www.letemps.ch Open in urlscan Pro
151.101.194.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-atterrissent-banques-suisses
Effective URL:
https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
Submission: On February 27 via api (February 27th 2023, 3:59:23 pm UTC) from CH — Scanned from DE

Summary HTTP 189 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 75 IPs in 9 countries across 54 domains to perform 189 HTTP transactions. The main IP is 151.101.194.216, located in United States and belongs to FASTLY, US. The main domain is www.letemps.ch. The Cisco Umbrella rank of the primary domain is 272969.
TLS certificate: Issued by R3 on February 10th 2023. Valid for: 3 months.

This is the only time www.letemps.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	151.101.194.216 151.101.194.216	54113 (FASTLY) (FASTLY)
7	2606:4700:20:... 2606:4700:20::681a:305	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	104.26.7.150 104.26.7.150	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	46.101.124.83 46.101.124.83	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
9	2606:4700:20:... 2606:4700:20::ac43:44e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6811:b8b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 8	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.66.147.21 18.66.147.21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	13.225.78.69 13.225.78.69	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:11a... 2a02:26f0:11a::217:9a4a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.189.26 13.224.189.26	16509 (AMAZON-02) (AMAZON-02)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:f400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
5 7	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	74.119.118.149 74.119.118.149	19750 (AS-CRITEO) (AS-CRITEO)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	35.212.133.238 35.212.133.238	15169 (GOOGLE) (GOOGLE)
2 2	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
2 2	74.119.118.138 74.119.118.138	19750 (AS-CRITEO) (AS-CRITEO)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.198.178.8 18.198.178.8	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.230.48 141.226.230.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	18.144.106.164 18.144.106.164	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.246.68.114 34.246.68.114	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 2	52.2.51.253 52.2.51.253	14618 (AMAZON-AES) (AMAZON-AES)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.176.140.13 54.176.140.13	16509 (AMAZON-02) (AMAZON-02)
1	66.225.223.31 66.225.223.31	3949 (NTTA-3946) (NTTA-3946)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4216:cd79:34ae:bc6a:5e70	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.28.181.42 184.28.181.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.188.190.65 54.188.190.65	16509 (AMAZON-02) (AMAZON-02)
1	52.222.228.32 52.222.228.32	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	52.12.247.47 52.12.247.47	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	3.22.158.170 3.22.158.170	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	() ()
189	75

4 151.101.194.216 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.letemps.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:305 (United States)

ASN13335 (CLOUDFLARENET, US)

adnz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xd.adnz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.adnz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 104.26.7.150 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.letemps.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.101.124.83 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

labs.letemps.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::ac43:44e1 (United States)

ASN13335 (CLOUDFLARENET, US)

api.adnz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

forecast.letemps.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.211.116 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-21.fra60.r.cloudfront.net

tag.aticdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-69.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::217:9a4a (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.141 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::c (France) 5 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.118.149 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

50cf3be3ef7d672d1ed2dc28a496f693.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.133.238 (The Dalles, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 238.133.212.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.201.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.118.138 (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.178.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-178-8.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.230.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.144.106.164 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-144-106-164.us-west-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.185 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.68.114 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-68-114.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.51.253 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-51-253.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.176.140.13 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-140-13.us-west-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.225.223.31 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:cd79:34ae:bc6a:5e70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.28.181.42 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-181-42.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.188.190.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-190-65.us-west-2.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.228.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-228-32.fra56.r.cloudfront.net

logs1412.xiti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.12.247.47 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-247-47.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.22.158.170 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-22-158-170.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (None, )

ASN- ()

firebaselogging-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	letemps.ch 1 redirects www.letemps.ch — Cisco Umbrella Rank: 272969 assets.letemps.ch — Cisco Umbrella Rank: 452675 labs.letemps.ch forecast.letemps.ch — Cisco Umbrella Rank: 529634	2 MB
16	adnz.co adnz.co — Cisco Umbrella Rank: 60322 api.adnz.co — Cisco Umbrella Rank: 66181 xd.adnz.co — Cisco Umbrella Rank: 133805	93 KB
14	criteo.com 7 redirects gum.criteo.com — Cisco Umbrella Rank: 378 mug.criteo.com — Cisco Umbrella Rank: 2719 sslwidget.criteo.com — Cisco Umbrella Rank: 1776 dis.criteo.com — Cisco Umbrella Rank: 686 widget.eu.criteo.com — Cisco Umbrella Rank: 22257	21 KB
12	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	193 KB
12	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 377 acdn.adnxs.com — Cisco Umbrella Rank: 542	63 KB
8	googlesyndication.com 50cf3be3ef7d672d1ed2dc28a496f693.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	40 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	64 KB
5	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 567 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 477 firebaselogging-pa.googleapis.com	2 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4370 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 361 www.linkedin.com — Cisco Umbrella Rank: 564 px4.ads.linkedin.com — Cisco Umbrella Rank: 6058	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6149 adservice.google.de — Cisco Umbrella Rank: 8947	1 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	223 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2450 google-bidout-d.openx.net — Cisco Umbrella Rank: 2399	730 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	287 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	251 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 663	857 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 198	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1347	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	508 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	1 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2681 p1.parsely.com — Cisco Umbrella Rank: 2081	26 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	27 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 769	72 KB
2	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 7497 cdn.tinypass.com — Cisco Umbrella Rank: 5337	109 KB
2	gstatic.com www.gstatic.com	18 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1746	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 585	338 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	49 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2643	8 KB
1	xiti.com logs1412.xiti.com — Cisco Umbrella Rank: 54760	328 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2212	220 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4455	525 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 28098	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2372	183 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 668	582 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 733	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1370	969 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2540	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 404	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 745	236 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1244	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 338	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1888	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1236	100 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 571	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 518	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 313	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 563	978 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2188	257 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 813	368 B
1	piano.io c2.piano.io — Cisco Umbrella Rank: 3595	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 704	5 KB
1	aticdn.net tag.aticdn.net — Cisco Umbrella Rank: 17365	22 KB
189	54

	Domain	Requested by
47	assets.letemps.ch	www.letemps.ch assets.letemps.ch
12	api.adnz.co	adnz.co
8	ib.adnxs.com	1 redirects adnz.co acdn.adnxs.com
7	gum.criteo.com	5 redirects static.criteo.net
7	securepubads.g.doubleclick.net	adnz.co securepubads.g.doubleclick.net www.letemps.ch www.googletagservices.com
5	labs.letemps.ch	www.letemps.ch
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	connect.facebook.net	assets.letemps.ch connect.facebook.net www.letemps.ch
4	www.letemps.ch	1 redirects assets.letemps.ch
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	www.facebook.com	www.letemps.ch
3	www.google.com	www.letemps.ch tpc.googlesyndication.com
3	www.google.de	www.letemps.ch
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	secure.adnxs.com	1 redirects www.letemps.ch
3	forecast.letemps.ch	www.letemps.ch forecast.letemps.ch
3	www.googletagmanager.com	www.letemps.ch www.googletagmanager.com
2	firebaseremoteconfig.googleapis.com	www.gstatic.com
2	oajs.openx.net	1 redirects
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	widget.eu.criteo.com
2	dis.criteo.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	x.bidswitch.net	1 redirects
2	mug.criteo.com	www.letemps.ch
2	px.ads.linkedin.com	2 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	static.criteo.net	www.googletagmanager.com securepubads.g.doubleclick.net
2	xd.adnz.co	adnz.co xd.adnz.co
2	www.gstatic.com	www.letemps.ch
2	adnz.co	www.letemps.ch adnz.co
1	firebaselogging-pa.googleapis.com	www.gstatic.com
1	s.thebrighttag.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	beacon.krxd.net
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	logs1412.xiti.com	tag.aticdn.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	sslwidget.criteo.com	static.criteo.net
1	50cf3be3ef7d672d1ed2dc28a496f693.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	vc.hotjar.io	script.hotjar.com
1	acdn.adnxs.com	adnz.co
1	px4.ads.linkedin.com	www.letemps.ch
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	p1.parsely.com	www.letemps.ch
1	script.hotjar.com	static.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	c2.piano.io	cdn.tinypass.com
1	cdn.parsely.com	www.letemps.ch
1	snap.licdn.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	tag.aticdn.net	www.googletagmanager.com
1	cdn.tinypass.com	experience.tinypass.com
1	experience.tinypass.com	www.letemps.ch
189	81

This site contains links to these domains. Also see Links.

Domain
jim.media
publicite.letemps.ch
www.letempsarchives.ch
labs.letemps.ch
assets.letemps.ch
www.facebook.com
twitter.com
www.linkedin.com
us5.campaign-archive.com
www.tagesanzeiger.ch
www.instagram.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
letemps.ch R3	`2023-02-10` - `2023-05-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
labs.letemps.ch R3	`2023-02-18` - `2023-05-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
forecast.letemps.ch GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-14` - `2024-03-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-07`	2 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
tag.aticdn.net Thawte RSA CA 2018	`2023-01-02` - `2024-02-02`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M01	`2023-02-24` - `2023-07-04`	4 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.hotjar.io Amazon RSA 2048 M01	`2023-02-23` - `2023-08-16`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
itm.ivitrack.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-02`	5 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M02	`2023-02-07` - `2023-05-24`	4 months	crt.sh
*.xiti.com Thawte RSA CA 2018	`2022-04-29` - `2023-04-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
Frame ID: 998084AC6B2199588BDCD792F2C9E16E
Requests: 122 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1EADF03A8F0CB82EC8C92B643E4DA137
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.letemps.ch&origin=onetag
Frame ID: 1D992E7A84518F98AF96833AA4DA3D2C
Requests: 2 HTTP requests in this frame

Frame: https://forecast.letemps.ch/ls.html?origin=www.letemps.ch
Frame ID: DD5231DA3740CFFFD9D8DAA05ED22AD0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7BC0B1B83C4171C997FBCA342AC7FB02
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 540BDE555BCA325A3254F685DD79FD5A
Requests: 1 HTTP requests in this frame

Frame: https://xd.adnz.co/xdomain_cookie.html
Frame ID: 7EC1534C8B50AF008A6520ADF9E61B02
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B54D3BB772FDF4D493CCFD870A0BFC54
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0BAFF201862D472384FF8DA1AC1B2508
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E467B087903AAFBBE1D24A129BAAEBD6
Requests: 1 HTTP requests in this frame

