urlscan.io logo urlscan.io
SecurityTrails logo

mirror.newsletter.plus-de-sante.fr Open in urlscan Pro
2a05:71c0:2000::e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.newsletter.plus-de-sante.fr/c/?t=9b321d3-4fi-8c0-3e-zkq0
Effective URL: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Submission: On June 18 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2a05:71c0:2000::e, located in France and belongs to ODISO-AS, FR. The main domain is mirror.newsletter.plus-de-sante.fr.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 4th 2020. Valid for: 3 months.
This is the only time mirror.newsletter.plus-de-sante.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2a05:71c0:200... 34993 (ODISO-AS)
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 109.232.194.94 50234 (EULERIAN-AS)
12 4
Apex Domain
Subdomains		 Transfer
10 awr.im
img.awr.im
tracker.awr.im
574 KB
3 plus-de-sante.fr
t.newsletter.plus-de-sante.fr
mirror.newsletter.plus-de-sante.fr
6 KB
1 homair.com
ea.homair.com
1 KB
12 3
Domain Requested by
8 img.awr.im mirror.newsletter.plus-de-sante.fr
2 tracker.awr.im 1 redirects mirror.newsletter.plus-de-sante.fr
2 t.newsletter.plus-de-sante.fr 1 redirects mirror.newsletter.plus-de-sante.fr
1 ea.homair.com mirror.newsletter.plus-de-sante.fr
1 mirror.newsletter.plus-de-sante.fr
12 5

This site contains links to these domains. Also see Links.

Domain
t.newsletter.plus-de-sante.fr
Subject Issuer Validity Valid
mirror.newsletter.plus-de-sante.fr
Let's Encrypt Authority X3		 2020-05-04 -
2020-08-02		 3 months crt.sh
t.newsletter.plus-de-sante.fr
Let's Encrypt Authority X3		 2020-05-04 -
2020-08-02		 3 months crt.sh
ea.homair.com
Let's Encrypt Authority X3		 2020-06-13 -
2020-09-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Frame ID: E9F8303FEDFAEDAC9C87300E753B089A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.newsletter.plus-de-sante.fr/c/?t=9b321d3-4fi-8c0-3e-zkq0 HTTP 302
    https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

12
Requests

25 %
HTTPS

75 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

580 kB
Transfer

594 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.newsletter.plus-de-sante.fr/c/?t=9b321d3-4fi-8c0-3e-zkq0 HTTP 302
    https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://tracker.awr.im/open/?u=hc0ega0eeji0bahfi0cbbjce HTTP 302
  • http://tracker.awr.im/image.gif

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mirror.newsletter.plus-de-sante.fr/
Redirect Chain
  • https://t.newsletter.plus-de-sante.fr/c/?t=9b321d3-4fi-8c0-3e-zkq0
  • https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
25 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:71c0:2000::e , France, ASN34993 (ODISO-AS, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
578f63e6bfda54e3d8cf0bc9f55348b8f83743d0f9a7a147d5ea285b6fa334d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
mirror.newsletter.plus-de-sante.fr
:scheme
https
:path
/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=nflmmi4zfewlgoezwm2ccxq3; path=/; HttpOnly SERVERID=mindweb4.odiso.net; path=/; HttpOnly; Secure
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Thu, 18 Jun 2020 14:34:52 GMT
content-length
4852
strict-transport-security
max-age=31536000;
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff

Redirect headers

status
302
cache-control
private
content-type
text/html; charset=utf-8
location
https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=z2vhqqwqten5zmj3djjztoir; path=/; HttpOnly SERVERID=mindtrack3.odiso.net; path=/; HttpOnly; Secure
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Thu, 18 Jun 2020 14:34:52 GMT
content-length
229
strict-transport-security
max-age=31536000;
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
/
t.newsletter.plus-de-sante.fr/o/ 		180 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletter.plus-de-sante.fr/o/?t=4fi-3e-zkq0
Requested by
Host: mirror.newsletter.plus-de-sante.fr
URL: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:71c0:2000::e , France, ASN34993 (ODISO-AS, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a3d9bf654bd182096ae97d7aac32516664fdf12437820695136f55620bb105ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Jun 2020 14:34:52 GMT
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
private
strict-transport-security
max-age=31536000;
content-length
180
logo.png
img.awr.im/content/20200611081908_1968/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.awr.im/content/20200611081908_1968/logo.png
Requested by
Host: mirror.newsletter.plus-de-sante.fr
URL: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911d623baa980d6315e6fbff15eb9ad07439fad7d6ddce1b9e904bc3c315682d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 14:34:53 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 11 Jun 2020 06:19:08 GMT
Server
cloudflare
Age
920
ETag
"233e-5a7c8f02e4c8e"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5a55bbd448e2bf5a-AMS
Content-Length
9022
cf-request-id
036973b8b00000bf5abf8a6200000001
header.png
img.awr.im/content/20200611081908_1229/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.awr.im/content/20200611081908_1229/header.png
Requested by
Host: mirror.newsletter.plus-de-sante.fr
URL: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93bfd00c411d180bc48c8d4349783de8b28de02bf3228c950838fb5608e9d157

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 14:34:53 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 11 Jun 2020 06:19:08 GMT
Server
cloudflare
Age
1503
ETag
"3761c-5a7c8f03253d1"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5a55bbd44ffcbf91-AMS
Content-Length
226844
cf-request-id
036973b8b00000bf91a99a5200000001
cta-reserve.png
img.awr.im/content/20200611081908_1286/ 		993 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.awr.im/content/20200611081908_1286/cta-reserve.png
Requested by
Host: mirror.newsletter.plus-de-sante.fr
URL: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d062f9355e30ef2ab5be781292e04b28d4929bea2aca27d499c1e759423786

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 14:34:53 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 11 Jun 2020 06:19:08 GMT
Server
cloudflare
Age
7196
ETag
"3e1-5a7c8f0305030"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5a55bbd45dab0b33-AMS
Content-Length
993
cf-request-id
036973b8b400000b334db26200000001
languedoc.png
img.awr.im/content/20200611081908_1628/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.awr.im/content/20200611081908_1628/languedoc.png
Requested by
Host: mirror.newsletter.plus-de-sante.fr
URL: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbf4351d0ca94478d5b94d172021c58a4edc6ad85fad5a42fbdd461eca0731ca

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 14:34:53 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 11 Jun 2020 06:19:08 GMT
Server
cloudflare
Age
920
ETag
"140eb-5a7c8f0355173"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5a55bbd44adb0b3f-AMS
Content-Length
82155
cf-request-id
036973b8b000000b3fee01b200000001
corse.png
img.awr.im/content/20200611081908_1323/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.awr.im/content/20200611081908_1323/corse.png
Requested by
Host: mirror.newsletter.plus-de-sante.fr
URL: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6d9c6cfb4383b6b67379e9f239322d86d566935b51a60edaeb9ea3c80db36f1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 14:34:53 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 11 Jun 2020 06:19:08 GMT
Server
cloudflare
Age
920
ETag
"143bc-5a7c8f035ce73"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5a55bbd44b61c857-AMS
Content-Length
82876
cf-request-id
036973b8b00000c857550a5200000001
bretagne.png
img.awr.im/content/20200611081908_1579/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.awr.im/content/20200611081908_1579/bretagne.png
Requested by
Host: mirror.newsletter.plus-de-sante.fr
URL: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0703dbb2731aa8f492d676a5d25127339b0fff62ef131db6d427422bf24849e8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 14:34:53 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 11 Jun 2020 06:19:08 GMT
Server
cloudflare
Age
1503
ETag
"172e9-5a7c8f0362c33"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5a55bbd45f7afaa0-AMS
Content-Length
94953
cf-request-id
036973b8b20000faa08d8fa200000001
landes.png
img.awr.im/content/20200611081908_1811/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.awr.im/content/20200611081908_1811/landes.png
Requested by
Host: mirror.newsletter.plus-de-sante.fr
URL: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d47de9231967dbdc5ade9bf2d12ed396374db8fe29f14f14e3fcb0967830bd64

