Submitted URL: https://ml.femmeactuelle-news.fr/l2/78v6oK8Ow1/5508459/2792048102.html
Effective URL: http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
Submission: On May 02 via api from CH

Summary

This website contacted 11 IPs in 6 countries across 14 domains to perform 19 HTTP transactions. The main IP is 2a00:1450:4001:80e::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is dm.femmeactuelle-news.fr.
This is the only time dm.femmeactuelle-news.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 91.190.170.11 31688 (SPLIO-AS)
1 7 2a00:1450:400... 15169 (GOOGLE)
5 7 35.244.174.68 15169 (GOOGLE)
6 6 142.250.186.34 15169 (GOOGLE)
1 2 35.233.127.42 15169 (GOOGLE)
1 145.239.193.53 16276 (OVH)
2 4 52.211.98.143 16509 (AMAZON-02)
1 1 54.194.46.76 16509 (AMAZON-02)
1 52.212.235.121 16509 (AMAZON-02)
14 14 51.75.14.249 16276 (OVH)
4 4 185.33.221.11 29990 (ASN-APPNEX)
2 69.173.144.165 26667 (RUBICONPR...)
1 1 51.15.145.115 12876 (Online SAS)
1 2 212.129.3.113 12876 (Online SAS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 11
Domain Requested by
8 prisma-tr.prismamedia.com 8 redirects
6 dm.femmeactuelle-news.fr 1 redirects redirect.femmeactuelle-news.fr
dm.femmeactuelle-news.fr
6 cookie-matching.mediarithmics.com 6 redirects
6 cm.g.doubleclick.net 6 redirects
5 ejp.rlcdn.com 5 redirects
4 ib.adnxs.com 4 redirects
4 er.cloud-media.fr 2 redirects
2 www.google-analytics.com dm.femmeactuelle-news.fr
www.google-analytics.com
2 js.sddan.com 1 redirects
2 token.rubiconproject.com
2 idsync.rlcdn.com
1 sir.femmeactuelle-news.fr 1 redirects
1 notify.adleadevent.com
1 ntf.bases-femmeactuelle.com 1 redirects
1 asset.easydmp.net redirect.femmeactuelle-news.fr
1 clk.eu.ivitrack.com
1 ipe.femmeactuelle-news.fr 1 redirects
1 redirect.femmeactuelle-news.fr
1 ml.femmeactuelle-news.fr
19 19

This site contains links to these domains. Also see Links.

Domain
prisma.pref-center.com
Subject Issuer Validity Valid
ml.femmeactuelle-news.fr
R3
2021-04-27 -
2021-07-26
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
clk.europe-west1.ivitrack.com
R3
2021-03-09 -
2021-06-07
3 months crt.sh
asset.easy-gain75.com
R3
2021-03-14 -
2021-06-12
3 months crt.sh
*.cmrt.io
Amazon
2020-09-13 -
2021-10-13
a year crt.sh
*.adleadevent.com
Amazon
2020-09-01 -
2021-10-01
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2020-12-18 -
2022-01-18
a year crt.sh
*.sddan.com
RapidSSL RSA CA 2018
2020-02-17 -
2022-05-18
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh

This page contains 1 frames:

Primary Page: http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
Frame ID: AA9033104117CC31770B1BE42207040B
Requests: 19 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://ml.femmeactuelle-news.fr/l2/78v6oK8Ow1/5508459/2792048102.html Page URL
  2. http://redirect.femmeactuelle-news.fr/P-356717-081b3cdbbeff0e58af3b854f0b676df3-0-164/?cl=1&n=1&l=o&u=http%3A%2F%2... Page URL
  3. http://dm.femmeactuelle-news.fr/?n=1&i=$md5_id$&e=michele.sautier@orange.fr&t=$titre_id$&c=356717 HTTP 302
    http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