Frame: https://50cf3be3ef7d672d1ed2dc28a496f693.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F9AE458E5A26EACBB1157A0E81FFF071
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qcpaKlOWHtFbSIg5Bbj0lBmLDUKDzzFtZKzkRw&expires=30
Frame ID: 6574724BB5E52759C8D3C302059FF08C
Requests: 28 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZvh7aaR14CI5niyjoVucb9REE_jI78MpxbOSk8bEaEh2-ZsKgUJNIb5hdWPvq7vSDFiMbxbxR-POoec8g31GuVViLqRGgLMm1Ef0aC6_G12WEgTlg9Pd55IRbk3rM09KqI4-BSlG65WnHUXixh4eZJlv6R2YPMhpJGksA_zI4_Hb7OeEOxZPEH3vs7Md8ABiSkiHGIalSwqnfagXH4N2MLKdS5ZM2WaO5SSjTaCt-aaH76vL8H3y0ttefbiKjPG7YvnQkKDPdMGQqmTA207HsZVl5SwxW6C9APzwpnpjXrnGtxDpfVT4tIb1XFQIO16ZHxv1pb5KMdE-jt-pFxej2btG7UT7IxjiuPZa95g&sai=AMfl-YR5TqcdS72Sbw3i12dc-zobiklE1f8ctEzDFKqjsRT8b78Qu4bI5DkHgKQod6KghKaUb23VgSUCvPVSLKL7-u4H0aSm07HnpXUNFbBEGXgfwYSRZWcH9pHH3Ih5oOLD-TQ7SyC3DZNaTeO9pMLr&sig=Cg0ArKJSzCehzuHZCWoMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F8DBD70B6F0DE0167C577B3A006544C1
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.letemps.ch
Frame ID: DA517DD08E5C71D4A229A11E69D0F253
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8BC763F769364849FCE29228E8863C16
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06AAD58B78F3D607A4848D90CD562DB5
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 459C308048DF9CD59C72F2DD361C3D0E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Des centaines de millions de dollars détournés au Liban auraient atterri dans des banques suisses - Le Temps

Page URL History Show full URLs

https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-atterrissent-banques-sui... HTTP 301
https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques... Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

189
Requests

91 %
HTTPS

39 %
IPv6

54
Domains

81
Subdomains

75
IPs

9
Countries

2846 kB
Transfer

6188 kB
Size

77
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://jim.media/e-paper/
Title: Supplément Immobilier

Search URL Search Domain Scan URL

URL: https://publicite.letemps.ch/
Title: Annonces

Search URL Search Domain Scan URL

URL: http://www.letempsarchives.ch/
Title: Archives

Search URL Search Domain Scan URL

URL: https://labs.letemps.ch/interactive/2022/dashboardEco/#inflation
Title: Voir l'inflation

Search URL Search Domain Scan URL

URL: https://labs.letemps.ch/interactive/2022/dashboardEco/#commerce
Title: Voir le commerce

Search URL Search Domain Scan URL

URL: https://labs.letemps.ch/interactive/2022/dashboardEco/#pib
Title: Voir le PIB

Search URL Search Domain Scan URL

URL: https://labs.letemps.ch/interactive/2022/dashboardEco/#chomage
Title: Voir le chômage

Search URL Search Domain Scan URL

URL: https://labs.letemps.ch/interactive/2022/dashboardEco/#tourisme
Title: Voir le tourisme

Search URL Search Domain Scan URL

URL: https://assets.letemps.ch/sites/default/files/styles/original/public/media/2023/02/26/d99ee26_20230201190535614.jpg?itok=pr0YCc3h
Title: La Banque du Liban, le 1er février 2023. — © WAEL HAMZEH / keystone-sda.ch

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses%3Futm_source%3Dfacebook%26utm_medium%3Dshare%26utm_campaign%3Darticle&display=popup&ref=plugin&src=share_button

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Des%20centaines%20de%20millions%20de%20dollars%20d%C3%A9tourn%C3%A9s%20au%20Liban%20auraient%20atterri%20dans%20des%20banques%20suisses%0D%0Ahttps://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses%3Futm_source%3Dtwitter%26utm_medium%3Dshare%26utm_campaign%3Darticle%20par%20%40AgatheSeppey

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses%3Futm_source%3Dlinkedin%26utm_medium%3Dshare%26utm_campaign%3Darticle&mini=true&title=Des%20centaines%20de%20millions%20de%20dollars%20d%C3%A9tourn%C3%A9s%20au%20Liban%20auraient%20atterri%20dans%20des%20banques%20suisses&summary=Le%20directeur%20de%20la%20Banque%20du%20Liban%2C%20Riad%20Salameh%2C%20est%20accus%C3%A9%20de%20blanchiment%20d%E2%80%99argent.%20La%20grande%20partie%20des%20300%20%C3%A0%20500%C2%A0millions%20de%20dollars%20d%C3%A9tourn%C3%A9s%20auraient%20%C3%A9t%C3%A9%20transf%C3%A9r%C3%A9s%20en%20Suisse%2C%20sur%20les%20comptes%20de%20douze%20banques%2C%20r%C3%A9v%C3%A8le%20la%20%C2%ABSonntagsZeitung%C2%BB&source=Le%20Temps

Search URL Search Domain Scan URL

URL: https://us5.campaign-archive.com/?u=935318f4cb8cfdc02fc8eaae2&id=eff46aa799

Search URL Search Domain Scan URL

URL: https://www.tagesanzeiger.ch/fluchtgelder-des-libanesischen-notenbankchefs-landeten-in-der-schweiz-687762220508
Title: SonntagsZeitung

Search URL Search Domain Scan URL

URL: https://assets.letemps.ch/sites/default/files/styles/original/public/media/2023/02/26/ebc7e5e_20230223150445571.jpg?itok=oLB58lZb
Title: Riad Salameh, gouverneur de la Banque du Liban, inculpé pour corruption le 23 février 2023, ici en conférence de presse à Beyrouth en 2019. © Hussein Malla / keystone-sda.ch

Search URL Search Domain Scan URL

URL: https://www.facebook.com/letemps.ch
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/letemps
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/letemps.ch/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/le-temps/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/letemps
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@letemps
Title: TikTok

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-atterrissent-banques-suisses HTTP 301
https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://secure.adnxs.com/px?id=922698&seg=10587633&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D922698%26seg%3D10587633%26t%3D1

Request Chain 89

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1163156&time=1677513556698&url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1163156%26time%3D1677513556698%26url%3Dhttps%253A%252F%252Fwww.letemps.ch%252Feconomie%252Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1163156&time=1677513556698&url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1163156&time=1677513556698&url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&liSync=true&e_ipv6=AQL184z4-4nb0wAAAYaTmYSqTr3wi89CoFXcJO1GW9gf50kW5_K6gtKrqL9gZe6djdexl5oEdldtbw

Request Chain 121

https://gum.criteo.com/sid/json?origin=onetag&domain=letemps.ch&sn=ChromeSyncframe&so=0&topUrl=www.letemps.ch&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=bSAn8nw5TDl6SjJxQ2ZQRzA1aU1hcC9jVmtNbGd2WU8vVG4xa2Q4N0lSSG4wbWJwajBNTkwzOVJBd3Vaamorb25Xb1NVdUk1bXpvR2dzWDQyTzFBMDlRMFVOeUwyaEVxVXQ4QjhTMUpzSnhSWGU0dHZKQzVQMTNHaW5hN1BIeUwwOFBENTQrbEpmU2ZSWGJqb1lXdTM4Mnk5TDlhK25LOE1yMmY1OWxHVEwvYjgybFF3RlpPdUN5eUh5ZzBkS2JsbnpTNFhMT29vQXVqVTZKc21UQUhJSmtNaXV6N2tKZ2tHMUowTjNlV1VpaTlodkNVMWZEZzZPZi9HakxSMnYvWm1CWHFUZ3RTMDBlNnRwVjBMc2ZEOEpLTTZudz09fA&cppv=2

Request Chain 134

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-qcpaKlOWHtFbSIg5Bbj0lBmLDUKDzzFtZKzkRw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qcpaKlOWHtFbSIg5Bbj0lBmLDUKDzzFtZKzkRw&expires=30

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-cLr5VFOWHtFbSIg5Bbj0lBmLDUK_7LrUXW4eYA&google_cm&google_hm=ay1jTHI1VkZPV0h0RmJTSWc1QmJqMGxCbUxEVUtfN0xyVVhXNGVZQQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-cLr5VFOWHtFbSIg5Bbj0lBmLDUK_7LrUXW4eYA&google_cm=&google_hm=ay1jTHI1VkZPV0h0RmJTSWc1QmJqMGxCbUxEVUtfN0xyVVhXNGVZQQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-cLr5VFOWHtFbSIg5Bbj0lBmLDUK_7LrUXW4eYA&google_gid=CAESEKewMDQit6Yr4znQc9GluQk&google_cver=1&google_ula=913071,0 HTTP 302
https://widget.eu.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-cLr5VFOWHtFbSIg5Bbj0lBmLDUK_7LrUXW4eYA&google_gid=CAESEKewMDQit6Yr4znQc9GluQk&google_cver=1&google_ula=913071,0

Request Chain 136

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2837747298672264706 HTTP 302
https://widget.eu.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2837747298672264706

Request Chain 144

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JiIok1OWHtFbSIg5Bbj0lBmLDUJdbvLKssxAMQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JiIok1OWHtFbSIg5Bbj0lBmLDUJdbvLKssxAMQ&verify=true

Request Chain 148

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Lde4slOWHtFbSIg5Bbj0lBmLDULY-hXrzg7vBA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Lde4slOWHtFbSIg5Bbj0lBmLDULY-hXrzg7vBA&C=1

Request Chain 149

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=xwSPLpeqzIg5o8MjaIJ_UQcFUaNx9u8B HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=xwSPLpeqzIg5o8MjaIJ_UQcFUaNx9u8B

Request Chain 151

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-KOf4M1OWHtFbSIg5Bbj0lBmLDUKsSrrEAvyHaw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-KOf4M1OWHtFbSIg5Bbj0lBmLDUKsSrrEAvyHaw

Request Chain 171

https://gum.criteo.com/sid/json?origin=publishertagids&domain=letemps.ch&sn=ChromeSyncframe&so=3&topUrl=www.letemps.ch&bundle=OJjGZF9kcUYwYnoxODVUMmg1U3J5dXVHdHclMkZFNVJyc3FhN0hqcWdXMGZhV2pNSUxnRnA1NHJYNmlvcCUyRlJNRjVXbmdjNVZldXU2SVdTTGVIUXR1a21qY2QlMkZYaE51MXNHN0xrbGQlMkZkR1ZERG5CVHZ6bGhoWGw1MFFVNGRUa3FIOEVWMENsTGVYZGw0TFQlMkYzUW5DSzhDM1dXSVd3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=DIyvb3xoVzJlRjgrSGNSMUg3Ylg5QldnUStrTnloc0VIR0ltOHd2ODZKQjBLQSszeTlJSW8wQzZOUGtRckN5OHo0ZTdZeEFXYjhJT2dzMnBiR3l6SG5pTmdid3JnZ2ZtRi8yczg5YzZjcTBXb1YxS3FwMUtudDkzb2t3TlBORk5HQllzeTlna0NYY203MkZrOFdsZjZrcTl3TU41NW5LcXl3ZGRNZ1dMY3Zqc2tlK1VySERRZFJOZXlibkc4QWJ0V2E2RVJWdkhpc3lXMTRFdEV6ODRicCtxbU5LMzlGbHE4RXp5dmJ0ZVlDd2lBOW0yY2ljLzdzTHl2VnEvb1V3Z2hicUZmUnZNQTZjRCs1SjBDVTVRaHo4bVdBVEd2ZXdQZmV2MjhURmNZNHRLd0J3cz18&cppv=2