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 14:34:53 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 11 Jun 2020 06:19:08 GMT
Server
cloudflare
Age
920
ETag
"14a46-5a7c8f0319850"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5a55bbd478fbbf5a-AMS
Content-Length
84550
cf-request-id
036973b8c60000bf5abf8a9200000001
cta-destination.png
img.awr.im/content/20200611081908_1153/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.awr.im/content/20200611081908_1153/cta-destination.png
Requested by
Host: mirror.newsletter.plus-de-sante.fr
URL: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:b460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9b5729f516ff9fd127638b1ba42004cd59ccb70ec883dbe099da2bbc133f5de

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 14:34:53 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 11 Jun 2020 06:19:08 GMT
Server
cloudflare
Age
1503
ETag
"431-5a7c8f02f468f"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5a55bbd47e0e0b33-AMS
Content-Length
1073
cf-request-id
036973b8cc00000b334db28200000001
image.gif
tracker.awr.im/
Redirect Chain
  • http://tracker.awr.im/open/?u=hc0ega0eeji0bahfi0cbbjce
  • http://tracker.awr.im/image.gif
91 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tracker.awr.im/image.gif
Requested by
Host: mirror.newsletter.plus-de-sante.fr
URL: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Protocol
HTTP/1.1
Server
2606:4700:3037::681f:55ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a406159e97baef6ad1404718815565712f7545c2b77e7c1fd4da3afdbee9e6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 18 Jun 2020 14:34:53 GMT
CF-Cache-Status
HIT
Last-Modified
Tue, 12 Jan 2016 13:06:46 GMT
Server
cloudflare
Age
1700
ETag
"5b-52922b9c6e580"
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5a55bbd5ae45c853-AMS
Content-Length
91
cf-request-id
036973b98d0000c8530e070200000001

Redirect headers

Pragma
no-cache
Date
Thu, 18 Jun 2020 14:34:53 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
/image.gif
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
CF-RAY
5a55bbd43b4bc853-AMS
cf-request-id
036973b8a40000c8530e063200000001
Expires
Thu, 19 Nov 1981 08:52:00 GMT
pix.gif
ea.homair.com/view/homair/9WEzt.Ng_QO_4I.lc2tpa4g3EcjLj13FPxo6OrA9rIc-/ 		163 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ea.homair.com/view/homair/9WEzt.Ng_QO_4I.lc2tpa4g3EcjLj13FPxo6OrA9rIc-/pix.gif?ea-rnd=[RANDOM]&eemail=
Requested by
Host: mirror.newsletter.plus-de-sante.fr
URL: https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.232.194.94 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
et1.eulerian.net
Software
EWS /
Resource Hash
6c46829208b5004ded357c146a2dd4c56641ca4a8f93c782081dee56c9a332f1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mirror.newsletter.plus-de-sante.fr/?eis=xLd9Ij4aS34ywHivT642Zp6RlYL9lvmQ-P6ZAHrY8VU&s=256&b=1755
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date
Thu, 18 Jun 2020 14:34:53 GMT
X-Content-Type-Options
nosniff
Server
EWS
P3P
policyref="http://ea.homair.com/w3c/p3p.xml",CP="NOI DSP COR NID ADMa DEVa OUR IND UNI"
Strict-Transport-Security
max-age=604800
Content-Type
image/png
Cache-Control
max-age=0, private
Connection
Close
Accept-Ranges
none
X-Robots-Tag
noindex
Content-Length
163
X-XSS-Protection
0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Domain/Path Name / Value
mirror.newsletter.plus-de-sante.fr/ Name: SERVERID
Value: mindweb4.odiso.net
mirror.newsletter.plus-de-sante.fr/ Name: ASP.NET_SessionId
Value: nflmmi4zfewlgoezwm2ccxq3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN