dromadaire-news.com Open in urlscan Pro
212.6.132.213 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Submission: On August 08 via api (August 8th 2022, 6:28:39 am UTC) from FR — Scanned from FR

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 11 domains to perform 26 HTTP transactions. The main IP is 212.6.132.213, located in Germany and belongs to CLARANET-AS ClaraNET LTD, GB. The main domain is dromadaire-news.com.
TLS certificate: Issued by R3 on July 3rd 2022. Valid for: 3 months.

This is the only time dromadaire-news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	212.6.132.213 212.6.132.213	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::ac43:4444	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 11	34.140.227.143 34.140.227.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.149.135.58 34.149.135.58	15169 (GOOGLE) (GOOGLE)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	145.239.193.51 145.239.193.51	16276 (OVH) (OVH)
1 1	2001:41d0:202... 2001:41d0:202:100:145:239:192:103	16276 (OVH) (OVH)
1	2001:41d0:301... 2001:41d0:301:100:145:239:193:53	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
26	9

2 212.6.132.213 (Germany)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)
PTR: mta.pf.xqueue.de

dromadaire-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::ac43:4444 (United States)

ASN13335 (CLOUDFLARENET, US)

www.drostatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.140.227.143 (Brussels, Belgium) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.227.140.34.bc.googleusercontent.com

ipe.drostatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
opn.eu.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.135.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.135.149.34.bc.googleusercontent.com

eur4.cdn.programatik.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

ejp.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.51 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:202:100:145:239:192:103 (France) 1 redirects

ASN16276 (OVH, FR)

asset.email-match.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:301:100:145:239:193:53 (France)

ASN16276 (OVH, FR)

asset.easydmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	drostatic.com 3 redirects www.drostatic.com ipe.drostatic.com	247 KB
3	rlcdn.com 2 redirects ejp.rlcdn.com — Cisco Umbrella Rank: 99007 idsync.rlcdn.com — Cisco Umbrella Rank: 309	1 KB
2	gstatic.com fonts.gstatic.com	73 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 208	641 B
2	programatik.email eur4.cdn.programatik.email — Cisco Umbrella Rank: 252676	78 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
2	dromadaire-news.com dromadaire-news.com	7 KB
1	easydmp.net asset.easydmp.net — Cisco Umbrella Rank: 57911	716 B
1	email-match.com 1 redirects asset.email-match.com — Cisco Umbrella Rank: 769559	475 B
1	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 29897	2 KB
1	ivitrack.com opn.eu.ivitrack.com — Cisco Umbrella Rank: 407228	282 B
26	11

	Domain	Requested by
10	ipe.drostatic.com	3 redirects dromadaire-news.com
7	www.drostatic.com	dromadaire-news.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cm.g.doubleclick.net	2 redirects
2	ejp.rlcdn.com	2 redirects
2	eur4.cdn.programatik.email	dromadaire-news.com
2	fonts.googleapis.com	dromadaire-news.com
2	dromadaire-news.com	dromadaire-news.com
1	asset.easydmp.net	dromadaire-news.com
1	asset.email-match.com	1 redirects
1	tag.leadplace.fr	dromadaire-news.com
1	idsync.rlcdn.com	dromadaire-news.com
1	opn.eu.ivitrack.com	dromadaire-news.com
26	13

This site contains no links.

Subject Issuer	Validity	Valid
dromadaire-news.com R3	`2022-07-03` - `2022-10-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
ipe.drostatic.com R3	`2022-07-05` - `2022-10-03`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2021-09-12` - `2022-09-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Frame ID: 4D3091C82ABBEB2BEA041A5E962ADBCF
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

La journée des chats et la Saint Amour !