Request Chain 173

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=gblCOvFZR-zj9L-xqKQ36IkcKfzVxfst

Request Chain 180

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&rid=esp&cc=1

Request Chain 185

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=lNhvQ3uEIQ4WDp4LIF16c6T0aO6pik9d

189 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses Show response
www.letemps.ch/economie/
Redirect Chain

https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-atterrissent-banques-suisses
https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

66 KB
15 KB

7ms
7ms

Document
text/html

151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6debbfac41e6ca7b6a060f666f15356cf683a7b14a46d84c3a6fd4e1f93e5fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 635
cache-control: max-age=86400, public
content-encoding: gzip
content-language: fr
content-length: 15370
content-type: text/html; charset=UTF-8
date: Mon, 27 Feb 2023 15:59:14 GMT
etag: "1677512853"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Mon, 27 Feb 2023 15:47:33 GMT
link: <https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses>; rel="canonical" <https://www.letemps.ch/node/1361205>; rel="shortlink" <https://assets.letemps.ch>; rel=dns-prefetch, <https://assets.letemps.ch>; rel=preconnect, <https://www.google-analytics.com>; rel=dns-prefetch, <https://www.google-analytics.com>; rel=preconnect, <https://secure.adnxs.com>; rel=dns-prefetch, <https://secure.adnxs.com>; rel=preconnect, <https://ib.adnxs.com>; rel=dns-prefetch, <https://ib.adnxs.com>; rel=preconnect, <https://s.ytimg.com>; rel=dns-prefetch, <https://s.ytimg.com>; rel=preconnect, <https://www.gstatic.com>; rel=dns-prefetch, <https://www.gstatic.com>; rel=preconnect, <https://experience.tinypass.com>; rel=dns-prefetch, <https://experience.tinypass.com>; rel=preconnect, <https://firestore.googleapis.com>; rel=dns-prefetch, <https://firestore.googleapis.com>; rel=preconnect
permissions-policy: interest-cohort=()
referrer-policy: origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains; preload
traceresponse: 00-1747b91cbeaf0dc8614319c9a7efb555-476195e932340678-00
vary: Cookie, Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-drupal-cache: HIT
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-platform-server: i-d8ca4e65
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1677513554.421147,VS0,VE1
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
age: 25088
content-language: fr
content-length: 674
content-type: text/html; charset=UTF-8
date: Mon, 27 Feb 2023 15:59:14 GMT
link: <https://assets.letemps.ch>; rel=dns-prefetch, <https://assets.letemps.ch>; rel=preconnect, <https://www.google-analytics.com>; rel=dns-prefetch, <https://www.google-analytics.com>; rel=preconnect, <https://secure.adnxs.com>; rel=dns-prefetch, <https://secure.adnxs.com>; rel=preconnect, <https://ib.adnxs.com>; rel=dns-prefetch, <https://ib.adnxs.com>; rel=preconnect, <https://s.ytimg.com>; rel=dns-prefetch, <https://s.ytimg.com>; rel=preconnect, <https://www.gstatic.com>; rel=dns-prefetch, <https://www.gstatic.com>; rel=preconnect, <https://experience.tinypass.com>; rel=dns-prefetch, <https://experience.tinypass.com>; rel=preconnect, <https://firestore.googleapis.com>; rel=dns-prefetch, <https://firestore.googleapis.com>; rel=preconnect
location: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
permissions-policy: interest-cohort=()
referrer-policy: origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains; preload
traceresponse: 00-1747a2df6ce30cb0f8d3d8f2f7e089e3-0cfa00130550fb53-00
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-drupal-cache: HIT
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-platform-server: i-e1ca4e5c
x-redirect-id: 1780893
x-served-by: cache-fra-eddf8230118-FRA
x-timer: S1677513554.412935,VS0,VE1
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 header.js Show response
adnz.co/ 200 KB
55 KB 1785ms
1753ms Script
application/javascript 2606:4700:20::681a:305
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adnz.co/header.js?adTagId=628

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:305 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5d09a796f39aef13c8611ef6e0c45d201502d0eee6e884bbafb3341f07a18fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 14:59:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrfOlTKAMOJnJFqbdeRKwVFDX%2Bsgr8AoW4zzkrXQ%2BG%2Bh%2FkdHuVIJtjo1ozDX4ljBsn4J7gbY0prvrJ6hBCSa3amzggYVuIt8zAnN0PEd1lOzccHUblly9lN7Y5iRwVRaitKxqV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 7a02206369823666-FRA
access-control-allow-headers: origin, content-type, accept
expires: Mon, 27 Feb 2023 16:19:15 GMT

GET
H2 200 ratio_light.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 30 KB
31 KB 54ms
24ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ratio_light.woff

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5530c956d8793499adff1d37445b95e6a1045dad58684cb183df58b09486e12e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2045383
traceresponse: 00-173fa31c8490332adab215edbe8b1b83-cf8bc481ab16fab8-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31004
pragma: public
last-modified: Tue, 31 Jan 2023 10:02:13 GMT
server: cloudflare
etag: "63d8e725-791c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PILVD4QPWvj6zj4z3n%2BedI2Yqs02iY2AVra5xTBOI4AtchUBVxtBE6lG6VjqIhOoxxzsoyiOf6SklnGIjO8BZ2tgMEYe9OO2SfUFMF05JClesq81LoslKbdluKiI1zlqoR5B"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220636ef39153-FRA
expires: Thu, 01 Feb 2024 07:35:29 GMT

GET
H2 200 ratio_medium.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 31 KB
32 KB 68ms
38ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ratio_medium.woff

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a39b06cd11337572cc786f9a972faf231667bd41a9eb75cc73a345d93c58e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1985892
traceresponse: 00-173dca9a248e998448b13f6d9aacee5b-3170e6468208b6f1-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32052
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-7d34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1L90q1otvIOUf%2BQGM6xxYsonEcE%2FxAdQTfvqMkxP%2F7h1B9R6XMAf2N4Aw%2F%2BfCFWXoG1oRKl0W%2B1Lvs3I1lF8fEoXmk%2BB4j4V3hVY%2Bni5fwCQZXjvJMN%2FMUYEH5U4%2BU3QEMJl"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220636ef49153-FRA
expires: Fri, 26 Jan 2024 07:16:39 GMT

GET
H2 200 ratio_reg.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 30 KB
31 KB 61ms
31ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ratio_reg.woff

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

026e065a353c0c379f82816badf8e1cc9ed74ad7ee6b75ca2414acba8686812c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1995883
traceresponse: 00-173dcf40a3cb30337c09c7c92bc2e701-c0736ce5f38fc754-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30868
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-7894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNKE1fpqgsLVsPVtuOQcm1IBs9%2FZhaKEsk4J%2Bwt5jqrZWO45FOMGJByAbaz5N50lk%2FzlIgVt3xU0wUbJyVmyrONrUtO3%2F5vcMNtauqyHHxMEhAZtrsM8jqZV%2BZNuzU57BWgu"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220636ef79153-FRA
expires: Fri, 26 Jan 2024 08:41:52 GMT

GET
H2 200 ltpsicon.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 1 KB
2 KB 61ms
31ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ltpsicon.woff

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55eb21a99d7e6234cf00d23bc111f7aa384ec4ee8529f970b0e5f424c1c9173

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1991732
traceresponse: 00-173dd1e813442ac4f9ad86476d2ddc37-0667a8e07578d04e-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1288
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-508"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h58euGDjuYXUptkPBD2LjzbhOAJnYKBj9r6SLMaFNG%2BCTjZVaUq8qWKSLNFLASVkGh4ifvKnVfmSpnU2JPvRPhEPgXJjUsDy%2Fyynx9oNkv2EHXC8CY5TS7ZNwjrnlbSFZKl6"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220636f039153-FRA
expires: Fri, 26 Jan 2024 09:30:31 GMT

GET
H2 200 rooney_light.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 85 KB
86 KB 62ms
32ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/rooney_light.woff

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29756f4cf3499ea436376e92d1648cc1442cccf55e80302603a8340d1cb57eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1985892
traceresponse: 00-173dd1a175384d688a9dafc2d7fe82f4-e4ba41079ec2f86f-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87224
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-154b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nM5R6VsMbuUiZi%2BM7%2BvnDf2kLW3fLewj0NriMhIIyZYPYQvxWneq2BtFuVA3DXag0QNJmOhnTOkghV7SVRCun87y3sGx%2FkAFZEW7dKAfHfaw0Xa%2BaACcZAQ2jYB%2FfYoiPjsy"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220636ef59153-FRA
expires: Fri, 26 Jan 2024 09:25:27 GMT

GET
H2 200 fontawesome-webfont.woff2
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 55 KB
56 KB 68ms
38ms Font
font/woff2 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1995801
traceresponse: 00-173dccde048ac44bb73bde2aaf09d7ce-ab6a7c748f8d8f72-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56780
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-ddcc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJoLg7RxzTpG0zKI0eI607cfARmGJ5VfpC753d%2F3pLMVQuP%2FnoqTae4PC%2Bz7tbOzXUlxirMs1It9cVk09%2B4Qf4xAxpgb01Zqi79h6e%2BxFc7f%2B4Ro3VYFsAXv6fyen3fhMyQg"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220636f049153-FRA
expires: Fri, 26 Jan 2024 07:58:10 GMT

GET
H2 200 ratio_bold.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 31 KB
31 KB 61ms
32ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ratio_bold.woff

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bae8b5a0c5c4551a2534982a41b3e0d7e74011ae232793bf9052eef1b46fe9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1995883
traceresponse: 00-173fa31c826c0b6f43e26ee149341d82-7d2a748ed9d17363-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31632
pragma: public
last-modified: Tue, 31 Jan 2023 10:02:13 GMT
server: cloudflare
etag: "63d8e725-7b90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EkbZr1t0s8qzelLV0y3%2Bwb0u21nYSUhiIbqmLS5j7xWdb1Qtw1GdKR2D1g88hac5mDzJad4GMjcoNvZVXOc%2BwclqosYM4p4pJntFCGbiOxeyfWR%2BET9HiOL9SVaIUTK9VXh"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220636f079153-FRA
expires: Thu, 01 Feb 2024 07:35:29 GMT

GET
H2 200 Tungsten-Medium.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 24 KB
24 KB 66ms
37ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/Tungsten-Medium.woff

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff88aa21fd939084b41073539671782a58674f59f7cfac268e417b6c1cf5a613