19
Requests

68 %
HTTPS

19 %
IPv6

14
Domains

19
Subdomains

11
IPs

6
Countries

371 kB
Transfer

478 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ml.femmeactuelle-news.fr/l2/78v6oK8Ow1/5508459/2792048102.html Page URL
  2. http://redirect.femmeactuelle-news.fr/P-356717-081b3cdbbeff0e58af3b854f0b676df3-0-164/?cl=1&n=1&l=o&u=http%3A%2F%2Fdm.femmeactuelle-news.fr%2F%3Fn%3D1%26i%3D$md5_id$%26e%3Dmichele.sautier%40orange.fr%26t%3D$titre_id$%26c%3D356717 Page URL
  3. http://dm.femmeactuelle-news.fr/?n=1&i=$md5_id$&e=michele.sautier@orange.fr&t=$titre_id$&c=356717 HTTP 302
    http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://ejp.rlcdn.com/468506.gif?m=081b3cdbbeff0e58af3b854f0b676df3&n=1 HTTP 301
  • https://ejp.rlcdn.com/468506.gif?m=081b3cdbbeff0e58af3b854f0b676df3&n=1 HTTP 307
  • https://ejp.rlcdn.com/1000.gif?memo=CJrMHBIsCiYIBBAAGiAwODFiM2NkYmJlZmYwZTU4YWYzYjg1NGYwYjY3NmRmMxD6_CEaDQj_sriEBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFcEramStd8l_dvnNSmgXH4&google_cver=1
Request Chain 3
  • http://ejp.rlcdn.com/468526.gif?m=081b3cdbbeff0e58af3b854f0b676df3&n=1 HTTP 301
  • https://ejp.rlcdn.com/468526.gif?m=081b3cdbbeff0e58af3b854f0b676df3&n=1 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESED5mRMK_MiibJY2tyAfjVrI&google_cver=1
Request Chain 4
  • http://ipe.femmeactuelle-news.fr/t/57c8004b1021c2c579d0139e/touch.gif?n=5fbd1e3a0d0d2dc4db1d45bc&h=081b3cdbbeff0e58af3b854f0b676df3 HTTP 302
  • https://clk.eu.ivitrack.com/t/57c8004b1021c2c579d0139e/touch.gif?n=5fbd1e3a0d0d2dc4db1d45bc&h=081b3cdbbeff0e58af3b854f0b676df3
Request Chain 6
  • https://er.cloud-media.fr/r/081b3cdbbeff0e58af3b854f0b676df3/3e19567e-6d0a-4246-aacf-4508ce0683bd HTTP 302
  • https://er.cloud-media.fr/c/081b3cdbbeff0e58af3b854f0b676df3/3e19567e-6d0a-4246-aacf-4508ce0683bd
Request Chain 7
  • https://er.cloud-media.fr/r/081b3cdbbeff0e58af3b854f0b676df3/dbf051 HTTP 302
  • https://er.cloud-media.fr/c/081b3cdbbeff0e58af3b854f0b676df3/dbf051
Request Chain 8
  • https://ntf.bases-femmeactuelle.com/adtckrtg.gif?ids=2422&s=2490&hash=081b3cdbbeff0e58af3b854f0b676df3&hash256= HTTP 301
  • https://notify.adleadevent.com/adtckrtg.gif?ids=2422&s=2490&hash=081b3cdbbeff0e58af3b854f0b676df3&hash256=
Request Chain 9
  • https://prisma-tr.prismamedia.com/v1/touches/pixel?$ev=$email_click&$dat_token=gpm-v2&$email_hash=081b3cdbbeff0e58af3b854f0b676df3&brand=Femme%20Actuelle&thematic=NL%20FAC%20Quotidienne HTTP 303
  • https://prisma-tr.prismamedia.com/v1/check_cookie/pixel?$chk=0edd7ca2-0a6d-4412-9ad7-887c596138f6&$etid=&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62&$fmt=px&$dat_token=gpm-v2 HTTP 303