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

81 %
HTTPS

45 %
IPv6

11
Domains

13
Subdomains

9
IPs

4
Countries

409 kB
Transfer

428 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://ipe.drostatic.com/nlo?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92 HTTP 302
https://opn.eu.ivitrack.com/nlo?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92

Request Chain 15

https://ipe.drostatic.com/nli?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0 HTTP 302
https://eur4.cdn.programatik.email/programmatic-images/Py/PyLfwVfjwON5xfYY_S0MGkzaKLzoFG9QAofuas9Bb9g=-1659713462635

Request Chain 16

https://ipe.drostatic.com/nli?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0&alt=small HTTP 302
https://eur4.cdn.programatik.email/programmatic-images/bE/bEszEXm2hbtR4ar7-LC3c8kDpC7FbPxPdE3MEU88tqo=-1659528624743

Request Chain 19

https://ejp.rlcdn.com/472356.gif?m=525f19097d369aa898a4443537ddab92&n=1 HTTP 307
https://ejp.rlcdn.com/1000.gif?memo=CKTqHBIsCiYIBBAAGiA1MjVmMTkwOTdkMzY5YWE4OThhNDQ0MzUzN2RkYWI5MhCknCIaDQiT2sKXBhIFCOgHEABCAEoA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBp7pSgLbPOx90uWkPUBR5k&google_cver=1

Request Chain 21

https://asset.email-match.com/1923/asset?type=IMG&email=525f19097d369aa898a4443537ddab92@md5 HTTP 302
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&s=1923&p=1923&known_user=1&m=525f19097d369aa898a4443537ddab92&rand=1659940115.3516

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request _OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Show response
dromadaire-news.com/i/ 26 KB
7 KB 168ms
94ms Document
text/html 212.6.132.213
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL

https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.6.132.213 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

mta.pf.xqueue.de

Software

nginx /

Resource Hash

834300ca69666ecf3c55a51cc0540dc6f9ea9655fdd2719c6474e031d3a79478

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 08 Aug 2022 06:28:35 GMT
Server: nginx
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H2 200 css
fonts.googleapis.com/ 5 KB
999 B 98ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,700

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41e067ef5d12cbc23025912371f381da27fdd6bf14383ec1fbd2c7dd8a7c618b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 05:04:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 08 Aug 2022 06:28:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Aug 2022 06:28:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
537 B 98ms
36ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:300,400,700

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

202c11bcf477b810ce8f9f3acbc732046211d53570e16d659c9f850c22e0215d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 06:09:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 08 Aug 2022 06:28:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Aug 2022 06:28:35 GMT

GET
H2 200 logo_dromadaire.png
www.drostatic.com/dromanews/1925_ete_dc/ 2 KB
3 KB 86ms
30ms Image
image/webp 2606:4700:20::ac43:4444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/1925_ete_dc/logo_dromadaire.png

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eea45f09e9a7b0b17bbf62124a7aa0381b39b4be65d3b1b45abffdc549a03b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "5d0bae5e-1617"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 980724
cf-polished: origFmt=png, origSize=5655
content-disposition: inline; filename="logo_dromadaire.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2468
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Jun 2019 16:03:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Mon, 08 Aug 2022 06:28:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVm%2Bfwz995PGtBVoRPzejdXfA6Cd7q4qjJfAtMxqJiOLQHgxyg5Jdr8Aafxc5G1%2FsBjAwQZFwhZM1WEG88BpqGMHZcOqx%2BeupsRy%2Fyb5wa%2FcS0KFbaZOOpVc3M%2BJh7oy4qhBkhdBrMeByJ0k86X4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 737631583ac499dc-CDG
cf-bgj: imgq:100,h2pri

GET
H2 200 1.jpg
www.drostatic.com/dromanews/2231_journeechat-saintamour_dc/ 28 KB
29 KB 87ms
31ms Image
image/webp 2606:4700:20::ac43:4444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/2231_journeechat-saintamour_dc/1.jpg