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1050124
traceresponse: 00-173fa31c8273316b22b78d83f6c1ead3-19d424d1caeea01e-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24120
pragma: public
last-modified: Tue, 31 Jan 2023 10:02:13 GMT
server: cloudflare
etag: "63d8e725-5e38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDplY%2B8%2FbZprQqze%2BtKoznug%2BEmSpjSodbn3Zz2tHGXRiT0eCUKtFqNwa4RUm6HZgsVVasvR61F18iwjPj6e8i1XJP0nghGkarEjCMsmeeThW8h%2BXf5sSJFDnUwUsHbmp5LR"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220636efc9153-FRA
expires: Thu, 01 Feb 2024 07:35:29 GMT

GET
H2 200 apercu-bold.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 30 KB
30 KB 60ms
31ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/apercu-bold.woff

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2530e230a7e6a615d5b00585f1940c60b8ec153bebf94d3617644ba7de7393c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2276594
traceresponse: 00-173dcce720ae839509c7602bbc577e11-5a18aca7e079a8db-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30824
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-7868"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0SLjk0YITb%2FToRJtcgvrAHs92JrS6pJ%2Bosdh%2FZt0WXG2Xg6BggpGS6VW7K7OTUEK7nIFvx65l0EjjBtFU0OUKTu4jIvUujr9Gq1tkI1DViJEIS6BRgju0xHPIt%2Fykh5sPF1"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220636ef89153-FRA
expires: Fri, 26 Jan 2024 07:58:49 GMT

GET
H2 200 rooney_bold.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 90 KB
90 KB 58ms
30ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/rooney_bold.woff

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42ed8be92d145315eeaefe757f8df99e60e9d851469dd2407b6999324decde87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 506930
traceresponse: 00-173dd1a17da6db45431407cf67408eab-fc365a381fa3d12f-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91692
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-1662c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pwj851kHtjep3ggFCVdL7GiDkwoR7iBG6f2vG4jAkgEk2JY6LYCNvRjdGaDYmeN%2Fiq6ud5p3xBzDiRSXJl%2B7NmNH5AUpN%2Buz8oBf1WKr0e%2FD%2B4GTTTDdkt8dd9q5Ieqn1hkP"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220636f009153-FRA
expires: Fri, 26 Jan 2024 09:25:27 GMT

GET
H2 200 rooney_medium.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 92 KB
92 KB 71ms
43ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/rooney_medium.woff

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65b9da79197ec517159bd5d27e851bb771ac4e3bff21804bdc105b286533ee31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1864904
traceresponse: 00-173dcaba382b739ab70b0f759485c741-3c9ca1d04975953f-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93764
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-16e44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8M2wEwcC0JtshTyzS68axHImT73IF6VcKCn75nSTANeNpnLQAC33Vfqma4SI2fFbaP0cKiy0ABnNdjwymy%2F29dw3Ig0la%2Bt%2FTOplO3PGJohGvvEh%2BbAez9bU9eq8g7kBYIGK"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220636f019153-FRA
expires: Fri, 26 Jan 2024 07:18:57 GMT

GET
H2 200 apercu-light.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 29 KB
30 KB 60ms
32ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/apercu-light.woff

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0321fdbe66e35663c87d556c5712689e1c082f33bb4059c172093f56360b748f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1956473
traceresponse: 00-173fa31c8108a758421191b5f369a5f2-75de389640fb7af9-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29900
pragma: public
last-modified: Tue, 31 Jan 2023 10:02:13 GMT
server: cloudflare
etag: "63d8e725-74cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLTbF%2BKLoOGvN0PIqhKhFteOpoCcYLpOCY6Vg%2BiGHla3sfHi15cKeZUBmsagpGuo4k5Wyvy%2FV%2BFTrW%2FBMx290YkqamFmnzhp%2Bp%2FEebneghCTXgvLmj4ovvsefbhwX0%2FIILT1"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220636efe9153-FRA
expires: Thu, 01 Feb 2024 07:35:29 GMT

GET
H2 200 css_Ycs5n85k-tspLLASRCEHlxS39BuYBCPOHUML1Ts0KY8.css
assets.letemps.ch/sites/default/files/css/ 17 KB
4 KB 50ms
22ms Stylesheet
text/css 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/sites/default/files/css/css_Ycs5n85k-tspLLASRCEHlxS39BuYBCPOHUML1Ts0KY8.css

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd22cf9afa6ac5d0e68c3da1d3bcb05fa209b19e32893f10e487d9682df45979

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8764476
cf-polished: origSize=17574
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 00-16d6e1713ee836eea5088480340aca4d-3c9c304ff42cc6a7-00
pragma: public
cf-bgj: minify
last-modified: Thu, 17 Feb 2022 09:17:09 GMT
server: cloudflare
etag: W/"620e1295-e19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1rOVPU1VOheLwcKU5P%2BDcyPKtE%2Foc2OLqsPg2dbyUF%2BqC90HS15fq9SchRdXPc7k9zWSMlBGxGyA3VVv%2BU5q9gVBu57rd5Kqb5nJgSR3WiwJJY91Qo37HoFPgB6Kaxt6D4e"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a0220636ee79153-FRA
expires: Sat, 25 Feb 2023 00:56:30 GMT

GET
H2 200 css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
assets.letemps.ch/sites/default/files/css/ 300 KB
54 KB 66ms
38ms Stylesheet
text/css 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b7b7967e0884e61a52ef95dd2e53f5a5a05e2e08bd949194c469f8b33d4eedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 979923
traceresponse: 00-17443e6b89833f5350821e63d9cd0b82-e253944c0c31addf-00
cf-polished: origSize=312676
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Thu, 16 Feb 2023 07:46:32 GMT
server: cloudflare
etag: W/"63eddf58-d2f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNMGOLP%2BWH06U0%2FPv%2B69m7Cc5yf8RyKMJ%2BxzhRlCqdWQTeoOKOYIvU%2Ffy6O8HWfjfAoa9fJ1r%2B2TBOH0pFgYSjo2Z4113rZXiBJNsC1dSK7%2BIklCE2ALJ777QlxLj%2BFraISr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a0220636eee9153-FRA
expires: Fri, 16 Feb 2024 07:46:32 GMT

GET
H2 200 css_PdOgPlkBQkY4f_c7R2GQdo8Fsv-dGjIuBZx1ocCspbg.css
assets.letemps.ch/sites/default/files/css/ 39 KB
8 KB 58ms
30ms Stylesheet
text/css 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/sites/default/files/css/css_PdOgPlkBQkY4f_c7R2GQdo8Fsv-dGjIuBZx1ocCspbg.css

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77f8ebf7e6d2ed7168a4d27d884d23e875ea6bd9048b4f3570c88c58e3cb8d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 979890
traceresponse: 00-17443e6bbc407ec4aff5467e003dd2d9-95a7be7b6f0d3458-00
cf-polished: origSize=40769
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Thu, 16 Feb 2023 07:46:33 GMT
server: cloudflare
etag: W/"63eddf59-1c79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIS7dHW1o4ySPoYZh3OhLcKMnpDRzak5GDNEWcIzOiq0KIpkzLxkBb9scXwQup3jp76aR72bJxlm2%2FdpkEbPifFx95FZi%2FfE4h2XEPLlzrYiCjC1kmO16MYV2XlylNh9%2BuDK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a0220636ef29153-FRA
expires: Fri, 16 Feb 2024 07:46:33 GMT

GET
H3 200 logo.svg
assets.letemps.ch/themes/custom/letemps/ 5 KB
2 KB 20ms
19ms Image
image/svg+xml 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.letemps.ch/themes/custom/letemps/logo.svg

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2acfa7732d0e0f783a0538650784e99dd9475f53051485cff2e26689a2f5a8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4663206
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 00-17144aa2d6b03028dba67d6631541224-4bd71091b84eb2eb-00
pragma: public
last-modified: Mon, 05 Sep 2022 11:12:48 GMT
server: cloudflare
etag: W/"6315d9b0-1203"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJGZrQe%2FyN%2BwK2wXPbQjpPESl%2FZIFHaNK9jqPCrKV0LzqTejhGGJtwRJMTpwJLPZFKevtAGPM6swQoWpBnxePcu0XUlrNTwqsyBERxF9GPEo0%2FVci5JButI%2B7ulHeQFAGJXd"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a0220651c312c6d-FRA
expires: Wed, 13 Sep 2023 02:30:25 GMT

GET
H3 200 logo.svg
assets.letemps.ch/themes/custom/letemps/assets/svg/ 5 KB
2 KB 21ms
21ms Image
image/svg+xml 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/svg/logo.svg

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2acfa7732d0e0f783a0538650784e99dd9475f53051485cff2e26689a2f5a8a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2720048
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 00-16d6e23374f9dfd3757ee2d0862c90b5-e74b0344dddcea26-00
pragma: public
last-modified: Thu, 24 Feb 2022 08:19:58 GMT
server: cloudflare
etag: W/"62173fae-1203"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHliOnyvZ6myvQl7ip8s8ZDenTZZX0GD6qqrDaLUvx1d9VQeydiP7xmBd26CogKs381ZJILa3h7W8CqSfRJx1A%2BjrNSE%2F38BnIilsq8eVhmwJtkuN98VHxV4higEXsg8ZP0a"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a0220653c682c6d-FRA
expires: Sat, 25 Feb 2023 01:10:24 GMT

GET
H/1.1 200
OK chart.png
labs.letemps.ch/interactive/_admin/special-banner-icons/ 2 KB
2 KB 70ms
16ms Image
image/png 46.101.124.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://labs.letemps.ch/interactive/_admin/special-banner-icons/chart.png

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.101.124.83 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

aa7e1471bee855e8d86cc427d24a5d5d430d516eb0bf916378d7b0bbdd8bdfce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 15:59:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: upgrade-insecure-requests
Last-Modified: Wed, 21 Apr 2021 12:27:25 GMT
Server: nginx
ETag: "60801a2d-827"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2087
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK coins-hand.png
labs.letemps.ch/interactive/_admin/special-banner-icons/ 6 KB
6 KB 13ms
13ms Image
image/png 46.101.124.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://labs.letemps.ch/interactive/_admin/special-banner-icons/coins-hand.png

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.101.124.83 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8799e74984b6c3fb4aba50dfa8065aaa605653e5719105c5f9ad1eb69ac4c3f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 15:59:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: upgrade-insecure-requests
Last-Modified: Thu, 07 Apr 2022 07:36:44 GMT
Server: nginx
ETag: "624e948c-1612"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5650
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK coins-swiss.png
labs.letemps.ch/interactive/_admin/special-banner-icons/ 5 KB
5 KB 13ms
13ms Image
image/png 46.101.124.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://labs.letemps.ch/interactive/_admin/special-banner-icons/coins-swiss.png

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.101.124.83 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

1383bd82b082b046773ad5208cae31101c4bfc03949c0556ef12f918b80625f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 15:59:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: upgrade-insecure-requests
Last-Modified: Thu, 07 Apr 2022 07:36:44 GMT
Server: nginx
ETag: "624e948c-1390"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5008
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK job.png
labs.letemps.ch/interactive/_admin/special-banner-icons/ 4 KB
5 KB 13ms
13ms Image
image/png 46.101.124.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://labs.letemps.ch/interactive/_admin/special-banner-icons/job.png