  • https://prisma-tr.prismamedia.com/v1/update_mapping/pixel?$etid=&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62&$fmt=px&$dat_token=gpm-v2 HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?etid=&domid=1035&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62&$fmt=px&$dat_token=gpm-v2 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx&google_gid=CAESEMnXvjF_hhsl2fnCrq8lJZg&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEMnXvjF_hhsl2fnCrq8lJZg&$dat_token=gpm-v2&$fmt=px&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62&action=GET_ID&etid=&domid=1035 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEMnXvjF_hhsl2fnCrq8lJZg%26%24dat_token%3Dgpm-v2%26%24fmt%3Dpx%26%24stgid%3D7c7ab871-458e-4db1-acbf-b839c7f94a62%26action%3DGET_ID%26etid%3D%26domid%3D1035 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7624521396711004372&opid=apx&ops=&utidl=tech:goo:CAESEMnXvjF_hhsl2fnCrq8lJZg&$dat_token=gpm-v2&$fmt=px&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62&action=GET_ID&etid=&domid=1035 HTTP 303
  • https://prisma-tr.prismamedia.com/v1/set_id?vid=vec%3A17245184688&lts=1619925375613&uaid=&sig=c26713542d135416faaa9e5124b301d0ee6dcd8b&d=false&$dat_token=gpm-v2&$fmt=px&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62 HTTP 303
  • https://token.rubiconproject.com/token?pid=33156&puid=vec%3A17245184688
Request Chain 10
  • https://prisma-tr.prismamedia.com/v1/touches/pixel?$ev=$email_click&$dat_token=gpm-v2&$email_hash=081b3cdbbeff0e58af3b854f0b676df3&brand=PART%20Prisma HTTP 303
  • https://prisma-tr.prismamedia.com/v1/check_cookie/pixel?$chk=4713e6b8-ad8c-4a11-9988-70cdf5b0a50e&$etid=&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2&$fmt=px&$dat_token=gpm-v2 HTTP 303
  • https://prisma-tr.prismamedia.com/v1/update_mapping/pixel?$etid=&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2&$fmt=px&$dat_token=gpm-v2 HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?etid=&domid=1035&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2&$fmt=px&$dat_token=gpm-v2 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx&google_gid=CAESEMnXvjF_hhsl2fnCrq8lJZg&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEMnXvjF_hhsl2fnCrq8lJZg&$dat_token=gpm-v2&$fmt=px&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2&action=GET_ID&etid=&domid=1035 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEMnXvjF_hhsl2fnCrq8lJZg%26%24dat_token%3Dgpm-v2%26%24fmt%3Dpx%26%24stgid%3D1a035fcd-1578-4b45-936f-41ab4d0523f2%26action%3DGET_ID%26etid%3D%26domid%3D1035 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8134631377623467398&opid=apx&ops=&utidl=tech:goo:CAESEMnXvjF_hhsl2fnCrq8lJZg&$dat_token=gpm-v2&$fmt=px&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2&action=GET_ID&etid=&domid=1035 HTTP 303
  • https://prisma-tr.prismamedia.com/v1/set_id?vid=vec%3A17245184688&lts=1619925375651&uaid=&sig=78a15d12becc68044a88460f8b81967e2e275de9&d=false&$dat_token=gpm-v2&$fmt=px&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2 HTTP 303
  • https://token.rubiconproject.com/token?pid=33156&puid=vec%3A17245184688
Request Chain 11
  • https://sir.femmeactuelle-news.fr/HDM.d?pa=22594&si=2&hd_m=081b3cdbbeff0e58af3b854f0b676df3&hd_s256= HTTP 301
  • https://js.sddan.com/HDM.d?pa=22594&si=2&hd_m=081b3cdbbeff0e58af3b854f0b676df3&hd_s256= HTTP 307
  • https://js.sddan.com/HDM.d?pa=22594&si=2&hd_m=081b3cdbbeff0e58af3b854f0b676df3&hd_s256=&bounce=1