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95289bce904a279d1f21dfc11e5b852c5708a6fa1ccbc214048ec5e16df2f23d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "62eba374-a01b"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176671
cf-polished: origFmt=jpeg, origSize=40987
content-disposition: inline; filename="1.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 28870
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Aug 2022 10:46:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Mon, 08 Aug 2022 06:28:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucMy5aFIXvZxgnGcbm1xh%2BAuMnSS6EV86ZihWxOeK13H6xcj62ujsiQV8u4MhTMo%2FBVFcigDU2hF76KtuhtpVMAhvMLJejRghNzC%2FpoA%2FGlw5hn3hvrXTOkVSq%2FXB88qHTBxBZPT%2BG7JvPK%2BNO7M"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 737631583aca99dc-CDG
cf-bgj: imgq:100,h2pri

GET
H2 200 2.jpg
www.drostatic.com/dromanews/2231_journeechat-saintamour_dc/ 46 KB
46 KB 87ms
32ms Image
image/webp 2606:4700:20::ac43:4444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/2231_journeechat-saintamour_dc/2.jpg

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c1d62214fb1b70fcc47d705867eb2dbc22a2d81d219454a0e325f5eaf3353b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "62eba374-c4db"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176668
cf-polished: origFmt=jpeg, origSize=50395
content-disposition: inline; filename="2.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 46796
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Aug 2022 10:46:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Mon, 08 Aug 2022 06:28:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXOjOWQAN4BV3gU8OOfQe6wJ5TMerrOKNGQLJrI8xp7Wdw7bv7eIvUYaRZo%2BJBzSor7Axl8%2FXkk6TJslNVDHgWIgPJCtBZhZ0wba2j2n720k3S2h5pOgpg7cJVuQB7o7Tp9O%2Fs%2BWtKfPc6FpffIv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 737631583acd99dc-CDG
cf-bgj: imgq:100,h2pri

GET
H2 200 3.jpg
www.drostatic.com/dromanews/2231_journeechat-saintamour_dc/ 163 KB
164 KB 107ms
51ms Image
image/webp 2606:4700:20::ac43:4444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/2231_journeechat-saintamour_dc/3.jpg

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ce63492139d73b9c5cbc99c58b2e628fa0738990ac49eb7b22ab8d280a335ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "62eba374-5555a"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176665
cf-polished: origFmt=jpeg, origSize=349530
content-disposition: inline; filename="3.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 166824
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Aug 2022 10:46:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Mon, 08 Aug 2022 06:28:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3McCux5oXG0cmctGiToc04qN%2BT8V7QfJfKTE45FFS%2F%2Bvlbju1%2B21PlZ77QbjxykX0bqeW8XymW650UY0zpccwDR6bvp8jswBtMiwDGF3lcAwTnxr%2FR74rsjfLV39nONnjy1Ytlfi8utLAw4El6%2Fk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 737631583ad399dc-CDG
cf-bgj: imgq:100,h2pri

GET
H2 200 fb.gif
www.drostatic.com/dromanews/1839_bonjour/images/ 712 B
1 KB 106ms
50ms Image
image/webp 2606:4700:20::ac43:4444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/1839_bonjour/images/fb.gif

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f5aad150d5709247ef3f571b115f53894089b140dfa2af17569a70a634a2269

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "5bac9ab7-980"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 353639
cf-polished: origFmt=gif, origSize=2432
content-disposition: inline; filename="fb.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 712
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Sep 2018 08:54:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Mon, 08 Aug 2022 06:28:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9mszh5XIFs%2F11p%2BgVKKHU6woR%2BySYwySfCcLTLSBSVNM5chWruf1dYhNaxjqwZf419CxXiFkYeT00rttk70RVEDo274l4o1S9HDrYKAnawH51m2jvLBQkgGKa9VXBTUeVq935e9abO%2BiXaVpcwx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 737631583ad199dc-CDG
cf-bgj: imgq:100,h2pri

GET
H2 200 insta.gif
www.drostatic.com/dromanews/1839_bonjour/images/ 836 B
1 KB 86ms
30ms Image
image/webp 2606:4700:20::ac43:4444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/1839_bonjour/images/insta.gif