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.101.124.83 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

33ff7f6b18a2f1c4a8b9c79722d096b5486c90ae44f23c6b8e5bbaa52c441e71

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 15:59:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: upgrade-insecure-requests
Last-Modified: Thu, 07 Apr 2022 07:36:44 GMT
Server: nginx
ETag: "624e948c-10a6"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4262
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK suitcase.png
labs.letemps.ch/interactive/_admin/special-banner-icons/ 3 KB
4 KB 15ms
14ms Image
image/png 46.101.124.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://labs.letemps.ch/interactive/_admin/special-banner-icons/suitcase.png

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.101.124.83 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8b6ee9afb49bcf7b733959d941d840a25f525b8b95d9ebdb90925a94cd2754fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 15:59:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: upgrade-insecure-requests
Last-Modified: Thu, 07 Apr 2022 07:36:44 GMT
Server: nginx
ETag: "624e948c-d07"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3335
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js_bX90vNEq7hSu2n0zv231hOqj8YVlT-jpOVUuCw8p-9g.js Show response
assets.letemps.ch/sites/default/files/js/ 129 KB
46 KB 26ms
25ms Script
application/javascript 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/sites/default/files/js/js_bX90vNEq7hSu2n0zv231hOqj8YVlT-jpOVUuCw8p-9g.js

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a386bb743ababcb43b67e47a9ca843cc313c8baee1ddc47d224ca59cf47bee19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4857405
traceresponse: 00-173677e440b3cead44cf022d9b22a4ad-806787e02bcd07ed-00
cf-polished: origSize=136421
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 02 Jan 2023 10:42:13 GMT
server: cloudflare
etag: W/"63b2b505-b670"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UnsBsJdnobt8r0iPLJEEpi2zytvUfP8w3AK9twwzmRJ%2Bc%2BGs6YsvKpdbqh8cmQWgL%2FgCmEerAnsPTRaaHqQBO6WaBmrYUFNu31xrZJ0zv1BXz8yodUWfWxzFIF8MXSrFPQk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a022063cfdd9153-FRA
expires: Tue, 02 Jan 2024 10:42:13 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.2.10/ 20 KB
7 KB 74ms
17ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.2.10/firebase-app.js

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9744336b70c6f9991d4dc09a826827ba40ef82dead84545dbb7cf902aea80363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 00:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6528
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 21:24:19 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 00:51:33 GMT

GET
H3 200 js_euOzOxjhc0MozlsWtNE9KTX_iPoYi6HZBLSlzcVEEuI.js Show response
assets.letemps.ch/sites/default/files/js/ 12 KB
6 KB 33ms
33ms Script
application/javascript 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/sites/default/files/js/js_euOzOxjhc0MozlsWtNE9KTX_iPoYi6HZBLSlzcVEEuI.js

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34ff407dd685b716e5f2b9c93e2509c3880e2ece2f091aad1b9cc1ad7f28bbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4710954
traceresponse: 00-173084bf6c11afe16b770f06349b185a-0112146f6effed59-00
cf-polished: origSize=11809
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Wed, 30 Nov 2022 13:36:13 GMT
server: cloudflare
etag: W/"63875c4d-1436"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iy15Me4RmDTZ9sd%2BFhcumkAHK2ay3Ba9TZsWQznqQgzfWigkbXXQUzJGaEMG7Dz7QC2ke8yeJ%2FAp2hJVNxoeuSEcvpaOT3OcUKuPWrBJ%2BD3khSNnaKBdlRNGj8gzf%2BJ7D0kQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a0220647ae52c6d-FRA
expires: Thu, 14 Dec 2023 01:30:19 GMT

GET
H2 200 firebase-performance.js Show response
www.gstatic.com/firebasejs/8.2.10/ 38 KB
12 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.2.10/firebase-performance.js

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c73d8ed60046aed678ea5a4afa4eaa3c70f0e274c50c72f6816c6bacb14b252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 09:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11667
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 21:24:17 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 09:59:48 GMT

GET
H3 200 js_S4m0rYmTR7RaGNk3Qthp4fyBvGiI6lmoh79C-XhMP4U.js Show response
assets.letemps.ch/sites/default/files/js/ 169 KB
52 KB 25ms
25ms Script
application/javascript 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/sites/default/files/js/js_S4m0rYmTR7RaGNk3Qthp4fyBvGiI6lmoh79C-XhMP4U.js

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

255b44a09bc6cf96e5aca9d87f9bfdf4a751434620afc36bcf378dc6a5822cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4069988
traceresponse: 00-173941c8e7acfb923e6ea153a8d17b7f-bb7b5cd799a9af8c-00
cf-polished: origSize=207774
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Wed, 11 Jan 2023 12:44:26 GMT
server: cloudflare
etag: W/"63beaf2a-e13c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2F3qGuyq%2FzJR5xIy8UGVUDBMMPkCHwLbN2xiAiqZPxP6kgRc%2BuQsYnXInrtnczjD6E5qhwd18NcOygKrP8NK0ZUrVMW0qUSwDwzESYjr2AYoUBKQ%2F%2F%2F%2BvTjNYdeChkHr2jqd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a022064dbc42c6d-FRA
expires: Thu, 11 Jan 2024 12:44:27 GMT

GET
H3 200 adblock.js Show response
assets.letemps.ch/modules/custom/factory_piano/js/ 0
615 B 27ms
27ms Script
application/javascript 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/modules/custom/factory_piano/js/adblock.js

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2043852
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 00-16d6bf3742e6a82424f3227c457a870d-91e555212e212f63-00
pragma: public
cf-bgj: minify
last-modified: Thu, 24 Feb 2022 08:19:58 GMT
server: cloudflare
etag: "62173fae-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2YwN9Lfc9xh3fd%2BqDNckqQ8IjgeH0j3VqPo35VDVUmCezmSV%2Bo0GjVUP7yboStKGR2IvkD5cregHSp%2BwpDh8EolMO1gVCW9qkawlLl0y5B4m7GjYcnvpMn3N1PqCI0zAbAy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220662e312c6d-FRA
expires: Fri, 24 Feb 2023 14:29:17 GMT

GET
H2 200 publisher.js Show response
adnz.co/dmp/ 73 KB
22 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:305
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adnz.co/dmp/publisher.js

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:305 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5599c90089f624e931b62e736d3d8d5026e3303b92e76fb17d0030c8b905c2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000beabfa239eb98b2d-0063f338f5-10d3f16-default
age: 1397
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Feb 2023 13:12:16 GMT
server: cloudflare
etag: W/"3e1c9b1599a628b70eed6af1c8013e6e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2h%2BGXyL6TekwZovNz%2FxwsqfS%2FT6tP6aAfHs0C3QDy%2B5PtNTxs2Mt9qFxnaT9CQCjT%2BH%2FuFmkx0hbVkheTM9PaxsIkbXZsToSzKTM5nBzKT5KuO7SjeeE2aZtAyRBTHEUs9Hpw4c%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
x-rgw-object-type: Normal
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 7a02206e7d813666-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With

GET
H2 200 country Show response
api.adnz.co/api/ws-geodata/ 2 B
367 B 23ms
22ms XHR
application/json 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-geodata/country
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9685eb765661ea3b95f31e1bb3c3b5501d0c2acdf353feeaa4d8fe32f95f77fb

Request headers

Accept: application/json
Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYjDyqmMOS%2B6fZRUFvJF15QsIzsRjWCnWOU%2BxnSAD8frG%2BZFBLnVWo96wBkSBzs4HAvMvQugpX481XgrM1VraDpchfQYEjr6cvT2aa67PuXn%2Fbq%2BrjbTLIhkJn9LAO%2FvnBlQQJLLc4Qk"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.letemps.ch
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 7a02206fae5e9a30-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 336 KB
98 KB 156ms
47ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQ2B8Q&gtm_auth=sKZomKq03sHB6_8jV7eDMQ&gtm_preview=env-50&gtm_cookies_win=x

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1514e51d01107fe7f5a0f5ea4ea001284a367340e707988a7aed700b24453327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99418
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Feb 2023 15:59:16 GMT

GET
H2 200 sdk.js Show response
forecast.letemps.ch/ 134 KB
47 KB 194ms
8ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://forecast.letemps.ch/sdk.js

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

40caf7b3bdd5fab3111b4a06599b18e3f447038ddadbf86e8ca0a3982825d7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 6
date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=300
age: 214
x-cache: HIT
content-length: 47412
x-served-by: cache-fra-eddf8230127-FRA
last-modified: Thu, 16 Feb 2023 09:26:31 GMT
server: nginx/1.14.0 (Ubuntu)
x-timer: S1677513556.435127,VS0,VE0
etag: W/"63edf6c7-21981"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 16 Feb 2023 09:57:20 GMT

GET
H3 200 css_ycgHj6RTIainQtO9OSTC1N7BTkY1VcL_Txgi6EFlL2E.css
assets.letemps.ch/sites/default/files/css/ 4 KB
2 KB 24ms
23ms Stylesheet
text/css 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/sites/default/files/css/css_ycgHj6RTIainQtO9OSTC1N7BTkY1VcL_Txgi6EFlL2E.css

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86f60c52f5606ce7c5399af09cdad319ebd979af0dbc32a6ba50445d2dbcde3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4710956
cf-polished: origSize=4328
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 00-16cd1ee0460fbaf76eac78c77e28012b-7166e338be541c69-00
pragma: public
cf-bgj: minify
last-modified: Wed, 12 Jan 2022 10:39:27 GMT
server: cloudflare
etag: W/"61deafdf-4d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuOc5HYAEsv%2BkBJ5llMqdPvR0CUv53X480%2BZuVSa9Mh9Cx0HFc869f1vg4lbM21706df7lQotmN4ubyuKidWiXfjKy4eypJeFKRBHGwNvMjcxTxKbW1nJdlktpOITZ2nTSz7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a02206e8dd62c6d-FRA
expires: Tue, 24 Jan 2023 05:49:47 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
2 KB 126ms
22ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=w4zNYLIkAY

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dacf57da61a66359a972609f2aa2a29ae09563c154f3be160bc12d8c8c7ff907

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Feb 2023 15:26:02 GMT
server: cloudflare
age: 1994
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 7a02206f3dfe3671-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 5zfvjf9uz2
expires: Mon, 27 Feb 2023 16:29:16 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 ip Show response
www.letemps.ch/api/access/ 16 B
1 KB 37ms
37ms XHR
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.letemps.ch/api/access/ip