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
2792048102.html
ml.femmeactuelle-news.fr/l2/78v6oK8Ow1/5508459/
314 B
664 B
Document
General
Full URL
https://ml.femmeactuelle-news.fr/l2/78v6oK8Ow1/5508459/2792048102.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.190.170.11 , France, ASN31688 (SPLIO-AS, FR),
Reverse DNS
s3s.fr
Software
Apache /
Resource Hash
b8800c13e3a960635112fc06d9cdc154fb025fcfb022adb65a4ce8673d34c8cf

Request headers

Host
ml.femmeactuelle-news.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 02 May 2021 03:16:14 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
Mon, 01 Jan 1990 00:00:00 GMT
X-Robots-Tag
noindex,nofollow
P3P
policyref="http://s3s.fr/w3c/p3p.xml", CP="ALL DSP COR DEV IVD CON OUR NOR UNI PUR NAV STA"
Content-Length
314
Connection
close
Content-Type
text/html
/
redirect.femmeactuelle-news.fr/P-356717-081b3cdbbeff0e58af3b854f0b676df3-0-164/
3 KB
1 KB
Document
General
Full URL
http://redirect.femmeactuelle-news.fr/P-356717-081b3cdbbeff0e58af3b854f0b676df3-0-164/?cl=1&n=1&l=o&u=http%3A%2F%2Fdm.femmeactuelle-news.fr%2F%3Fn%3D1%26i%3D$md5_id$%26e%3Dmichele.sautier%40orange.fr%26t%3D$titre_id$%26c%3D356717
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
3b7003282c60253f3b785cc3d10e12deb49e379696579ec8e90983848826e07e

Request headers

Host
redirect.femmeactuelle-news.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 02 May 2021 03:16:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Server
nginx
Vary
Accept-Encoding
Refresh
0.500000; url=http://dm.femmeactuelle-news.fr/?n=1&i=$md5_id$&e=michele.sautier@orange.fr&t=$titre_id$&c=356717
Content-Encoding
gzip
Via
1.1 google
362358.gif
idsync.rlcdn.com/
Redirect Chain
  • http://ejp.rlcdn.com/468506.gif?m=081b3cdbbeff0e58af3b854f0b676df3&n=1
  • https://ejp.rlcdn.com/468506.gif?m=081b3cdbbeff0e58af3b854f0b676df3&n=1
  • https://ejp.rlcdn.com/1000.gif?memo=CJrMHBIsCiYIBBAAGiAwODFiM2NkYmJlZmYwZTU4YWYzYjg1NGYwYjY3NmRmMxD6_CEaDQj_sriEBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFcEramStd8l_dvnNSmgXH4&google_cver=1
42 B
375 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFcEramStd8l_dvnNSmgXH4&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 May 2021 03:16:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 02 May 2021 03:16:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFcEramStd8l_dvnNSmgXH4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362358.gif
idsync.rlcdn.com/
Redirect Chain
  • http://ejp.rlcdn.com/468526.gif?m=081b3cdbbeff0e58af3b854f0b676df3&n=1
  • https://ejp.rlcdn.com/468526.gif?m=081b3cdbbeff0e58af3b854f0b676df3&n=1
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESED5mRMK_MiibJY2tyAfjVrI&google_cver=1
42 B
386 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESED5mRMK_MiibJY2tyAfjVrI&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 May 2021 03:16:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 02 May 2021 03:16:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESED5mRMK_MiibJY2tyAfjVrI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
touch.gif
clk.eu.ivitrack.com/t/57c8004b1021c2c579d0139e/
Redirect Chain
  • http://ipe.femmeactuelle-news.fr/t/57c8004b1021c2c579d0139e/touch.gif?n=5fbd1e3a0d0d2dc4db1d45bc&h=081b3cdbbeff0e58af3b854f0b676df3
  • https://clk.eu.ivitrack.com/t/57c8004b1021c2c579d0139e/touch.gif?n=5fbd1e3a0d0d2dc4db1d45bc&h=081b3cdbbeff0e58af3b854f0b676df3
42 B
385 B
Image
General
Full URL
https://clk.eu.ivitrack.com/t/57c8004b1021c2c579d0139e/touch.gif?n=5fbd1e3a0d0d2dc4db1d45bc&h=081b3cdbbeff0e58af3b854f0b676df3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.233.127.42 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Referer
http://redirect.femmeactuelle-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 03:16:14 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
x-ivi-hostname
programmatic-api-stable-7f5bb8867c-cqzxr
content-length
42
content-type
image/gif

