dromadaire-news.com Open in urlscan Pro
212.6.132.213 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Submission: On November 02 via api (November 2nd 2020, 8:22:48 am UTC) from FR

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 29 HTTP transactions. The main IP is 212.6.132.213, located in Germany and belongs to CLARANET-AS ClaraNET LTD, GB. The main domain is dromadaire-news.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 6th 2020. Valid for: 3 months.

This is the only time dromadaire-news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	212.6.132.213 212.6.132.213	8426 (CLARANET-...) (CLARANET-AS ClaraNET LTD)
2	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700:20:... 2606:4700:20::681a:8c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	2606:4700:20:... 2606:4700:20::681a:9c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	62.210.221.53 62.210.221.53	12876 (Online SAS) (Online SAS)
1	62.210.221.54 62.210.221.54	12876 (Online SAS) (Online SAS)
2 3	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1 1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
2 2	145.239.192.103 145.239.192.103	16276 (OVH) (OVH)
1	145.239.193.53 145.239.193.53	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
29	10

2 212.6.132.213 (Germany)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)
PTR: mta.pf.xqueue.de

dromadaire-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:8c0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.drostatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:9c0 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

www.drostatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 62.210.221.53 (France) 1 redirects

ASN12876 (Online SAS, FR)

ipe.drostatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.210.221.54 (France)

ASN12876 (Online SAS, FR)

opn.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.207.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

ejp.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.103 (France) 2 redirects

ASN16276 (OVH, FR)

asset.email-match.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.53 (France)

ASN16276 (OVH, FR)

asset.easydmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	drostatic.com 7 redirects www.drostatic.com ipe.drostatic.com	445 KB
3	rlcdn.com 2 redirects ejp.rlcdn.com idsync.rlcdn.com	1 KB
2	gstatic.com fonts.gstatic.com	70 KB
2	email-match.com 2 redirects asset.email-match.com	903 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	2 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	dromadaire-news.com dromadaire-news.com	8 KB
1	easydmp.net asset.easydmp.net	715 B
1	leadplace.fr tag.leadplace.fr	347 B
1	ivitrack.com opn.ivitrack.com	266 B
29	10

	Domain	Requested by
16	www.drostatic.com	6 redirects dromadaire-news.com
10	ipe.drostatic.com	1 redirects dromadaire-news.com
2	fonts.gstatic.com	fonts.googleapis.com
2	asset.email-match.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ejp.rlcdn.com	2 redirects
2	fonts.googleapis.com	dromadaire-news.com
2	dromadaire-news.com	dromadaire-news.com
1	asset.easydmp.net	dromadaire-news.com
1	tag.leadplace.fr	dromadaire-news.com
1	idsync.rlcdn.com	dromadaire-news.com
1	opn.ivitrack.com	dromadaire-news.com
29	12

This site contains no links.

Subject Issuer	Validity	Valid
dromadaire-news.com Let's Encrypt Authority X3	`2020-09-06` - `2020-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-19` - `2021-07-19`	a year	crt.sh
ipe.ivitrack.com Let's Encrypt Authority X3	`2020-10-07` - `2021-01-05`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2020-09-11` - `2021-09-12`	a year	crt.sh
worker.squadata.net Let's Encrypt Authority X3	`2020-09-15` - `2020-12-14`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Frame ID: 59DA56B9FCDFD967102E023EA88FE909
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

29
Requests

69 %
HTTPS

43 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

521 kB
Transfer

546 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://www.drostatic.com/dromanews/2044_confinement_general/9005.jpg HTTP 301
https://www.drostatic.com/dromanews/2044_confinement_general/9005.jpg

Request Chain 4

http://www.drostatic.com/dromanews/2044_confinement_general/9003.jpg HTTP 301
https://www.drostatic.com/dromanews/2044_confinement_general/9003.jpg

Request Chain 5

http://www.drostatic.com/dromanews/2044_confinement_general/9004.jpg HTTP 301
https://www.drostatic.com/dromanews/2044_confinement_general/9004.jpg

Request Chain 6

http://www.drostatic.com/dromanews/2044_confinement_general/9007.jpg HTTP 301
https://www.drostatic.com/dromanews/2044_confinement_general/9007.jpg

Request Chain 7

http://www.drostatic.com/dromanews/2044_confinement_general/9006.jpg HTTP 301
https://www.drostatic.com/dromanews/2044_confinement_general/9006.jpg