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5040356f72a6f0096d7ecc72e1143de5c39ac8dd324a60f28cde1a7098ab5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "5bac9ab7-9ae"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 353054
cf-polished: origFmt=gif, origSize=2478
content-disposition: inline; filename="insta.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 836
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Sep 2018 08:54:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Mon, 08 Aug 2022 06:28:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xBILnd9dZd%2FLB7cuGEYiOkunSz8fBwix5gvlEkldHiPasIY1COkZjg7IPn43ZgjNtdsabNmN%2BML2aLLLDuPJQ4KMjWmDkGx3N9Cju2zoEIHSt3F21RA9vDtGuthlQUgC2IUzCu7%2FFYefrrlgB5Q"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 737631583ad099dc-CDG
cf-bgj: imgq:100,h2pri

GET
H2 200 twit.gif
www.drostatic.com/dromanews/1839_bonjour/images/ 830 B
1 KB 46ms
46ms Image
image/webp 2606:4700:20::ac43:4444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/1839_bonjour/images/twit.gif

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50707c8b2af83df982c3d503732cf0e56a9b5971fc56723696e1c21889402312

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors self
etag: "5baca247-9b3"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 351111
cf-polished: origFmt=gif, origSize=2483
content-disposition: inline; filename="twit.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 830
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Sep 2018 09:26:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
date: Mon, 08 Aug 2022 06:28:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UalytqstAxwC3yvrtKy0WIp8qbvR20z81UhNFPI%2FyQoskoRpUyhjRCKT7lGV5uI%2FErSGt2ADt%2FYju17c6OQEUwr4zRhxGn32dhkQd9HdoPZdiiLmchMe0aO2tb4Nu%2F4OHIIso9asz965SYhDqSFN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 737631585af899dc-CDG
cf-bgj: imgq:100,h2pri

GET
H2

200

nlo
opn.eu.ivitrack.com/
Redirect Chain

https://ipe.drostatic.com/nlo?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92
https://opn.eu.ivitrack.com/nlo?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92

42 B
282 B

125ms
29ms

Image
image/gif

34.140.227.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opn.eu.ivitrack.com/nlo?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Protocol: H2
Server: 34.140.227.143 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.227.140.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: nocache
date: Mon, 08 Aug 2022 06:28:35 GMT
server: istio-envoy
content-type: image/gif
cache-control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 4
x-ivi-hostname: programmatic-api-stable-7cfcb866f-mjvcr
content-length: 42
expires: Fri, 24 Oct 1980 17:30:00 GMT

Redirect headers

location: https://opn.eu.ivitrack.com/nlo?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92
date: Mon, 08 Aug 2022 06:28:35 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
x-ivi-hostname: programmatic-api-stable-7cfcb866f-mjvcr
content-length: 120
content-type: text/html; charset=utf-8

GET
H2 200 nlp
ipe.drostatic.com/ 42 B
86 B 134ms
51ms Image
image/gif 34.140.227.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipe.drostatic.com/nlp?p=1&n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.140.227.143 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.227.140.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: nocache
date: Mon, 08 Aug 2022 06:28:35 GMT
server: istio-envoy
content-type: image/gif
cache-control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 27
x-ivi-hostname: programmatic-api-stable-7cfcb866f-mjvcr
content-length: 42
expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H2 200 nlp
ipe.drostatic.com/ 42 B
86 B 148ms
65ms Image
image/gif 34.140.227.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipe.drostatic.com/nlp?p=2&n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.140.227.143 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.227.140.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: nocache
date: Mon, 08 Aug 2022 06:28:35 GMT
server: istio-envoy
content-type: image/gif
cache-control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 42
x-ivi-hostname: programmatic-api-stable-7cfcb866f-mjvcr
content-length: 42
expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H2 200 nlp
ipe.drostatic.com/ 42 B
187 B 123ms
40ms Image
image/gif 34.140.227.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipe.drostatic.com/nlp?p=3&n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.140.227.143 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.227.140.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: nocache
date: Mon, 08 Aug 2022 06:28:35 GMT
server: istio-envoy
content-type: image/gif
cache-control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 16
x-ivi-hostname: programmatic-api-stable-7cfcb866f-mjvcr
content-length: 42
expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H2 200 nlp
ipe.drostatic.com/ 42 B
86 B 92ms
91ms Image
image/gif 34.140.227.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipe.drostatic.com/nlp?p=4&n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.140.227.143 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.227.140.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: nocache
date: Mon, 08 Aug 2022 06:28:35 GMT
server: istio-envoy
content-type: image/gif
cache-control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 68
x-ivi-hostname: programmatic-api-stable-7cfcb866f-mjvcr
content-length: 42
expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H2 200 nlai
ipe.drostatic.com/ 42 B
86 B 100ms
100ms Image
image/gif 34.140.227.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipe.drostatic.com/nlai?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.140.227.143 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.227.140.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: nocache
date: Mon, 08 Aug 2022 06:28:35 GMT
server: istio-envoy
content-type: image/gif
cache-control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 76
x-ivi-hostname: programmatic-api-stable-7cfcb866f-mjvcr
content-length: 42
expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H2

200

PyLfwVfjwON5xfYY_S0MGkzaKLzoFG9QAofuas9Bb9g=-1659713462635
eur4.cdn.programatik.email/programmatic-images/Py/
Redirect Chain

https://ipe.drostatic.com/nli?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0
https://eur4.cdn.programatik.email/programmatic-images/Py/PyLfwVfjwON5xfYY_S0MGkzaKLzoFG9QAofuas9Bb9g=-1659713462635

38 KB
39 KB

80ms
20ms

Image
image/png

34.149.135.58
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eur4.cdn.programatik.email/programmatic-images/Py/PyLfwVfjwON5xfYY_S0MGkzaKLzoFG9QAofuas9Bb9g=-1659713462635
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Protocol: H2
Server: 34.149.135.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.135.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2ef62575303c1cab2ed69910b2a380b42bf65d28b264c54ab727e83e0cfcf901

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-meta-x-ivi-offset: 0
x-goog-meta-x-ivi-context: 5d971a124d4be10001b0dfd9
age: 3026
x-goog-meta-x-ivi-provider: ividence_adserve
x-guploader-uploadid: ADPycdsFqcreiDO4zCMtNB_cwXB36zdDB8ubD783Jw9L0NxReDYF2wp53lXEI5MVeKMrOqHn668PZ-dAkTKTO0EfQ6pSvcmg_7YZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
date: Mon, 08 Aug 2022 05:38:09 GMT
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39415
last-modified: Fri, 05 Aug 2022 15:31:02 GMT
server: UploadServer
etag: "0c286d968ac054615996b54495bd41e8"
x-goog-hash: crc32c=y09aaA==, md5=DChtlorAVGFZlrVElb1B6A==
x-goog-generation: 1659713462706718
x-goog-expiration: Thu, 03 Nov 2022 15:31:02 GMT
cache-control: no-store, no-cache, max-age=0, s-maxage=0, max-stale=0, must-revalidate, proxy-revalidate, private
x-goog-stored-content-length: 39415
accept-ranges: bytes
content-type: image/png
x-goog-meta-x-ivi-renderer: programmatic-rendering
expires: Thu, 08 Sep 2022 05:38:09 GMT

Redirect headers

pragma: nocache
date: Mon, 08 Aug 2022 06:28:35 GMT
server: istio-envoy
content-type: text/html; charset=utf-8
location: https://eur4.cdn.programatik.email/programmatic-images/Py/PyLfwVfjwON5xfYY_S0MGkzaKLzoFG9QAofuas9Bb9g=-1659713462635
cache-control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 53
x-ivi-hostname: programmatic-api-stable-7cfcb866f-mjvcr
content-length: 139
expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H2

200

bEszEXm2hbtR4ar7-LC3c8kDpC7FbPxPdE3MEU88tqo=-1659528624743
eur4.cdn.programatik.email/programmatic-images/bE/
Redirect Chain

https://ipe.drostatic.com/nli?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0&alt=small
https://eur4.cdn.programatik.email/programmatic-images/bE/bEszEXm2hbtR4ar7-LC3c8kDpC7FbPxPdE3MEU88tqo=-1659528624743