Redirect headers

location
https://clk.eu.ivitrack.com/t/57c8004b1021c2c579d0139e/touch.gif?n=5fbd1e3a0d0d2dc4db1d45bc&h=081b3cdbbeff0e58af3b854f0b676df3
date
Sun, 02 May 2021 03:16:14 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
x-ivi-hostname
programmatic-api-stable-7f5bb8867c-cqzxr
content-length
153
content-type
text/html; charset=utf-8
collect_v2.img.php
asset.easydmp.net/
43 B
714 B
Image
General
Full URL
https://asset.easydmp.net/collect_v2.img.php?dmp=emdmpeasy&p=1736&s=1736&m=081b3cdbbeff0e58af3b854f0b676df3&email_sha256=
Requested by
Host: redirect.femmeactuelle-news.fr
URL: http://redirect.femmeactuelle-news.fr/P-356717-081b3cdbbeff0e58af3b854f0b676df3-0-164/?cl=1&n=1&l=o&u=http%3A%2F%2Fdm.femmeactuelle-news.fr%2F%3Fn%3D1%26i%3D$md5_id$%26e%3Dmichele.sautier%40orange.fr%26t%3D$titre_id$%26c%3D356717
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://redirect.femmeactuelle-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 02 May 2021 03:16:15 GMT
X-IPLB-Request-ID
C3F2D573:67B0_91EFC135:01BB_608E197F_1F5E398:2D4F
X-IPLB-Instance
36820
Strict-Transport-Security
max-age=31536000
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control
no-store, no-cache
Transfer-Encoding
chunked
Content-Type
image/gif
3e19567e-6d0a-4246-aacf-4508ce0683bd
er.cloud-media.fr/c/081b3cdbbeff0e58af3b854f0b676df3/
Redirect Chain
  • https://er.cloud-media.fr/r/081b3cdbbeff0e58af3b854f0b676df3/3e19567e-6d0a-4246-aacf-4508ce0683bd
  • https://er.cloud-media.fr/c/081b3cdbbeff0e58af3b854f0b676df3/3e19567e-6d0a-4246-aacf-4508ce0683bd
35 B
230 B
Image
General
Full URL
https://er.cloud-media.fr/c/081b3cdbbeff0e58af3b854f0b676df3/3e19567e-6d0a-4246-aacf-4508ce0683bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.98.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://redirect.femmeactuelle-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 03:16:15 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

location
https://er.cloud-media.fr/c/081b3cdbbeff0e58af3b854f0b676df3/3e19567e-6d0a-4246-aacf-4508ce0683bd
date
Sun, 02 May 2021 03:16:15 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
0
x-xss-protection
1; mode=block
content-type
text/html;charset=utf-8
dbf051
er.cloud-media.fr/c/081b3cdbbeff0e58af3b854f0b676df3/
Redirect Chain
  • https://er.cloud-media.fr/r/081b3cdbbeff0e58af3b854f0b676df3/dbf051
  • https://er.cloud-media.fr/c/081b3cdbbeff0e58af3b854f0b676df3/dbf051
35 B
230 B
Image
General
Full URL
https://er.cloud-media.fr/c/081b3cdbbeff0e58af3b854f0b676df3/dbf051
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.98.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://redirect.femmeactuelle-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 02 May 2021 03:16:15 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

location
https://er.cloud-media.fr/c/081b3cdbbeff0e58af3b854f0b676df3/dbf051
date
Sun, 02 May 2021 03:16:15 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
0
x-xss-protection
1; mode=block
content-type
text/html;charset=utf-8
adtckrtg.gif
notify.adleadevent.com/
Redirect Chain
  • https://ntf.bases-femmeactuelle.com/adtckrtg.gif?ids=2422&s=2490&hash=081b3cdbbeff0e58af3b854f0b676df3&hash256=
  • https://notify.adleadevent.com/adtckrtg.gif?ids=2422&s=2490&hash=081b3cdbbeff0e58af3b854f0b676df3&hash256=
43 B
622 B
Image
General
Full URL
https://notify.adleadevent.com/adtckrtg.gif?ids=2422&s=2490&hash=081b3cdbbeff0e58af3b854f0b676df3&hash256=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.235.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 / Express
Resource Hash