Request Chain 8

http://www.drostatic.com/dromanews/2044_confinement_general/9008.jpg HTTP 301
https://www.drostatic.com/dromanews/2044_confinement_general/9008.jpg

Request Chain 12

http://ipe.drostatic.com/nlo?n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b HTTP 302
https://opn.ivitrack.com/nlo?n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b

Request Chain 22

https://ejp.rlcdn.com/472356.gif?m=9891ad4e3a644c9d420115a23d24180b&n=1 HTTP 307
https://ejp.rlcdn.com/1000.gif?memo=CKTqHBIsCiYIBBAAGiA5ODkxYWQ0ZTNhNjQ0YzlkNDIwMTE1YTIzZDI0MTgwYhCknCIaDQjIg__8BRIFCOgHEABCAEoA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFHM_1OBSd62wHUA1kLwVtk&google_cver=1

Request Chain 24

http://asset.email-match.com/1923/asset?type=IMG&email=9891ad4e3a644c9d420115a23d24180b@md5 HTTP 307
https://asset.email-match.com/1923/asset?type=IMG&email=9891ad4e3a644c9d420115a23d24180b@md5 HTTP 302
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&s=1923&p=1923&known_user=1&m=9891ad4e3a644c9d420115a23d24180b&rand=1604305352.1426

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8 Show response
dromadaire-news.com/i/ 36 KB
7 KB 145ms
80ms Document
text/html 212.6.132.213
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to

Full URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.6.132.213 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS: mta.pf.xqueue.de
Software: nginx /
Resource Hash: 29511c49edda361f7971ce32fd2b6a48cbfce8f59b765e3a5089c6c16164daae

Request headers

Host: dromadaire-news.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Mon, 02 Nov 2020 08:22:31 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 5 KB
595 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,700

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15dbf7f43e6ac3e8d493c691d238099bb0525766413c2700a063a7266fe0c047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Nov 2020 08:22:31 GMT
server: ESF
date: Mon, 02 Nov 2020 08:22:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Nov 2020 08:22:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
518 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:300,400,700

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16422c98d22905705377ae00424392573b4611a89497eaf8fdf7f6027bfb475d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Nov 2020 08:22:31 GMT
server: ESF
date: Mon, 02 Nov 2020 08:22:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Nov 2020 08:22:31 GMT

GET
H2 200 logo_dromadaire.png
www.drostatic.com/dromanews/1925_ete_dc/ 2 KB
3 KB 23ms
19ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/1925_ete_dc/logo_dromadaire.png

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eea45f09e9a7b0b17bbf62124a7aa0381b39b4be65d3b1b45abffdc549a03b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 08:22:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1618931
cf-polished: origFmt=png, origSize=5655
status: 200
content-disposition: inline; filename="logo_dromadaire.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 2468
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Jun 2019 16:03:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d0bae5e-1617"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ihxBVPBX26gQ%2FMc4KgL4XO32U1qaDM%2BkjVMDwMFyK%2BrZuUhtes4mbOQDA8ClL%2Fe4LFjMJVpES1uzQLCJ69sd0x%2FEh3bBx7VX8iDQ7FbL4Zj5EumxD2nQR9Ofd%2FCUYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 0629a60cca00002b2920082000000001
accept-ranges: bytes
cf-ray: 5ebc72c13b5a2b29-FRA
cf-bgj: imgq:100,h2pri

GET
H2

200

9005.jpg
www.drostatic.com/dromanews/2044_confinement_general/
Redirect Chain

http://www.drostatic.com/dromanews/2044_confinement_general/9005.jpg
https://www.drostatic.com/dromanews/2044_confinement_general/9005.jpg

60 KB
61 KB

19ms
18ms

Image
image/webp

2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/2044_confinement_general/9005.jpg

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1c865e544c77d8228c7ea18f95eebbe24833f3a1baf9ac343906a39c001feb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 08:22:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 152491
cf-polished: origFmt=jpeg, origSize=73573
status: 200
content-disposition: inline; filename="9005.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 61550
x-xss-protection: 1; mode=block
last-modified: Sat, 31 Oct 2020 13:58:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f9d6d71-11f65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GYt8KOuj02At5lJmjdPJXJkFO5rw3OpuSMkUrAaaLS%2B6RxjSXHOz4MLB7iCtPuHEtMhEnUF7Cb8wRhSK4jaEf%2BjoMie9EHoogAuuPSUpPVhpICUEjZEMVAnPquPXEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 0629a60d0e00002b29ef04d000000001
accept-ranges: bytes
cf-ray: 5ebc72c1bc852b29-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