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/js/js_bX90vNEq7hSu2n0zv231hOqj8YVlT-jpOVUuCw8p-9g.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 19 Nov 1978 05:00:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
date: Mon, 27 Feb 2023 15:59:16 GMT
x-content-type-options: nosniff
x-platform-server: i-e1ca4e5c
via: 1.1 varnish
traceresponse: 00-1747b9b10af19104ece568e3f98cc33d-3e2864f1c16e0296-00
x-cache: MISS
content-length: 16
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-served-by: cache-fra-eddf8230118-FRA
referrer-policy: origin-when-cross-origin
server: nginx
x-timer: S1677513556.263139,VS0,VE30
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-language: fr
content-type: application/json
x-generator: Drupal 9 (https://www.drupal.org)
cache-control: must-revalidate, no-cache, private
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: interest-cohort=()
accept-ranges: bytes
link: <https://assets.letemps.ch>; rel=dns-prefetch, <https://assets.letemps.ch>; rel=preconnect, <https://www.google-analytics.com>; rel=dns-prefetch, <https://www.google-analytics.com>; rel=preconnect, <https://secure.adnxs.com>; rel=dns-prefetch, <https://secure.adnxs.com>; rel=preconnect, <https://ib.adnxs.com>; rel=dns-prefetch, <https://ib.adnxs.com>; rel=preconnect, <https://s.ytimg.com>; rel=dns-prefetch, <https://s.ytimg.com>; rel=preconnect, <https://www.gstatic.com>; rel=dns-prefetch, <https://www.gstatic.com>; rel=preconnect, <https://experience.tinypass.com>; rel=dns-prefetch, <https://experience.tinypass.com>; rel=preconnect, <https://firestore.googleapis.com>; rel=dns-prefetch, <https://firestore.googleapis.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 91ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/js/js_S4m0rYmTR7RaGNk3Qthp4fyBvGiI6lmoh79C-XhMP4U.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ef364b9f6eadc0e071de194510bf707fce7994c6b64cd550930e5aff1fad121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 15:59:16 GMT
content-md5: 0Eb+HR1mAxNOor3f/2mwdw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 84p0FAANqRIOBKeLF6QNc6bNyLtRaSnIjarpY2r8MCFGVqou+0+hiv43vs/8IoW2Rw36rryJN4D60e/P+RrpEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 74842b0ddb9e6fbda5d12e03412684cc
cross-origin-opener-policy: same-origin-allow-popups
etag: "c232e00188b1a418b8fbdb3e35cd6a54"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 27 Feb 2023 16:15:27 GMT

GET
H3 200 ratio_light.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 30 KB
31 KB 59ms
49ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ratio_light.woff

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5530c956d8793499adff1d37445b95e6a1045dad58684cb183df58b09486e12e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2267624
traceresponse: 00-173fa41fc4265f16535e5bb6abd5c367-259076f01528d1e4-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31004
pragma: public
last-modified: Tue, 31 Jan 2023 10:02:13 GMT
server: cloudflare
etag: "63d8e725-791c"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2Bal%2FErwf1sVlGRhxOUuaR8KDUYVQNmZl97IJI3LaiKBEpe0WTBAMy30E35SDGP962pCoZUSvG9eCMR6WoqxbCqcoSMDmwz8Fs4XkY2rqhnMCZiy0c35cLO9wxjBB3c89d2p"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec89230c4-FRA
expires: Thu, 01 Feb 2024 07:54:02 GMT

GET
H3 200 ratio_reg.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 30 KB
31 KB 57ms
47ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ratio_reg.woff

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

026e065a353c0c379f82816badf8e1cc9ed74ad7ee6b75ca2414acba8686812c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2267624
traceresponse: 00-173dd0568f964dc43302860a102d8e20-796be8c52779bb1f-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30868
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-7894"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CV3MEGEb7AjewkicS69gnalrd%2FLxjMtE9EnZpI09ZMBJxuWONpcVg2nUQQ5YYJOsjjhNRp%2BIL2WbwAYIyfh8T4YnbpJfHK1EF1OYSEysn%2BZUsx3y3X1V5SweOGvBZ7Z46NfL"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec89130c4-FRA
expires: Fri, 26 Jan 2024 09:01:46 GMT

GET
H3 200 ltpsicon.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 1 KB
2 KB 59ms
49ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ltpsicon.woff

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55eb21a99d7e6234cf00d23bc111f7aa384ec4ee8529f970b0e5f424c1c9173

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2267590
traceresponse: 00-173dd1d0d7d14c9e909b02e30a9c3c17-efc7464b9f97245e-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1288
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-508"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ywy0wpVnRhs572gx8SOJCPQTizahfhPS0Hs08ca9o%2F6n0RtvUx7lQqCdAXRvos0jdO%2FvcRDa6PNOu6JLsEU6TSGsW81OkLaxToU2ZMFG3zCSw5pHQ8j09Qn7ouW2dbHDnnUe"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec89430c4-FRA
expires: Fri, 26 Jan 2024 09:28:51 GMT

GET
H3 200 ratio_medium.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 31 KB
32 KB 37ms
28ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ratio_medium.woff

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a39b06cd11337572cc786f9a972faf231667bd41a9eb75cc73a345d93c58e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 294413
traceresponse: 00-174078e322f4821c0411e2e51c7d2f0d-45b6be398574539e-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32052
pragma: public
last-modified: Tue, 31 Jan 2023 10:02:13 GMT
server: cloudflare
etag: "63d8e725-7d34"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPswfDlPOu7%2BCJxS4unTh4DT03jSYwJRPrwrNgp9Fw1UJnGxPIIR3j8mJ8ZbZK8T7SaYEqnWRpiqTNLei9LdYhEZ%2B%2BDaVJS65XCGRf4QuGhp42yTlxKA7YddjIjOjvYlW7g0"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec88b30c4-FRA
expires: Sun, 04 Feb 2024 00:52:58 GMT

GET
H3 200 fontawesome-webfont.woff2
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 55 KB
56 KB 45ms
36ms Font
font/woff2 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 294413
traceresponse: 00-173dcd13297cfceb65a488a81b334398-9a769868b208868f-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56780
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-ddcc"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAhZnJmYDec9V%2FZTHaFGQpyfK%2Bhzvdf29EqvPaQ2IyvObG%2Bs7uMCytfVSa4dqLmzV8LQKG3JibeaXB5QHBUZQbOm5DTOYdmNmZC1%2BJdiUaOaFXy6mkfDCSDHucKSGDOhNA1P"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec88c30c4-FRA
expires: Fri, 26 Jan 2024 08:01:58 GMT

GET
H3 200 apercu-bold.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 30 KB
31 KB 52ms
43ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/apercu-bold.woff

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2530e230a7e6a615d5b00585f1940c60b8ec153bebf94d3617644ba7de7393c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2267471
traceresponse: 00-173efd48a67c45c561db07e72dc97f1c-bc0398ad0b14d644-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30824
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-7868"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEGSjdrg19QtQuWDwKMYpcNRNmwuldH5M5HqX4f3uKhsg82zkhtesToYXP9wSTzHnTj0PgzoY8EvDnZ4Ica7FSJ4DglFCumGl2V7Vu4KtSRr4Y89PrF0P31ddcyTtflG1vjZ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec88e30c4-FRA
expires: Tue, 30 Jan 2024 04:56:39 GMT

GET
H3 200 apercu-regular.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 30 KB
31 KB 55ms
46ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/apercu-regular.woff

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6192aba6005755c411f1f90baed93b9796c57e24c028bdcc67a00018c612359

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2268685
traceresponse: 00-173fa319af58920bbffafc33ba35ca28-fec2947a3f0ad7c2-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30760
pragma: public
last-modified: Tue, 31 Jan 2023 10:02:13 GMT
server: cloudflare
etag: "63d8e725-7828"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irAObiwMhLtH4JjTRvopb45iLmnBiWGOzzZKLdFRGMh7CtKzDYf9zuj0wgiclmNJ%2FZ3yB2gr7A0nelf0EmpFCGDqNr702s08PiHa%2F%2B5Y7gPyMzNYYicq5sQzKrUuy5rZvSBx"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec88f30c4-FRA
expires: Thu, 01 Feb 2024 07:35:17 GMT

GET
H3 200 ratio_bold.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 31 KB
32 KB 56ms
47ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ratio_bold.woff

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bae8b5a0c5c4551a2534982a41b3e0d7e74011ae232793bf9052eef1b46fe9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2267590
traceresponse: 00-173fa37a47ce25355c1ebea0c6671a61-554ef8c7e756ff02-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31632
pragma: public
last-modified: Tue, 31 Jan 2023 10:02:13 GMT
server: cloudflare
etag: "63d8e725-7b90"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyP0KHZjgdrpnnwmI9kGAjS9WpPZL0dEjEh7iydS31X0b9Gs1y5hfvN1%2BPELXLpoNx2WQhFHWsTaZ8lq2Pclz60xes%2BLX9TjW8TBSR9Bqz%2F8AuI2mr4vRLdH%2Bc%2BVt1Boboos"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec89030c4-FRA
expires: Thu, 01 Feb 2024 07:42:11 GMT

GET
H3 200 rooney_light.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 85 KB
86 KB 43ms
34ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/rooney_light.woff

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29756f4cf3499ea436376e92d1648cc1442cccf55e80302603a8340d1cb57eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2267590
traceresponse: 00-173dd1d0d954e8f0210b2f051075ab8a-f93c561d26810567-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87224
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-154b8"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLVSrj%2FzdLBAYqJjSgFvzYlX9ui5Uc%2BN0mQcgB6wOTHIcKSq8b5aHtQ84lrcB8GljEqXETOeCgJgIdLa9mO%2FuvMf5DISb%2B47EEYELnkA3GYZRKITeg1yfzK8ISqEqs4S6AA7"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec89530c4-FRA
expires: Fri, 26 Jan 2024 09:28:51 GMT

GET
H3 200 apercu-light.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 29 KB
30 KB 31ms
22ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/apercu-light.woff

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0321fdbe66e35663c87d556c5712689e1c082f33bb4059c172093f56360b748f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 988781
traceresponse: 00-173fa455585f1fa87cc70ee3b7de3e45-0644f10791f38319-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29900
pragma: public
last-modified: Tue, 31 Jan 2023 10:02:13 GMT
server: cloudflare
etag: "63d8e725-74cc"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnyRTlfnZDI74XEH4PDFwLTu%2BwwaKRoKmfli17ewImJB177ZZcGzImQmVCk3Pm8D6fMkVY1BMbdBPBBqikQFGP7LRVkwBeHcu4PfAAfi1IRPF71Zqcd2PHnCMKVg6nxwJPko"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec89630c4-FRA
expires: Thu, 01 Feb 2024 07:57:52 GMT

GET
H3 200 rooney_bold.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 90 KB
90 KB 62ms
53ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/rooney_bold.woff

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42ed8be92d145315eeaefe757f8df99e60e9d851469dd2407b6999324decde87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2267651
traceresponse: 00-173dd1d0d725c131e489c1561a1cbd68-42286e90db11b137-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91692
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: "63beaed3-1662c"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSgfL7WkRWryEFgRHnNre2dcdCO9pqU8Kus%2F1o5NkVHQ68GEjPOVCC4vy6xfZivL5DeiFzFBjB45YQZlPbRZweuYk92IN0RB2LAToNpTTphTfenQH2uuvTbhaMNaHgbgsr0C"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec89830c4-FRA
expires: Fri, 26 Jan 2024 09:28:51 GMT

GET
H3 200 rooney_medium.woff
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 92 KB
92 KB 64ms
56ms Font
font/woff 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/rooney_medium.woff

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65b9da79197ec517159bd5d27e851bb771ac4e3bff21804bdc105b286533ee31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2201654
traceresponse: 00-173f4f1b46b431a50ebae0d43c792c76-ce77de967a603827-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93764
pragma: public
last-modified: Mon, 30 Jan 2023 09:08:02 GMT
server: cloudflare
etag: "63d788f2-16e44"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnWykBqGO%2FlauBx06r8Crae3PHMFAiHeafEPDIxdSGur4scf5ATo%2FpM0bsYywwGEijMO90WwqLMe2OkrYkoly9QO%2FTeFcffj%2FIx5HEI1Tdv4vRnYKMjak3OU%2BgsxJZobGd0d"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec89a30c4-FRA
expires: Wed, 31 Jan 2024 05:56:04 GMT

GET
H3 200 bebasneue-regular.woff2
assets.letemps.ch/themes/custom/letemps/assets/fonts/ 16 KB
16 KB 66ms
57ms Font
font/woff2 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/fonts/bebasneue-regular.woff2

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

108c39b62060a201f4105239f8da0f7adc7e311458af736fcb9a403aa2ce36de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://assets.letemps.ch/sites/default/files/css/css_J_04OJa3hQBTI7poTVKLXAo_tsBtZ4rx4_PNANsSPKc.css
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2268033
traceresponse: 00-173fa319c01886f36de93c5f99987370-f72428ff4ed64995-00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16024
pragma: public
last-modified: Tue, 31 Jan 2023 10:02:13 GMT
server: cloudflare
etag: "63d8e725-3e98"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tBNphrr6o4I7PXi0opKwcuys0nLYyOGuhNENDc8Ic%2BVsKzZZfVyf1J34R4AvoNxlK9yoiB7bfOFK2%2BExXHYfLtUPCVSMvVKw4Zs90FAwFt%2BMq43our5iOr3LHl84275QJBk"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206ec89b30c4-FRA
expires: Thu, 01 Feb 2024 07:35:17 GMT

GET
H3 200 lazysizes.min.js Show response
assets.letemps.ch/libraries/lazysizes/ 7 KB
4 KB 21ms
20ms Script
application/javascript 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/libraries/lazysizes/lazysizes.min.js

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/js/js_S4m0rYmTR7RaGNk3Qthp4fyBvGiI6lmoh79C-XhMP4U.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2715201
traceresponse: 00-173d7cb4ffe3e946029ac7e01e4a6ea8-9e3258a46e87d458-00
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: W/"63beaed3-1c43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZnoT1WupPx8qElVLQ32p0eKAzE4IuVPohQiKJjpTYDt2NSofZa5pFesdMeWvP1q8NWYo%2BiA3udVo9zsCQXOxsaIM%2BitAPvVhTt9yT5J%2FMeSSuliHPTZL9UHQdUq3W1HP4p%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a02206f1ee82c6d-FRA
expires: Thu, 25 Jan 2024 07:29:13 GMT

POST
H2 200 nl_subscription Show response
www.letemps.ch/node/1361205/ 16 KB
16 KB 122ms
119ms XHR
application/json 151.101.194.216
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.letemps.ch/node/1361205/nl_subscription?_wrapper_format=drupal_ajax

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/js/js_bX90vNEq7hSu2n0zv231hOqj8YVlT-jpOVUuCw8p-9g.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.216 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ebda7a83b40065f9a8d98fece780655d3375dbe3fb55ab1c3ede9b8ecc415c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

expires: Sun, 19 Nov 1978 05:00:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
date: Mon, 27 Feb 2023 15:59:16 GMT
x-content-type-options: nosniff
x-platform-server: i-dbca4e66
via: 1.1 varnish
traceresponse: 00-1747b9b10fa2f0fb74f0d938a8c6d4ce-5bc702cf77a9b7eb-00
x-drupal-ajax-token: 1
x-cache: MISS
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-served-by: cache-fra-eddf8230118-FRA
referrer-policy: origin-when-cross-origin
server: nginx
x-timer: S1677513556.341889,VS0,VE114
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-language: fr
content-type: application/json
x-generator: Drupal 9 (https://www.drupal.org)
cache-control: must-revalidate, no-cache, private
x-debug-info: eyJyZXRyaWVzIjowfQ==
permissions-policy: interest-cohort=()
accept-ranges: bytes
link: <https://assets.letemps.ch>; rel=dns-prefetch, <https://assets.letemps.ch>; rel=preconnect, <https://www.google-analytics.com>; rel=dns-prefetch, <https://www.google-analytics.com>; rel=preconnect, <https://secure.adnxs.com>; rel=dns-prefetch, <https://secure.adnxs.com>; rel=preconnect, <https://ib.adnxs.com>; rel=dns-prefetch, <https://ib.adnxs.com>; rel=preconnect, <https://s.ytimg.com>; rel=dns-prefetch, <https://s.ytimg.com>; rel=preconnect, <https://www.gstatic.com>; rel=dns-prefetch, <https://www.gstatic.com>; rel=preconnect, <https://experience.tinypass.com>; rel=dns-prefetch, <https://experience.tinypass.com>; rel=preconnect, <https://firestore.googleapis.com>; rel=dns-prefetch, <https://firestore.googleapis.com>; rel=preconnect
x-cache-hits: 0

OPTIONS
H2 200 country
api.adnz.co/api/ws-geodata/ Frame 0
0 184ms
75ms Preflight 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-geodata/country
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.letemps.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, cache-control, content-type, if-modified-since, keep-alive, user-agent, requested-status, access-control-request-headers, access-control-request-method, access-control-allow-credentials, origin, referer, sec-fetch-mode, accept-ranges, allow, vary, x-selected-company, sentry-trace
access-control-allow-methods: GET, PUT, DELETE, POST, OPTIONS
access-control-allow-origin: https://www.letemps.ch
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a02206f3d9c9a30-FRA
content-length: 0
date: Mon, 27 Feb 2023 15:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PSmaJs6zdSMXpW1obHLspl9Vxl9eqO3HYi8aTBIIj0kPPOi2Qheqr0LaNQgNTWtsyRPYbcH9x%2FznSgJ5fbwgWczaI3OgBgImVQRZwIvfpxD3U2vJGt7N564dW%2F1Ld47YaV3iN%2FZyXkl"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 364 KB
107 KB 38ms
24ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=w4zNYLIkAY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12098eac01ef4bffaebccb2b755e2a47e0d31cc348678c2e2ec8a76b480155c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
x-amz-version-id: BcQGyDF.Cd_v2T852Alyn.nxh2kZdqT5
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: G5FW9PMYT7C47EHK
age: 5681
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 7uSg+yrOTXGt80qExF2BBmS/A0UslS+7CNH0kSyA4sEvxZwKYtd2mvGhcJnyh9OYxAhYK9kiw1Y=
last-modified: Mon, 27 Feb 2023 10:23:43 GMT
server: cloudflare
etag: W/"e87ff770bb02ae854a6835962999b115"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7a02206f7e753671-FRA
expires: Mon, 27 Feb 2023 19:59:16 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=19bbc79e2d1b0fdf9bfcf383939fc15a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f97a710249d772d1c149a8cb944d47bed46d3a1f5331d1e3dcc15d6c8151d070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.letemps.ch/
Origin: https://www.letemps.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 15:59:16 GMT
content-md5: w1dVbikhTngwH+WevKho4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87019
x-fb-rlafr: 0
x-fb-debug: FENNnJ2l/XthPmWEvy0rg1QmnKxLKZScePDmi1PUj/aCv9g9q0eNEfRAZmgHXZfdeNLs+EDfTCHPWTGNgVDRVg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 36486a295a71c01c5efd7263af9bcfa4
cross-origin-opener-policy: same-origin-allow-popups
etag: "6ce3c5cf3c4c904a782e235b53185b94"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 27 Feb 2024 15:39:35 GMT

GET
H3 200 icon-bookmark-add-red2.svg
assets.letemps.ch/themes/custom/letemps/assets/img/ 1 KB
1 KB 21ms
20ms Image
image/svg+xml 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/img/icon-bookmark-add-red2.svg

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d62b1d1519e18be8991497f6413f87f4fe09ecc0107607a5e7dc0cc487d4605a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2717642
traceresponse: 00-173d7cb9d16e29a6e2d5857619b01379-7bbe9afd14513d28-00
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 11 Jan 2023 12:42:59 GMT
server: cloudflare
etag: W/"63beaed3-522"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhOj7QU2FqptKkgxwYWVsKSEdyhxa%2Fu%2FH9ovpu%2BK7S8kpFEM3nePmxuaDtPPqhsk%2BWd1gi6qJENO%2FfWFUtfybQUZC8pTBkisv2dt2MkG7cc0WzxbQmexZ4BePPjMvET%2Bf8SP"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a02206f6f872c6d-FRA
expires: Thu, 25 Jan 2024 07:29:33 GMT

GET
H3 200 icon-bookmark-bookmarked-red2.svg
assets.letemps.ch/themes/custom/letemps/assets/img/ 1 KB
1 KB 26ms
25ms Image
image/svg+xml 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/img/icon-bookmark-bookmarked-red2.svg

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

365c6813146bc403e45b488a773464e56996bfd440c5b3367e39cb883b2d0a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4710954
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 00-16cd72d9f4c74893ed917cbb94af4c25-07f9b97fe0fb0f75-00
pragma: public
last-modified: Fri, 21 Jan 2022 12:16:24 GMT
server: cloudflare
etag: W/"61eaa418-55f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMsMXe2la0MiEMM3smVNaRVVNlt4iFyzBSxXVZQEwpexj4YnXwdH%2FZPwm19cmdL8ks51Po9FPWiJFgGR7ejHln%2ByBf6TvRyknxOsKtt%2BVh5I0PgLkgU2waO0cRXEE%2B8s28XM"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a02206f6f8a2c6d-FRA
expires: Wed, 25 Jan 2023 07:28:39 GMT

GET
H3 200 d99ee26_20230201190535614.jpg
assets.letemps.ch/sites/default/files/styles/article_detail_desktop/public/media/2023/02/26/ 86 KB
87 KB 52ms
51ms Image
image/jpeg 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.letemps.ch/sites/default/files/styles/article_detail_desktop/public/media/2023/02/26/d99ee26_20230201190535614.jpg?h=bc816b12&itok=W88W9JN4