38 KB
39 KB

94ms
43ms

Image
image/png

34.149.135.58
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eur4.cdn.programatik.email/programmatic-images/bE/bEszEXm2hbtR4ar7-LC3c8kDpC7FbPxPdE3MEU88tqo=-1659528624743
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Protocol: H2
Server: 34.149.135.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.135.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9a39a8e392ae775e765f44705fea08d78f355488eafd37ce6c3ad015a75a1c98

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-meta-x-ivi-offset: 0
x-goog-meta-x-ivi-context: 5d971a124d4be10001b0dfd9
age: 1616
x-goog-meta-x-ivi-provider: ividence_adserve
x-guploader-uploadid: ADPycdu-UKka6YfQSVDroVufTwof1NmvvNWwFUefdNxRelqJdfXtrqllVq7Zwy9NEzfzUiX0DtLhhf9EFn_yPkqm1TfoxE8jldUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
date: Mon, 08 Aug 2022 06:01:39 GMT
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39129
last-modified: Wed, 03 Aug 2022 12:10:24 GMT
server: UploadServer
etag: "eefd40110aaa0ae53cf546f6bedbc7f6"
x-goog-hash: crc32c=FEvIZA==, md5=7v1AEQqqCuU89Ub2vtvH9g==
x-goog-generation: 1659528624820877
x-goog-expiration: Tue, 01 Nov 2022 12:10:24 GMT
cache-control: no-store, no-cache, max-age=0, s-maxage=0, max-stale=0, must-revalidate, proxy-revalidate, private
x-goog-stored-content-length: 39129
accept-ranges: bytes
content-type: image/png
x-goog-meta-x-ivi-renderer: programmatic-rendering
expires: Thu, 08 Sep 2022 06:01:39 GMT

Redirect headers

pragma: nocache
date: Mon, 08 Aug 2022 06:28:35 GMT
server: istio-envoy
content-type: text/html; charset=utf-8
location: https://eur4.cdn.programatik.email/programmatic-images/bE/bEszEXm2hbtR4ar7-LC3c8kDpC7FbPxPdE3MEU88tqo=-1659528624743
cache-control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 60
x-ivi-hostname: programmatic-api-stable-7cfcb866f-mjvcr
content-length: 139
expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H2 200 nlpi
ipe.drostatic.com/ 731 B
785 B 117ms
117ms Image
image/png 34.140.227.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipe.drostatic.com/nlpi?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.140.227.143 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.227.140.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 923a321ba9bc74901bdf88ab3abd04064fb0c1ed89033d851b0f5ac9c90ecf76

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: nocache
date: Mon, 08 Aug 2022 06:28:35 GMT
server: istio-envoy
content-type: image/png
cache-control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 74
x-ivi-hostname: programmatic-api-stable-7cfcb866f-mjvcr
content-length: 731
expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H2 200 nlsi
ipe.drostatic.com/ 42 B
86 B 110ms
109ms Image
image/gif 34.140.227.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipe.drostatic.com/nlsi?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.140.227.143 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.227.140.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: nocache
date: Mon, 08 Aug 2022 06:28:35 GMT
server: istio-envoy
content-type: image/gif
cache-control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 66
x-ivi-hostname: programmatic-api-stable-7cfcb866f-mjvcr
content-length: 42
expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H2

200

362358.gif
idsync.rlcdn.com/
Redirect Chain

https://ejp.rlcdn.com/472356.gif?m=525f19097d369aa898a4443537ddab92&n=1
https://ejp.rlcdn.com/1000.gif?memo=CKTqHBIsCiYIBBAAGiA1MjVmMTkwOTdkMzY5YWE4OThhNDQ0MzUzN2RkYWI5MhCknCIaDQiT2sKXBhIFCOgHEABCAEoA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBp7pSgLbPOx90uWkPUBR5k&google_cver=1