Date: Mon, 02 Nov 2020 08:22:31 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=emVVWyGWSdDShcKGGVO6LupSg5crziYH%2FZZMzJmMn99gL9LNfN8I235vslf%2BUxN4MFfFpLOl3ncJ0YI7ltXhU%2BJ775AixYkbQ3LlUg1aS1%2BZZ7JambI7g2GlkPIUzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.drostatic.com/dromanews/2044_confinement_general/9005.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ebc72c14b2b1f15-FRA
cf-request-id: 0629a60cc900001f15959e3000000001
Expires: Mon, 02 Nov 2020 09:22:31 GMT

GET
H2

200

9003.jpg
www.drostatic.com/dromanews/2044_confinement_general/
Redirect Chain

http://www.drostatic.com/dromanews/2044_confinement_general/9003.jpg
https://www.drostatic.com/dromanews/2044_confinement_general/9003.jpg

62 KB
63 KB

12ms
12ms

Image
image/webp

2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/2044_confinement_general/9003.jpg

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91cf7bed9e8e5b7467a5ee8073ef779b4c5f763cefb0434ce8666ebce166490a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 08:22:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 152491
cf-polished: origFmt=jpeg, origSize=77552
status: 200
content-disposition: inline; filename="9003.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 63926
x-xss-protection: 1; mode=block
last-modified: Sat, 31 Oct 2020 13:58:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f9d6d71-12ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ruER6W8kEVmaYK3jU8z2j9w0pZx%2BrdxtNL0DdaXi9uWKJPf0FdeBLdee6gkfmIsxJgJOJTqX6aP9i7s2w5vojlTnCiUbrmgZ6UKYWe7sYU%2BtKw0g3sbO37OLjqWaRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 0629a60d0e00002b29eebf7000000001
accept-ranges: bytes
cf-ray: 5ebc72c1bc842b29-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

Date: Mon, 02 Nov 2020 08:22:31 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yAT2xCt2uRKl3UbMXC9sLkbZmtndQF4EopkTKtDYG1pc1klsVM34NTMB0wjVPr3g2qhXQvI3Zav1SeEKybixGwR%2F6eqKTDF%2FMKLp4Azyu5MXcILchIp1RXiGw5qFLg%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.drostatic.com/dromanews/2044_confinement_general/9003.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ebc72c14a5ddfdf-FRA
cf-request-id: 0629a60cc90000dfdf68198000000001
Expires: Mon, 02 Nov 2020 09:22:31 GMT

GET
H2

200

9004.jpg
www.drostatic.com/dromanews/2044_confinement_general/
Redirect Chain

http://www.drostatic.com/dromanews/2044_confinement_general/9004.jpg
https://www.drostatic.com/dromanews/2044_confinement_general/9004.jpg

78 KB
79 KB

19ms
19ms

Image
image/webp

2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/2044_confinement_general/9004.jpg

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c046ac3006b3ab78cefb0e5b5ae41025ea92583b279590deb3afe7e76bef0e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 08:22:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 152491
cf-polished: origFmt=jpeg, origSize=93835
status: 200
content-disposition: inline; filename="9004.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 80276
x-xss-protection: 1; mode=block
last-modified: Sat, 31 Oct 2020 13:58:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f9d6d71-16e8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CNAToVh8OwYrGFyRLP4sDfjtvGNLb1NGF4YmtfZxIGfYRIFgCRqfdFSCyjqNJBtHglHm%2B0GLcZ6lSyP%2BGWakL5jkMbi%2Fl%2BZNkcmdtsVMQ0qWpVOOaouMNPoTrwT7tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 0629a60d0d00002b29c98b5000000001
accept-ranges: bytes
cf-ray: 5ebc72c1ac822b29-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

Date: Mon, 02 Nov 2020 08:22:31 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fkt7VYE7nLVxp%2BXN5J7rNx5UHmbltvmILV1umlqKhT66EMO0T0Ub8hD4isZJZ7UrYXMA2waKc%2BqDk9p8rAZavcXcDpTG4HvFb1PnTLJ6xSXnuY3x423kxA0alzncSg%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.drostatic.com/dromanews/2044_confinement_general/9004.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ebc72c149641f41-FRA
cf-request-id: 0629a60cc900001f4111b69000000001
Expires: Mon, 02 Nov 2020 09:22:31 GMT