Request headers

Referer
http://redirect.femmeactuelle-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 02 May 2021 03:16:15 GMT
Server
nginx/1.18.0
X-Powered-By
Express
ETag
W/"2b-EasQqxCf21PZHURKx4EQH1pjYMY"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://notify.adleadevent.com/adtckrtg.gif?ids=2422&s=2490&hash=081b3cdbbeff0e58af3b854f0b676df3&hash256=
Date
Sun, 02 May 2021 03:19:03 GMT
Server
nginx/1.4.6 (Ubuntu)
Connection
keep-alive
Content-Length
193
Content-Type
text/html
token
token.rubiconproject.com/
Redirect Chain
  • https://prisma-tr.prismamedia.com/v1/touches/pixel?$ev=$email_click&$dat_token=gpm-v2&$email_hash=081b3cdbbeff0e58af3b854f0b676df3&brand=Femme%20Actuelle&thematic=NL%20FAC%20Quotidienne
  • https://prisma-tr.prismamedia.com/v1/check_cookie/pixel?$chk=0edd7ca2-0a6d-4412-9ad7-887c596138f6&$etid=&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62&$fmt=px&$dat_token=gpm-v2
  • https://prisma-tr.prismamedia.com/v1/update_mapping/pixel?$etid=&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62&$fmt=px&$dat_token=gpm-v2
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?etid=&domid=1035&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62&$fmt=px&$dat_token=gpm-v2
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=7c7ab871-458e-4db1-acbf-b839c7f94a62&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx&google_gid=CAES...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEMnXvjF_hhsl2fnCrq8lJZg&$dat_token=gpm-v2&$fmt=px&$stgid=7c7ab871-4...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEMnXvjF_hhsl2fnCrq8lJ...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7624521396711004372&opid=apx&ops=&utidl=tech:goo:CAESEMnXvjF_hhsl2fnCrq8lJZg&$dat_token=gpm-v2&$fmt=px&$stgid=7c7ab871-458e-4db1-acbf...
  • https://prisma-tr.prismamedia.com/v1/set_id?vid=vec%3A17245184688&lts=1619925375613&uaid=&sig=c26713542d135416faaa9e5124b301d0ee6dcd8b&d=false&$dat_token=gpm-v2&$fmt=px&$stgid=7c7ab871-458e-4db1-ac...
  • https://token.rubiconproject.com/token?pid=33156&puid=vec%3A17245184688
0
662 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=33156&puid=vec%3A17245184688
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://redirect.femmeactuelle-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://token.rubiconproject.com/token?pid=33156&puid=vec%3A17245184688
date
Sun, 02 May 2021 03:16:15 GMT
content-length
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
token
token.rubiconproject.com/
Redirect Chain
  • https://prisma-tr.prismamedia.com/v1/touches/pixel?$ev=$email_click&$dat_token=gpm-v2&$email_hash=081b3cdbbeff0e58af3b854f0b676df3&brand=PART%20Prisma
  • https://prisma-tr.prismamedia.com/v1/check_cookie/pixel?$chk=4713e6b8-ad8c-4a11-9988-70cdf5b0a50e&$etid=&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2&$fmt=px&$dat_token=gpm-v2
  • https://prisma-tr.prismamedia.com/v1/update_mapping/pixel?$etid=&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2&$fmt=px&$dat_token=gpm-v2
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?etid=&domid=1035&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2&$fmt=px&$dat_token=gpm-v2