42 B
412 B

36ms
25ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBp7pSgLbPOx90uWkPUBR5k&google_cver=1
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Aug 2022 06:28:35 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 08 Aug 2022 06:28:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEBp7pSgLbPOx90uWkPUBR5k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ 2 KB
2 KB 94ms
36ms Image
text/html 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.leadplace.fr/wckr.php?id=AVT1&tracker=OE&id3rd=525f19097d369aa898a4443537ddab92
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 06:28:35 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 5CDED410:9F82_91EFC133:01BB_62F0AD13_460E6415:17AA9
X-IPLB-Instance: 29922
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

collect_v2.img.php
asset.easydmp.net/
Redirect Chain

https://asset.email-match.com/1923/asset?type=IMG&email=525f19097d369aa898a4443537ddab92@md5
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&s=1923&p=1923&known_user=1&m=525f19097d369aa898a4443537ddab92&rand=1659940115.3516

43 B
716 B

105ms
25ms

Image
image/gif

2001:41d0:301:100:145:239:193:53
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&s=1923&p=1923&known_user=1&m=525f19097d369aa898a4443537ddab92&rand=1659940115.3516

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA

Protocol

HTTP/1.1

Server

2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 06:28:35 GMT
X-IPLB-Request-ID: 00000000:8F9C_00000000:01BB_62F0AD13_489B718:CE13
X-IPLB-Instance: 36821
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-store, no-cache
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Date: Mon, 08 Aug 2022 06:28:35 GMT
X-IPLB-Request-ID: 00000000:8362_00000000:01BB_62F0AD13_18546FD:1E4D9
X-IPLB-Instance: 33674
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Location: https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&s=1923&p=1923&known_user=1&m=525f19097d369aa898a4443537ddab92&rand=1659940115.3516
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK pelID2nwJ3miLSpRwZMjD1zNCk8TD69Dz_jKbDTMtr0
dromadaire-news.com/i/ 43 B
266 B 28ms
28ms Image
image/gif 212.6.132.213
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dromadaire-news.com/i/pelID2nwJ3miLSpRwZMjD1zNCk8TD69Dz_jKbDTMtr0

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.6.132.213 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),

Reverse DNS

mta.pf.xqueue.de

Software

nginx /

Resource Hash

c3c1dac8f82f21809c1a15cf9c6b6a82ae1b2005b6d9693407c9480a44500dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 06:28:35 GMT
Cache-Control: no-cache, max-age=0
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif;charset=UTF-8

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v17/ 47 KB
47 KB 114ms
53ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v17/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dromadaire-news.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 20:15:44 GMT
x-content-type-options: nosniff
age: 382371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 20:15:44 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v30/ 25 KB
26 KB 89ms
28ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dromadaire-news.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 21:10:00 GMT
x-content-type-options: nosniff
age: 551915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25672
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 21:10:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rlcdn.com/	1970-01-20 13:51:16	Name: rlas3 Value: 6Srpc5+/ahs9Ikr6d4Ys+nX8bNknvU3+y0V1D59AKAEbxov8BsCT0oCG/3qm3PRx6UGIFLOoN702FdzjEYB9QXfPb0KNF5d9RizXYpUTSIBlFpB9SlsB8Vv740DHH2OfEe0ditmXTdYIJnp36d1SG5yvD4LuANbP
.leadplace.fr/	1970-01-20 13:44:04	Name: uid Value: 1729382623010385788
.rlcdn.com/	1970-01-20 06:32:04	Name: pxrc Value: CJPawpcGEgUI6AcQABIGCLrqARAA
.easydmp.net/	1970-01-20 13:50:45	Name: livraison Value: 000000000000000002%3As%3A0%3AeJwLCnIT4cnkEOQrK08slpXi82WP4IwtdckrCa1h9ZUvEBcplBZgVvWQd2cK5fOJ4eaTjwuJ8mKI83SPYyqQ9GQPYs2RDZLKKclQkRFn9mKK4udRFbCoDs3jVswocOKvDBbwqpRy54tj8GXxZ4nmZHMKYas3Y%2BN39QMAYT4agQ%3D%3D%3B
.doubleclick.net/	1970-01-20 14:27:16	Name: IDE Value: AHWqTUl8Hu1fLh8p_nLL36WnwyX-vqPQMIKPG0KHIKT5ijihg94s4JcZ9cIa1HjAJVY