GET
H2

200

9007.jpg
www.drostatic.com/dromanews/2044_confinement_general/
Redirect Chain

http://www.drostatic.com/dromanews/2044_confinement_general/9007.jpg
https://www.drostatic.com/dromanews/2044_confinement_general/9007.jpg

37 KB
38 KB

12ms
12ms

Image
image/webp

2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/2044_confinement_general/9007.jpg

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ec0a443739e05c849000dc5dd84db58e39f9c9d16451e256ff78c4915ffa824

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 08:22:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 152491
cf-polished: origFmt=jpeg, origSize=49870
status: 200
content-disposition: inline; filename="9007.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 37892
x-xss-protection: 1; mode=block
last-modified: Sat, 31 Oct 2020 13:58:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f9d6d72-c2ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9PnRrT4slHgexjqhuZPHbfpjhrMeYV7mOXxwa7IvZCRQvAhtoxXM2NulHOzmeSSM1%2BNRbtaWfbvjyE0wS2bky9L46fOgepCq4alirqYnPjPyzTYzpluqmxoppEdWxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 0629a60d1000002b29c58d0000000001
accept-ranges: bytes
cf-ray: 5ebc72c1bc8c2b29-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

Date: Mon, 02 Nov 2020 08:22:31 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EDZ1UV0y2spLTxBoGSUOwFg%2FrDgTQAm0tH2zbPbfSOIgGqqyUFJ85qq%2Fc7cS5xA0gACLgi%2FvAYa8qMrOxFXI7ucPMQ2vbcGsXWPTc6gzzMywfL3BDPACPs9mWo2LgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.drostatic.com/dromanews/2044_confinement_general/9007.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ebc72c14cca05fd-FRA
cf-request-id: 0629a60cce000005fdae8a3000000001
Expires: Mon, 02 Nov 2020 09:22:31 GMT

GET
H2

200

9006.jpg
www.drostatic.com/dromanews/2044_confinement_general/
Redirect Chain

http://www.drostatic.com/dromanews/2044_confinement_general/9006.jpg
https://www.drostatic.com/dromanews/2044_confinement_general/9006.jpg

82 KB
82 KB

14ms
13ms

Image
image/jpeg

2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/2044_confinement_general/9006.jpg

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e030b4505af59377d2b6afae9fb5aa088092b9b49c6b15f714afef3031cd290

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 08:22:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 152491
cf-polished: origSize=91424, status=webp_bigger
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 83463
x-xss-protection: 1; mode=block
last-modified: Sat, 31 Oct 2020 13:58:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f9d6d71-16520"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WSikZCgnbDERGfzeTc7um45utb54QI24bmPFbLc7Bjqo%2Folft5wL4%2B%2FdSJ6yXMWGUpRU%2Fk2L%2FGmwPoC3XOfhMPXvoNrAa7jBMJJebCtHzuraQoqiCt%2FKCNESKlRVwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 0629a60d0e00002b2914a8d000000001
accept-ranges: bytes
cf-ray: 5ebc72c1ac832b29-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

Date: Mon, 02 Nov 2020 08:22:31 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WhOV24ZS1JgI%2B9ESfEy6VbPGoL6TYjjmsLKE9bhrgg%2BI6t3zWRXKmmKQmbXDA5i929WKSS0z4rp57bRkPKWxaRin5dgqbpYkqvxyXg3Fs4e7sjkVIvyTCwg0dmoHeg%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.drostatic.com/dromanews/2044_confinement_general/9006.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ebc72c14d6c2bf6-FRA
cf-request-id: 0629a60cc900002bf6f583e000000001
Expires: Mon, 02 Nov 2020 09:22:31 GMT

GET
H2

200

9008.jpg
www.drostatic.com/dromanews/2044_confinement_general/
Redirect Chain

http://www.drostatic.com/dromanews/2044_confinement_general/9008.jpg
https://www.drostatic.com/dromanews/2044_confinement_general/9008.jpg

27 KB
28 KB

12ms
12ms

Image
image/webp

2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/2044_confinement_general/9008.jpg

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58d28b44bd8c29054f3c22a77652c999c27c8fba72d95f32930a76d9bc831663

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 08:22:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 152491
cf-polished: origFmt=jpeg, origSize=48379
status: 200
content-disposition: inline; filename="9008.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 28110
x-xss-protection: 1; mode=block
last-modified: Sat, 31 Oct 2020 13:58:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f9d6d71-bcfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D2Wck%2FIi8lydrBlmDsE3eN06bq3PI6%2FcQPHNcLse5smmYtIPyblfp7dCyImyxQbsMMKwa56%2F4H2pQO8Zs69a4q%2FFIHICv9%2BanzUwy15yKohWpbK3c9yWWXzOnMm1Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 0629a60d1000002b29b3ab5000000001
accept-ranges: bytes
cf-ray: 5ebc72c1bc8b2b29-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

Date: Mon, 02 Nov 2020 08:22:31 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SpnPP33ElGsjDvihobKT5GuiDdWFIoIG%2B0UoY2RzN49H9frZ6HmLjDLk6R61KEri5VBCZypYi7yp2Qw%2BDVbtjnTye04wOgTX6a8oBCiVgwVqOymgeF%2BcNUl3TJY12A%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://www.drostatic.com/dromanews/2044_confinement_general/9008.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5ebc72c14f522bdd-FRA
cf-request-id: 0629a60cc900002bdd8a3a0000000001
Expires: Mon, 02 Nov 2020 09:22:31 GMT

GET
H2 200 fb.gif
www.drostatic.com/dromanews/1839_bonjour/images/ 712 B
1 KB 24ms
21ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/1839_bonjour/images/fb.gif

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f5aad150d5709247ef3f571b115f53894089b140dfa2af17569a70a634a2269

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 08:22:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 998935
cf-polished: origFmt=gif, origSize=2432
status: 200
content-disposition: inline; filename="fb.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 712
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Sep 2018 08:54:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5bac9ab7-980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tjYxTTwqbmylESj9KsN3uditVznCGGj2ZjTnGRuUE%2F7E8eV%2B5klulg77IuIlahswoiwDoc%2FGMJelI4f5sd%2BAJpiy%2B0JNG%2B%2F2oQWqktAKjt9PTMqkpudKf8yTale37w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 0629a60ccb00002b29d60e3000000001
accept-ranges: bytes
cf-ray: 5ebc72c13b652b29-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 insta.gif
www.drostatic.com/dromanews/1839_bonjour/images/ 836 B
1 KB 24ms
22ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/1839_bonjour/images/insta.gif

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5040356f72a6f0096d7ecc72e1143de5c39ac8dd324a60f28cde1a7098ab5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 08:22:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1000316
cf-polished: origFmt=gif, origSize=2478
status: 200
content-disposition: inline; filename="insta.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 836
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Sep 2018 08:54:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5bac9ab7-9ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zzUou%2Bf%2B4nQpY00HwnWwF7mNhGPaYae%2Bos%2B9cRVQwZVNPDgt%2BIQRTfWZJB01bnocIs%2FqJG5FLOXXorjhUD7YOzGShorYL0MoPNLr3zWHhRLwe%2FHvuc8nQg7PnfHxZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 0629a60ccb00002b29000ca000000001
accept-ranges: bytes
cf-ray: 5ebc72c13b662b29-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 twit.gif
www.drostatic.com/dromanews/1839_bonjour/images/ 830 B
1 KB 24ms
21ms Image
image/webp 2606:4700:20::681a:8c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.drostatic.com/dromanews/1839_bonjour/images/twit.gif

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50707c8b2af83df982c3d503732cf0e56a9b5971fc56723696e1c21889402312

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 08:22:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1619965
cf-polished: origFmt=gif, origSize=2483
status: 200
content-disposition: inline; filename="twit.webp"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 830
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Sep 2018 09:26:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5baca247-9b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SSIvmYSrZ%2B9Z3TNnK%2BWSrN%2BhV5420ozXrkan9j6XN%2BT4B0ZDutIL1Tf1AHYefoLFZiG2MXZJH5L3o1WTcxUHeT6wV6lk%2FsvvFzusxH%2F%2FNTsR%2FCIJMahnZ9krzzZoIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors self
cf-request-id: 0629a60ccb00002b29ca275000000001
accept-ranges: bytes
cf-ray: 5ebc72c13b672b29-FRA
cf-bgj: imgq:100,h2pri

GET
H2

200

nlo
opn.ivitrack.com/
Redirect Chain

http://ipe.drostatic.com/nlo?n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b
https://opn.ivitrack.com/nlo?n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b