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&$dat_token=gpm-v2&$fmt=px&$stgid=1a035fcd-1578-4b45-936f-41ab4d0523f2&action=GET_ID&opid=goo&etid=&domid=1035&ops=apx&google_gid=CAES...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEMnXvjF_hhsl2fnCrq8lJZg&$dat_token=gpm-v2&$fmt=px&$stgid=1a035fcd-1...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEMnXvjF_hhsl2fnCrq8lJ...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8134631377623467398&opid=apx&ops=&utidl=tech:goo:CAESEMnXvjF_hhsl2fnCrq8lJZg&$dat_token=gpm-v2&$fmt=px&$stgid=1a035fcd-1578-4b45-936f...
  • https://prisma-tr.prismamedia.com/v1/set_id?vid=vec%3A17245184688&lts=1619925375651&uaid=&sig=78a15d12becc68044a88460f8b81967e2e275de9&d=false&$dat_token=gpm-v2&$fmt=px&$stgid=1a035fcd-1578-4b45-93...
  • https://token.rubiconproject.com/token?pid=33156&puid=vec%3A17245184688
0
662 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=33156&puid=vec%3A17245184688
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://redirect.femmeactuelle-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://token.rubiconproject.com/token?pid=33156&puid=vec%3A17245184688
date
Sun, 02 May 2021 03:16:15 GMT
content-length
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
HDM.d
js.sddan.com/
Redirect Chain
  • https://sir.femmeactuelle-news.fr/HDM.d?pa=22594&si=2&hd_m=081b3cdbbeff0e58af3b854f0b676df3&hd_s256=
  • https://js.sddan.com/HDM.d?pa=22594&si=2&hd_m=081b3cdbbeff0e58af3b854f0b676df3&hd_s256=
  • https://js.sddan.com/HDM.d?pa=22594&si=2&hd_m=081b3cdbbeff0e58af3b854f0b676df3&hd_s256=&bounce=1
42 B
720 B
Image
General
Full URL
https://js.sddan.com/HDM.d?pa=22594&si=2&hd_m=081b3cdbbeff0e58af3b854f0b676df3&hd_s256=&bounce=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.113 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.11.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
http://redirect.femmeactuelle-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 May 2021 03:16:15 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
42
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 May 2021 03:16:15 GMT
server
nginx/1.11.3
location
https://js.sddan.com/HDM.d?pa=22594&si=2&hd_m=081b3cdbbeff0e58af3b854f0b676df3&hd_s256=&bounce=1
strict-transport-security
max-age=15724800; includeSubDomains; preload
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy
cross-origin
content-length
0
x-xss-protection
0
expires
Tue, 01 Jan 2000 00:00:00 GMT
Primary Request b081b3cdbbeff0e58af3b854f0b676df3
dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/
Redirect Chain
  • http://dm.femmeactuelle-news.fr/?n=1&i=$md5_id$&e=michele.sautier@orange.fr&t=$titre_id$&c=356717
  • http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
4 KB
2 KB
Document
General
Full URL
http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
Requested by
Host: redirect.femmeactuelle-news.fr
URL: http://redirect.femmeactuelle-news.fr/P-356717-081b3cdbbeff0e58af3b854f0b676df3-0-164/?cl=1&n=1&l=o&u=http%3A%2F%2Fdm.femmeactuelle-news.fr%2F%3Fn%3D1%26i%3D$md5_id$%26e%3Dmichele.sautier%40orange.fr%26t%3D$titre_id$%26c%3D356717
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
7a95a684b813f50a0701aee7d4aa4918fb79f3491cbc7fe9863d414f679a9aa0