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlo?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlp?p=1&n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlp?p=2&n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlp?p=3&n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlp?p=4&n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlai?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nli?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nli?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0&alt=small'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlpi?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlsi?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://asset.email-match.com/1923/asset?type=IMG&email=525f19097d369aa898a4443537ddab92@md5'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA(Line 4) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlo?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlp?p=1&n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlp?p=2&n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlp?p=3&n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlp?p=4&n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlai?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nli?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nli?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0&alt=small'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlpi?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://ipe.drostatic.com/nlsi?n=5d971a124d4be10001b0dfd9&h=525f19097d369aa898a4443537ddab92&o=0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA Message: Mixed Content: The page at 'https://dromadaire-news.com/i/_OQzvfPUv5RnpSEYhZaZZTHGLrXFCJOliAKGabykWoswJwJvpdfhCA' was loaded over HTTPS, but requested an insecure element 'http://asset.email-match.com/1923/asset?type=IMG&email=525f19097d369aa898a4443537ddab92@md5'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asset.easydmp.net
asset.email-match.com
cm.g.doubleclick.net
dromadaire-news.com
ejp.rlcdn.com
eur4.cdn.programatik.email
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
ipe.drostatic.com
opn.eu.ivitrack.com
tag.leadplace.fr
www.drostatic.com
142.250.185.66
145.239.193.51
2001:41d0:202:100:145:239:192:103
2001:41d0:301:100:145:239:193:53
212.6.132.213
2606:4700:20::ac43:4444
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
34.140.227.143
34.149.135.58
35.244.174.68
1f5aad150d5709247ef3f571b115f53894089b140dfa2af17569a70a634a2269
202c11bcf477b810ce8f9f3acbc732046211d53570e16d659c9f850c22e0215d
2c1d62214fb1b70fcc47d705867eb2dbc22a2d81d219454a0e325f5eaf3353b0
2ef62575303c1cab2ed69910b2a380b42bf65d28b264c54ab727e83e0cfcf901
41e067ef5d12cbc23025912371f381da27fdd6bf14383ec1fbd2c7dd8a7c618b
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
50707c8b2af83df982c3d503732cf0e56a9b5971fc56723696e1c21889402312
6f5040356f72a6f0096d7ecc72e1143de5c39ac8dd324a60f28cde1a7098ab5f
7ce63492139d73b9c5cbc99c58b2e628fa0738990ac49eb7b22ab8d280a335ae
834300ca69666ecf3c55a51cc0540dc6f9ea9655fdd2719c6474e031d3a79478
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
8eea45f09e9a7b0b17bbf62124a7aa0381b39b4be65d3b1b45abffdc549a03b6
923a321ba9bc74901bdf88ab3abd04064fb0c1ed89033d851b0f5ac9c90ecf76
95289bce904a279d1f21dfc11e5b852c5708a6fa1ccbc214048ec5e16df2f23d
9a39a8e392ae775e765f44705fea08d78f355488eafd37ce6c3ad015a75a1c98
c3c1dac8f82f21809c1a15cf9c6b6a82ae1b2005b6d9693407c9480a44500dc0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

dromadaire-news.com Open in urlscan Pro 212.6.132.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

81 %HTTPS

45 %IPv6

11 Domains

13 Subdomains

9 IPs

4 Countries

409 kBTransfer

428 kBSize

5 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

dromadaire-news.com Open in urlscan Pro
212.6.132.213 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

81 %
HTTPS

45 %
IPv6

11
Domains

13
Subdomains

9
IPs

4
Countries

409 kB
Transfer

428 kB
Size

5
Cookies

26 HTTP transactions
0 data transactions