42 B
266 B

97ms
32ms

Image
image/gif

62.210.221.54
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opn.ivitrack.com/nlo?n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.210.221.54 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: nocache
date: Mon, 02 Nov 2020 08:22:32 GMT
server: nginx/1.15.6
content-type: image/gif
status: 200
cache-control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
x-ivi-hostname: programmatic-api-bf8c7874d-52zhq
content-length: 42
expires: Fri, 24 Oct 1980 17:30:00 GMT

Redirect headers

Location: https://opn.ivitrack.com/nlo?n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b
Date: Mon, 02 Nov 2020 08:22:31 GMT
Server: nginx/1.15.6
Connection: keep-alive
X-Ivi-Hostname: programmatic-api-bf8c7874d-52zhq
Content-Length: 117
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK nlp
ipe.drostatic.com/ 42 B
390 B 189ms
174ms Image
image/gif 62.210.221.53
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ipe.drostatic.com/nlp?p=1&n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: HTTP/1.1
Server: 62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: nocache
Date: Mon, 02 Nov 2020 08:22:32 GMT
Server: nginx/1.15.6
Content-Type: image/gif
Cache-Control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection: keep-alive
X-Ivi-Hostname: programmatic-api-bf8c7874d-52zhq
Content-Length: 42
Expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H/1.1 200
OK nlp
ipe.drostatic.com/ 42 B
390 B 188ms
173ms Image
image/gif 62.210.221.53
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ipe.drostatic.com/nlp?p=2&n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: HTTP/1.1
Server: 62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: nocache
Date: Mon, 02 Nov 2020 08:22:32 GMT
Server: nginx/1.15.6
Content-Type: image/gif
Cache-Control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection: keep-alive
X-Ivi-Hostname: programmatic-api-bf8c7874d-52zhq
Content-Length: 42
Expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H/1.1 200
OK nlp
ipe.drostatic.com/ 42 B
390 B 183ms
168ms Image
image/gif 62.210.221.53
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ipe.drostatic.com/nlp?p=3&n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: HTTP/1.1
Server: 62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: nocache
Date: Mon, 02 Nov 2020 08:22:32 GMT
Server: nginx/1.15.6
Content-Type: image/gif
Cache-Control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection: keep-alive
X-Ivi-Hostname: programmatic-api-bf8c7874d-52zhq
Content-Length: 42
Expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H/1.1 200
OK nlp
ipe.drostatic.com/ 42 B
390 B 126ms
123ms Image
image/gif 62.210.221.53
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ipe.drostatic.com/nlp?p=4&n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: HTTP/1.1
Server: 62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: nocache
Date: Mon, 02 Nov 2020 08:22:32 GMT
Server: nginx/1.15.6
Content-Type: image/gif
Cache-Control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection: keep-alive
X-Ivi-Hostname: programmatic-api-bf8c7874d-52zhq
Content-Length: 42
Expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H/1.1 200
OK nlai
ipe.drostatic.com/ 42 B
390 B 127ms
111ms Image
image/gif 62.210.221.53
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ipe.drostatic.com/nlai?n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: HTTP/1.1
Server: 62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: nocache
Date: Mon, 02 Nov 2020 08:22:32 GMT
Server: nginx/1.15.6
Content-Type: image/gif
Cache-Control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection: keep-alive
X-Ivi-Hostname: programmatic-api-bf8c7874d-52zhq
Content-Length: 42
Expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H/1.1 200
OK nli
ipe.drostatic.com/ 40 KB
40 KB 69ms
54ms Image
image/png 62.210.221.53
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ipe.drostatic.com/nli?n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: HTTP/1.1
Server: 62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash: 6c42129d0f07caf30a3f21d9ef59af2e4215f1b0fc5828ebf28b6331bba94a0a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: nocache
Date: Mon, 02 Nov 2020 08:22:32 GMT
Server: nginx/1.15.6
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
X-Ivi-Renderer: 10.3.0.100
Connection: keep-alive
X-Ivi-Hostname: programmatic-api-bf8c7874d-52zhq
Expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H/1.1 200
OK nli
ipe.drostatic.com/ 40 KB
40 KB 35ms
35ms Image
image/png 62.210.221.53
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ipe.drostatic.com/nli?n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b&o=0&alt=small
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: HTTP/1.1
Server: 62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash: 8d3f50414aeb2aed6fed283dff6de05039e8130472977be365b5ebb27a5d198d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: nocache
Date: Mon, 02 Nov 2020 08:22:32 GMT
Server: nginx/1.15.6
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
X-Ivi-Renderer: 10.3.0.100
Connection: keep-alive
X-Ivi-Hostname: programmatic-api-bf8c7874d-52zhq
Expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H/1.1 200
OK nlpi
ipe.drostatic.com/ 731 B
1 KB 39ms
39ms Image
image/png 62.210.221.53
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ipe.drostatic.com/nlpi?n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: HTTP/1.1
Server: 62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash: 923a321ba9bc74901bdf88ab3abd04064fb0c1ed89033d851b0f5ac9c90ecf76

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: nocache
Date: Mon, 02 Nov 2020 08:22:32 GMT
Server: nginx/1.15.6
Content-Type: image/png
Cache-Control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection: keep-alive
X-Ivi-Hostname: programmatic-api-bf8c7874d-52zhq
Content-Length: 731
Expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H/1.1 200
OK nlsi
ipe.drostatic.com/ 42 B
390 B 37ms
36ms Image
image/gif 62.210.221.53
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ipe.drostatic.com/nlsi?n=5d971a124d4be10001b0dfd9&h=9891ad4e3a644c9d420115a23d24180b&o=0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: HTTP/1.1
Server: 62.210.221.53 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software: nginx/1.15.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: nocache
Date: Mon, 02 Nov 2020 08:22:32 GMT
Server: nginx/1.15.6
Content-Type: image/gif
Cache-Control: no-store, no-cache, max-age=0, max-stale=0, must-revalidate, proxy-revalidate
Connection: keep-alive
X-Ivi-Hostname: programmatic-api-bf8c7874d-52zhq
Content-Length: 42
Expires: Fri, 24 Oct 1980 17:30:00 GMT

GET
H2

200

362358.gif
idsync.rlcdn.com/
Redirect Chain

https://ejp.rlcdn.com/472356.gif?m=9891ad4e3a644c9d420115a23d24180b&n=1
https://ejp.rlcdn.com/1000.gif?memo=CKTqHBIsCiYIBBAAGiA5ODkxYWQ0ZTNhNjQ0YzlkNDIwMTE1YTIzZDI0MTgwYhCknCIaDQjIg__8BRIFCOgHEABCAEoA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFHM_1OBSd62wHUA1kLwVtk&google_cver=1

42 B
412 B

32ms
31ms

Image
image/gif

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFHM_1OBSd62wHUA1kLwVtk&google_cver=1
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Nov 2020 08:22:32 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 200
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 02 Nov 2020 08:22:32 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFHM_1OBSd62wHUA1kLwVtk&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ 35 B
347 B 153ms
59ms Image
image/gif 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.leadplace.fr/wckr.php?id=AVT1&tracker=OE&id3rd=9891ad4e3a644c9d420115a23d24180b
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 08:22:32 GMT
Server: nginx/1.14.2
X-IPLB-Instance: 30195
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1

200
OK

collect_v2.img.php
asset.easydmp.net/
Redirect Chain

http://asset.email-match.com/1923/asset?type=IMG&email=9891ad4e3a644c9d420115a23d24180b@md5
https://asset.email-match.com/1923/asset?type=IMG&email=9891ad4e3a644c9d420115a23d24180b@md5
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&s=1923&p=1923&known_user=1&m=9891ad4e3a644c9d420115a23d24180b&rand=1604305352.1426

43 B
715 B

206ms
35ms

Image
image/gif

145.239.193.53
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&s=1923&p=1923&known_user=1&m=9891ad4e3a644c9d420115a23d24180b&rand=1604305352.1426

Requested by

Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.53 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 08:22:32 GMT
X-IPLB-Request-ID: B9D4AB43:BBC4_91EFC135:01BB_5F9FC1C8_43877A7:18104
X-IPLB-Instance: 24041
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control: no-store, no-cache
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Date: Mon, 02 Nov 2020 08:22:32 GMT
X-IPLB-Request-ID: B9D4AB43:7B2E_91EFC067:01BB_5F9FC1C8_4454BF:F25B
X-IPLB-Instance: 37129
Strict-Transport-Security: max-age=31536000
P3P: CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Location: https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&s=1923&p=1923&known_user=1&m=9891ad4e3a644c9d420115a23d24180b&rand=1604305352.1426
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK U9zstFcmJZSzQWkHz79V7MFNH1bOH6iisXRKn9KgtI0
dromadaire-news.com/i/ 43 B
219 B 24ms
24ms Image
image/gif 212.6.132.213
CLARANET-AS Clara...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dromadaire-news.com/i/U9zstFcmJZSzQWkHz79V7MFNH1bOH6iisXRKn9KgtI0
Requested by: Host: dromadaire-news.com
URL: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.6.132.213 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS: mta.pf.xqueue.de
Software: nginx /
Resource Hash: c3c1dac8f82f21809c1a15cf9c6b6a82ae1b2005b6d9693407c9480a44500dc0

