970547156428661?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0767ed3ee7998bf2af3fd764347f389dd39a82683ae88e0b405a8104bd2f82cf
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Dec 2022 15:56:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
StHzH3h8ZqiXKJnaS/Le/aF3cYsZ4zE523QTPLo2IvwVScFO4Okayv1o1lwb0livSJPy/qrOgp1XWl2296O0Qw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1970547156428661&ev=PageView&dl=https%3A%2F%2Fbudgetdevis.com%2Finvestissements%2Fehpad%2F%3Ffname%3DBerangere%26lname%3DMornet%26phone%3D%5Bphone%5D%26email%3Dbmornet%40henner.fr%26a%3D3283918&rl=https%3A%2F%2Fclk.tradedoubler.com%2F&if=false&ts=1671033396276&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1671033396275.11509901&it=1671033396053&coo=false&exp=a0&rqm=GET
Requested by
Host: budgetdevis.com
URL: https://budgetdevis.com/investissements/ehpad/?fname=Berangere&lname=Mornet&phone=[phone]&email=bmornet@henner.fr&a=3283918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f128:83:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://budgetdevis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Dec 2022 15:56:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=808535901&t=pageview&_s=1&dl=https%3A%2F%2Fkrs.lecarrefourdesentrepreneurs.com%2Fjp%2F%3Fh%3Dbd94b5b269551c195291a915f21ed6c4%26email%3Dbmornet%2540henner.fr%26fname%3DBerangere%26lname%3DMornet%26emailmd5%3D0c524a8ba5a5dcb1c2cb84a820735c06%26utm_source%3DLCDE%26utm_medium%3Dcpl%26utm_term%3DFinance%26countkey%3DFR%26dbid%3D30892%26adv%3DEhpad%26brd%3DEhpad%26clt%3DKontiki_media%26trm%3DAlex%26creaid%3D51058&ul=en-us&de=windows-1252&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=402290857.1671033393&uid=0c524a8ba5a5dcb1c2cb84a820735c06&tid=UA-117927431-4&_gid=476866804.1671033393&gtm=2wgbu0T2D9W3L&cd1=30892&cd2=Ehpad&cd3=Ehpad&cd4=Kontiki_media&cd5=Alex&cd6=FR&cd7=0c524a8ba5a5dcb1c2cb84a820735c06&cd8=undefined&z=339229258
Domain
analytics.google.com
URL
https://analytics.google.com/g/collect?v=2&tid=G-5VKFC3JRFW&gtm=2oebu0&_p=808535901&cid=402290857.1671033393&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1671033392&sct=1&seg=0&dl=https%3A%2F%2Fkrs.lecarrefourdesentrepreneurs.com%2Fjp%2F%3Fh%3Dbd94b5b269551c195291a915f21ed6c4%26email%3Dbmornet%2540henner.fr%26fname%3DBerangere%26lname%3DMornet%26emailmd5%3D0c524a8ba5a5dcb1c2cb84a820735c06%26utm_source%3DLCDE%26utm_medium%3Dcpl%26utm_term%3DFinance%26countkey%3DFR%26dbid%3D30892%26adv%3DEhpad%26brd%3DEhpad%26clt%3DKontiki_media%26trm%3DAlex%26creaid%3D51058&dt=Vous%20allez%20%C3%AAtre%20redirig%C3%A9&en=user_engagement&ep.debug_mode=true&ep.UserId=0c524a8ba5a5dcb1c2cb84a820735c06&_et=2290

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| dataLayer string| campaignURL string| siteURL object| prefills object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq boolean| __VUE__ function| onYouTubeIframeAPIReady object| gaGlobal function| setCookie function| getCookie function| getUrlParameter function| setTduid function| obApi function| providePlugin function| provideGtagPlugin function| provideGtmPlugin function| IpMetaGa4 function| rc function| riskCheck function| IpMeta function| enrichNetwork function| encr string| storageKey object| google_optimize function| lintrk boolean| _already_called_lintrk object| ipmeta

13 Cookies

Domain/Path Name / Value
links.lecarrefourdesentrepreneurs.com/ Name: TEMP_DATA
Value: 432a7052-787b-44e3-9761-30cd9e79c7b3
links.lecarrefourdesentrepreneurs.com/ Name: esg1
Value: iP4/FKa/Nnet0WNP4bX2JDY60MlILy/F/FsM_/F/72b39495
.lecarrefourdesentrepreneurs.com/ Name: _ga
Value: GA1.2.402290857.1671033393
.lecarrefourdesentrepreneurs.com/ Name: _gid
Value: GA1.2.476866804.1671033393
.lecarrefourdesentrepreneurs.com/ Name: _gat_UA-117927431-4
Value: 1
.lecarrefourdesentrepreneurs.com/ Name: _ga_5VKFC3JRFW
Value: GS1.1.1671033392.1.0.1671033395.57.0.0
.tradedoubler.com/ Name: EH_0
Value: 1z11z1zxZzFmwo1z1WjFyZwvjhA9yEdDxZm6lL5XGJLmfKNP2pYHnr_7lr.gZdbo1%7aQYWa0vQE6ruC4StM47
.tradedoubler.com/ Name: GUID
Value: 1z11zzxZz1qBQ37ze5a6e44399fa26b52bc56661ebc06191
.tradedoubler.com/ Name: TradeDoublerGUID
Value: e5a6e44399fa26b52bc56661ebc06191
budgetdevis.com/ Name: PHPSESSID
Value: h086b9rldijf9em6mdhe84e8pg
.budgetdevis.com/ Name: _gcl_au
Value: 1.1.1813364141.1671033396
.budgetdevis.com/ Name: _ga_8JG1BLK5ZC
Value: GS1.1.1671033395.1.0.1671033395.60.0.0
.budgetdevis.com/ Name: _ga
Value: GA1.1.1847624031.1671033396

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
analytics.google.com
analytics.tradedoubler.com
budgetdevis.com
cdn.linkedin.oribi.io
clk.tradedoubler.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
hst.tradedoubler.com
ipmeta.io
krs.lecarrefourdesentrepreneurs.com
links.lecarrefourdesentrepreneurs.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
tr.outbrain.com
vht.tradedoubler.com
www.facebook.com
www.google-analytics.com
www.google.fr
www.google.ru
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
analytics.google.com
www.google-analytics.com
108.156.60.117
108.156.60.34
13.107.42.14
142.250.186.40
176.126.250.255
178.62.248.152
188.165.150.178
2001:4860:4802:32::36
2001:4860:4802:36::181
2600:9000:223d:a00:2:53b2:240:93a1
2620:1ec:22::14
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c02::9a
2a02:26f0:480:f::213:7ec6
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f128:83:face:b00c:0:25de
34.141.100.75
34.159.45.57
35.186.231.97
70.42.32.159
88.221.169.78
0767ed3ee7998bf2af3fd764347f389dd39a82683ae88e0b405a8104bd2f82cf
15334f5a956be03d5055ceac76870d3899a48164f2fbd7c955e44b9604658467
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
18a013db32ab9ca3580acc5b7db9496e00aede66abb66ee5e90869f884cb907c
1ccdc085b5be138822c5352d11f93edad63feaf4a7cbcac15314705a863492e7
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1f70a8827c2900bb8ea1869a56ad05f9c03fdd3771a48856b83cfad4c5f436d1
228ad600962c755632e336274b6795f406f2351ba6dde02eaa7efe58bf9155ac
3142b49c22c3ce3e813fe5ab49546960c3c5ebe3fc4cb49ae332145085954659
32b55b3f053f3b28b4e4494f32b1729ab902042eefc361441c8ed274e554f54d
32c833a9dcac280174a601aea083e84deba1def1f9dcf69a0ccf43a560a96e5d
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
5d886958e04bf5c252c1a53094ca2ff2f572643af64d1547c9b5d0814cae0dd3
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4322550c72ebbcbbbfd3c82a7a815e88647a7332406c9e6e8b9c43bb8fdc11
784453a3661e4d5c335ba0878032cd14a5c5557aecdc3af1736e9b812a4f8a1c
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
891c693ce3d3cf4785ef8ce23e9acad133d41dd2b4586d0a5f8d8b0571f913b7
8c39f2099fae86a36fa920bb010f2879199aad3ae97bce99fe7978ea39d6c1ed
925008b91e751435bd739377bd6a8978095c2689348187205e9b0c3ad8c8cadb
b0dba95cb120b700a1a9474387b8cdb670e30393b3974dd3ad40b1ac02f4e9b2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b879be9daeea22e630a8331ad0bffbe2460c57f3d63c53580d4dbba457d0a530
cf4650ff9a7c89a15786f8460b0b1882f627a7474d64cc8e5b56669bdbeb2fec
d6377af3cc57f415a0a15745db499d0ada653f74fb2a06113c9f081935df7be8
da1e92fc3fb9a19f018b1d0f6bf371f2a7499b72476879ac01ca86264d6a2ed8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebe25161294b74235728b62643e2aceaa148c76305e332c13af5a6e6f970b80c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6ffcfb98480919fb450a85393107d970e6fc09b6bfd900e364698ed9061b2c0
fd3798a050f82494cf3ea1e86440b1a412b0bcafaa6c8c08aa000236dcaed2db