Request headers

Host
dm.femmeactuelle-news.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://redirect.femmeactuelle-news.fr/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://redirect.femmeactuelle-news.fr/P-356717-081b3cdbbeff0e58af3b854f0b676df3-0-164/?cl=1&n=1&l=o&u=http%3A%2F%2Fdm.femmeactuelle-news.fr%2F%3Fn%3D1%26i%3D$md5_id$%26e%3Dmichele.sautier%40orange.fr%26t%3D$titre_id$%26c%3D356717

Response headers

Date
Sun, 02 May 2021 03:16:16 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip
Via
1.1 google

Redirect headers

Date
Sun, 02 May 2021 03:16:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Server
nginx
Location
/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
Via
1.1 google
bootstrap.min.css
dm.femmeactuelle-news.fr/assets/scripts/bootstrap/css/
52 KB
10 KB
Stylesheet
General
Full URL
http://dm.femmeactuelle-news.fr/assets/scripts/bootstrap/css/bootstrap.min.css
Requested by
Host: dm.femmeactuelle-news.fr
URL: http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
5fbed27c71e240f0bc549f913122b3708bde640171c140f5a549373407d7260a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dm.femmeactuelle-news.fr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
Connection
keep-alive
Cache-Control
no-cache
Referer
http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 02 May 2021 03:16:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 13:52:53 GMT
Server
nginx
Age
0
ETag
W/"60817fb5-ce5e"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 google
Cache-Control
max-age=600,public
Content-Length
9477
Expires
Sun, 02 May 2021 03:26:16 GMT
font-awesome.css
dm.femmeactuelle-news.fr/assets/scripts/font-awesome/css/
26 KB
6 KB
Stylesheet
General
Full URL
http://dm.femmeactuelle-news.fr/assets/scripts/font-awesome/css/font-awesome.css
Requested by
Host: dm.femmeactuelle-news.fr
URL: http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
295074933a25ae5d6646f86705412ae194ca64508e04984857c61ef495c66ec2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dm.femmeactuelle-news.fr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
Connection
keep-alive
Cache-Control
no-cache
Referer
http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 02 May 2021 03:16:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 13:52:53 GMT
Server
nginx
Age
0
ETag
W/"60817fb5-681b"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 google
Cache-Control
max-age=600,public
Content-Length
5344
Expires
Sun, 02 May 2021 03:26:16 GMT
common-v3.css
dm.femmeactuelle-news.fr/assets/scripts/pcp/css/
21 KB
4 KB
Stylesheet
General
Full URL
http://dm.femmeactuelle-news.fr/assets/scripts/pcp/css/common-v3.css
Requested by
Host: dm.femmeactuelle-news.fr
URL: http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
928e6defa48a9ccf25df8d8887b60c39bc551517a80b2ad363d460c9808772b9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dm.femmeactuelle-news.fr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
Connection
keep-alive
Cache-Control
no-cache
Referer
http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 02 May 2021 03:16:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Apr 2021 13:52:53 GMT
Server
nginx
Age
0
ETag
W/"60817fb5-5378"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 google
Cache-Control
max-age=600,public
Content-Length
3570
Expires
Sun, 02 May 2021 03:26:16 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dm.femmeactuelle-news.fr
URL: http://dm.femmeactuelle-news.fr/a081b3cdbbeff0e58af3b854f0b676df3/b081b3cdbbeff0e58af3b854f0b676df3?mi=356717
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://dm.femmeactuelle-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6381
date
Sun, 02 May 2021 01:29:55 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sun, 02 May 2021 03:29:55 GMT
PCP-DESKTOP.jpg
dm.femmeactuelle-news.fr/assets/scripts/pcp/images/
324 KB
324 KB
Image
General
Full URL
http://dm.femmeactuelle-news.fr/assets/scripts/pcp/images/PCP-DESKTOP.jpg
Requested by
Host: dm.femmeactuelle-news.fr
URL: http://dm.femmeactuelle-news.fr/assets/scripts/pcp/css/common-v3.css
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
95a1d891a34081ec2b04651428131745f899da5e7e5e0e2118c95779f2f7c733

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
dm.femmeactuelle-news.fr
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://dm.femmeactuelle-news.fr/assets/scripts/pcp/css/common-v3.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://dm.femmeactuelle-news.fr/assets/scripts/pcp/css/common-v3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 02 May 2021 03:16:16 GMT
Via
1.1 google
Last-Modified
Thu, 22 Apr 2021 13:52:53 GMT
Server
nginx
Age
0
ETag
"60817fb5-51029"
Content-Type
image/jpeg
Cache-Control
max-age=600,public
Accept-Ranges
bytes
Content-Length
331817
Expires
Sun, 02 May 2021 03:26:16 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=169744869&t=pageview&_s=1&dl=http%3A%2F%2Fdm.femmeactuelle-news.fr%2Fa081b3cdbbeff0e58af3b854f0b676df3%2Fb081b3cdbbeff0e58af3b854f0b676df3%3Fmi%3D356717&dr=http%3A%2F%2Fredirect.femmeactuelle-news.fr%2F&ul=en-us&de=UTF-8&dt=Mon%20inscription%20-%20Preference%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1795206021&gjid=1246916438&cid=1507078190.1619925376&tid=UA-101937406-1&_gid=564442422.1619925376&_r=1&_slc=1&z=282761647
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://dm.femmeactuelle-news.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 May 2021 03:16:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://dm.femmeactuelle-news.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.femmeactuelle-news.fr/ Name: _gat
Value: 1
.femmeactuelle-news.fr/ Name: _gid
Value: GA1.2.564442422.1619925376
.femmeactuelle-news.fr/ Name: _ga
Value: GA1.2.1507078190.1619925376