Request headers

Referer: https://dromadaire-news.com/i/K_BPW0WAe_OWialz3LDD83R5mU9zlr5KJ1o4mRNbod8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 02 Nov 2020 08:22:31 GMT
Cache-Control: no-cache, max-age=0
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v8/ 44 KB
44 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v8/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbfcf009369ed480448ca6b89f9586d80ecc4d150fbe317db5a27ad43617a8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dromadaire-news.com
Referer: https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 31 Oct 2020 13:12:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:42:54 GMT
server: sffe
age: 155414
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45196
x-xss-protection: 0
expires: Sun, 31 Oct 2021 13:12:17 GMT

GET
H3-Q050 200 6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v21/ 26 KB
26 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:300,400,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://dromadaire-news.com
Referer: https://fonts.googleapis.com/css?family=Quicksand:300,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 04:33:08 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:43:58 GMT
server: sffe
age: 359363
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26160
x-xss-protection: 0
expires: Fri, 29 Oct 2021 04:33:08 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asset.easydmp.net
asset.email-match.com
cm.g.doubleclick.net
dromadaire-news.com
ejp.rlcdn.com
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
ipe.drostatic.com
opn.ivitrack.com
tag.leadplace.fr
www.drostatic.com
145.239.192.103
145.239.192.166
145.239.193.53
172.217.16.162
212.6.132.213
2606:4700:20::681a:8c0
2606:4700:20::681a:9c0
2a00:1450:4001:815::2003
2a00:1450:4001:818::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:820::200a
34.120.207.148
62.210.221.53
62.210.221.54
15dbf7f43e6ac3e8d493c691d238099bb0525766413c2700a063a7266fe0c047
16422c98d22905705377ae00424392573b4611a89497eaf8fdf7f6027bfb475d
1f5aad150d5709247ef3f571b115f53894089b140dfa2af17569a70a634a2269
29511c49edda361f7971ce32fd2b6a48cbfce8f59b765e3a5089c6c16164daae
2e030b4505af59377d2b6afae9fb5aa088092b9b49c6b15f714afef3031cd290
3d1c865e544c77d8228c7ea18f95eebbe24833f3a1baf9ac343906a39c001feb
50707c8b2af83df982c3d503732cf0e56a9b5971fc56723696e1c21889402312
58d28b44bd8c29054f3c22a77652c999c27c8fba72d95f32930a76d9bc831663
5ec0a443739e05c849000dc5dd84db58e39f9c9d16451e256ff78c4915ffa824
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6c42129d0f07caf30a3f21d9ef59af2e4215f1b0fc5828ebf28b6331bba94a0a
6f5040356f72a6f0096d7ecc72e1143de5c39ac8dd324a60f28cde1a7098ab5f
8d3f50414aeb2aed6fed283dff6de05039e8130472977be365b5ebb27a5d198d
8eea45f09e9a7b0b17bbf62124a7aa0381b39b4be65d3b1b45abffdc549a03b6
91cf7bed9e8e5b7467a5ee8073ef779b4c5f763cefb0434ce8666ebce166490a
923a321ba9bc74901bdf88ab3abd04064fb0c1ed89033d851b0f5ac9c90ecf76
9c046ac3006b3ab78cefb0e5b5ae41025ea92583b279590deb3afe7e76bef0e2
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
c3c1dac8f82f21809c1a15cf9c6b6a82ae1b2005b6d9693407c9480a44500dc0
cbfcf009369ed480448ca6b89f9586d80ecc4d150fbe317db5a27ad43617a8c8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

dromadaire-news.com Open in urlscan Pro 212.6.132.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

29 Requests

69 %HTTPS

43 %IPv6

10 Domains

12 Subdomains

10 IPs

3 Countries

521 kBTransfer

546 kBSize

0 Cookies

0 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

dromadaire-news.com Open in urlscan Pro
212.6.132.213 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

69 %
HTTPS

43 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

521 kB
Transfer

546 kB
Size

0
Cookies

29 HTTP transactions
0 data transactions