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ab2ea1441b39631098acd733ca467aa0d098f61fbdbba0edd12331a0e396c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
traceresponse: 00-1747a76d22869b3fe6e9bbd1e1ba8cd5-c836698bd0a3a8bc-00
cf-polished: origSize=90726, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88263
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 26 Feb 2023 10:21:52 GMT
server: cloudflare
etag: "63fb32c0-16266"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2B%2B0v8bcP5B%2FeXZBKQrWwmK3s7NkaMqEusAIgfW8bSjmVGQcfkduZNIBox3EXZZF%2FyL5KihY%2FJnc349YXhBdNWBVEVDh%2FmQhRdZXrH2zDj50wz%2F6xB3wYPbI2Q6%2Bm%2B2r66Hs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02206f6f8c2c6d-FRA
expires: Tue, 27 Feb 2024 10:24:33 GMT

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
820 B 94ms
13ms Fetch
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: adnz.co
URL: https://adnz.co/dmp/publisher.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Feb 2023 15:59:16 GMT
AN-X-Request-Uuid: 5a904c44-80c4-4687-bcb1-4ae868430079
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.letemps.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 xdomain_cookie.js Show response
xd.adnz.co/ 9 KB
3 KB 32ms
17ms Script
application/javascript 2606:4700:20::681a:305
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xd.adnz.co/xdomain_cookie.js

Requested by

Host: adnz.co
URL: https://adnz.co/dmp/publisher.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:305 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1afabdbc9ffd54173ee5d42ffafe4026965be1c28143570c7d32e6cfa46cdd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000083355e4f3cb201f6-0063f338f5-10d9676-default
age: 722
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Feb 2023 12:15:19 GMT
server: cloudflare
etag: W/"21a9dc60217182683a8388843f5a4c30"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEIvPrDwAUJsS6ybDYNcwJ2wYOlYq65G1nB9R%2BMeIoNJcc0%2FDa7vu84nGx7F8TOlcUYT7%2FDbu4vZ7%2FxAC3HNgtekDIze%2ByE2ZmkaOLttRjSScrJihJSk9rIYuJWQZsn7vrBEa9nkWUc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
x-rgw-object-type: Normal
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 7a02206f8f7a3666-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With

GET
H2 200 piano-analytics.js Show response
tag.aticdn.net/ 76 KB
22 KB 38ms
8ms Script
application/javascript 18.66.147.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.aticdn.net/piano-analytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ2B8Q&gtm_auth=sKZomKq03sHB6_8jV7eDMQ&gtm_preview=env-50&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01ce45080ecadf29fa77d4e1e845c631d8d3e61a8a39b895243cff1c7c6e32ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 22e0gNkePEhvLi49kGmQKTb9nQirms32
content-encoding: br
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
date: Mon, 27 Feb 2023 15:40:10 GMT
x-amz-cf-pop: FRA60-P4
age: 1147
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Tue, 31 Jan 2023 14:01:43 GMT
server: AmazonS3
etag: W/"0fadf6486030c289f8d924521491fccb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=600
x-amz-cf-id: v5r-CH4tU8M9YYSTYCUq-bO6KosRXtmS3AQcrF-HYq44WGwt-yFPXw==

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 111 KB
44 KB 69ms
28ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-5VWLQBR

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ2B8Q&gtm_auth=sKZomKq03sHB6_8jV7eDMQ&gtm_preview=env-50&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4707562f805245fe2e14e7f2096699430ebe1b37070add0d55acf2b415c5e2b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44763
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Feb 2023 15:59:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 27 Feb 2023 15:59:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: JmSVdSzaRoVYmwGfDFFXWHEahEIe5925X5yPPLZkhiS4Ww+3vtNiCgnfGaX7wrJsG/taY+/LwxhlMSemyroBSw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1305381.js Show response
static.hotjar.com/c/ 8 KB
4 KB 61ms
9ms Script
application/javascript 13.225.78.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1305381.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ2B8Q&gtm_auth=sKZomKq03sHB6_8jV7eDMQ&gtm_preview=env-50&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-69.fra2.r.cloudfront.net

Software

Resource Hash

df622f934537903f5db7688b651904b555daa34dc7880366078358579446ff66

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:58:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 40
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/8a2b0adc866419db1ffd4838d31613d8
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: jKQoH1-Wz_r2UoErcEC0E51qRsuSMOzckbNccndM6V6DfWf5EcOgag==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 95ms
18ms Script
application/x-javascript 2a02:26f0:11a::217:9a4a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ2B8Q&gtm_auth=sKZomKq03sHB6_8jV7eDMQ&gtm_preview=env-50&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a4a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=32983
accept-ranges: bytes
content-length: 4777

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ2B8Q&gtm_auth=sKZomKq03sHB6_8jV7eDMQ&gtm_preview=env-50&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 14:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6266
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 27 Feb 2023 16:14:50 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=922698&seg=10587633&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D922698%26seg%3D10587633%26t%3D1

0
1 KB

15ms
15ms

Script
application/javascript

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D922698%26seg%3D10587633%26t%3D1

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Feb 2023 15:59:16 GMT
AN-X-Request-Uuid: bb5c4386-a42c-43d8-ba31-e386bbca8d49
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Feb 2023 15:59:16 GMT
AN-X-Request-Uuid: c095a4f3-d7ba-40d0-91a3-72b08c428a09
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D922698%26seg%3D10587633%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
77 KB 37ms
35ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RK4TFZGQ66&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ2B8Q&gtm_auth=sKZomKq03sHB6_8jV7eDMQ&gtm_preview=env-50&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ad40d8e4328ad2f6a30f8d4ba6947bffa08b62ce9c313dc3a90d292af4d6198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78828
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 15:59:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 31ms
29ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SR8FQJPVG5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ2B8Q&gtm_auth=sKZomKq03sHB6_8jV7eDMQ&gtm_preview=env-50&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fcca770a3fdfb7dd9af74930301e9c954d83a4a74a54def4ccb4d7815723eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78464
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 15:59:16 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 285ms
29ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ2B8Q&gtm_auth=sKZomKq03sHB6_8jV7eDMQ&gtm_preview=env-50&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4ff41625f9d1e150a371ac721c45aefb3be794cd4149116c86d399b34a69e14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 21 Feb 2023 08:58:02 GMT
server: nginx
etag: W/"63f4879a-ac64"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 28 Feb 2023 15:59:16 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/letemps.ch/ 71 KB
25 KB 68ms
8ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/letemps.ch/p.js
Requested by: Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b8d6475299960462522c4c27d5a3ea9abbc7916944d54cec696e0136bbf2cf12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Sun, 26 Feb 2023 22:52:04 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 19 Oct 2021 21:52:02 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 71231
etag: W/"616f3e02-11d9b"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: 1cBHTloBzaFv0J6FFU0-lGl_hYO3qa3zTIoAKPXY1fHLFdXqTjKZYg==
expires: Mon, 27 Feb 2023 20:12:05 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 5 KB
2 KB 154ms
121ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=w4zNYLIkAY

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34dc3b7ccb51dcbf6f429e3206fd345906564dc9ebfe066e05606a520b67ca61

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: rgj4gdk2nw
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.letemps.ch
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7a0220704b753a5a-FRA

GET
H3 200 page-keywords Show response
api.adnz.co/api/ws-contextual/ 328 B
766 B 22ms
22ms Fetch
application/json 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-contextual/page-keywords?url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1323a034fe5d32bd451b99e1a15161763d0244d793383fa07786f823ac680472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 15:49:01 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOnDpTs4Hctbb8t4698M225QgSgKqm2fFKNsu58NnT2q%2Fz5bVjMQ9YA6fwqc9ZKohuhSIOURE6Xpnn6SAd02C1UzDVFN2s25k7LQBpD9g8bpqTvqJFbOztjymSs1dA5SdLWsJKBjP%2B1E"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 7a0220701d553aa3-FRA
expires: Mon, 27 Feb 2023 16:29:16 GMT

GET
H3 200 js_Zpxetwq8F741s7JUmMjShUoBXMETf2_dZWf8CEIEmWg.js Show response
assets.letemps.ch/sites/default/files/js/ 17 KB
7 KB 22ms
21ms Script
application/javascript 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.letemps.ch/sites/default/files/js/js_Zpxetwq8F741s7JUmMjShUoBXMETf2_dZWf8CEIEmWg.js

Requested by

Host: assets.letemps.ch
URL: https://assets.letemps.ch/sites/default/files/js/js_bX90vNEq7hSu2n0zv231hOqj8YVlT-jpOVUuCw8p-9g.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55a5bc6685eef84a0a46bf88c60324c5f792171cd844beb79818b6919842b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4710955
cf-polished: origSize=17053
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 00-16e90edcb5622a334fb125902f38b7e6-2421cccbd05dac0c-00
pragma: public
cf-bgj: minify
last-modified: Tue, 22 Mar 2022 13:14:25 GMT
server: cloudflare
etag: W/"6239cbb1-197e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFuNHvJ2zLeYjw%2Fqyku1yKz5odh%2B0liv1zTeHXzQFvdLSHOf1m3lp0GCCdLLSgYuiX1Sr%2FajKD02CdStiHv6dO6Sk8kNEKBlKX%2FexYk3LDRtK%2Fp1BfzR26JvtpB5uOKtOG8E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a02207028ac2c6d-FRA
expires: Tue, 25 Apr 2023 06:11:19 GMT

GET
H3 200 eco_0.jpg
assets.letemps.ch/sites/default/files/styles/compact/public/2017-04/ 5 KB
5 KB 20ms
20ms Image
image/jpeg 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.letemps.ch/sites/default/files/styles/compact/public/2017-04/eco_0.jpg?itok=IQY8oKaW

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cc85f47fe103dd1529efdb17f42faad16856187a1dbabf67024ce0bba5c32e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2587489
cf-polished: origSize=4690, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4672
x-request-id: 00-16e88bea50b8a46d0cfe0cc1d2c52fe9-6f93f3e92ca7eddd-00
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 Jan 2021 17:22:01 GMT
server: cloudflare
etag: "6012f2b9-1252"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niFR8d0rvfPForLs%2BMF3HXA9QgP9K%2FRjHP608Y0fWw6XrDYz4K16P%2Bfos7mWZ7TNQPcVqlZgX4LHNG74QrJiMivDwwo9p8pE8chmFXlnlR82IUsrP5mehO2Wib%2FPdGPFrmG6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a02207028b32c6d-FRA
expires: Sun, 23 Apr 2023 14:11:41 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1EAD 77 KB
27 KB 91ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e10c0d38c8c7608f11eb84d247008d1828e70fe057bd6df94a446bb37e5caff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26898
x-xss-protection: 0
server: sffe
etag: "1495 / 605 of 1000 / last-modified: 1677499723"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Feb 2023 15:59:16 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
244 B 47ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-SR8FQJPVG5&gtm=45je32m0&_p=235793138&_gaz=1&cid=968799346.1677513557&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677513556&sct=1&seg=0&dl=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&dt=Des%20centaines%20de%20millions%20de%20dollars%20d%C3%A9tourn%C3%A9s%20au%20Liban%20auraient%20atterri%20dans%20des%20banques%20suisses%20-%20Le%20Temps&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SR8FQJPVG5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.letemps.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 57ms
18ms Ping
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SR8FQJPVG5&cid=968799346.1677513557&gtm=45je32m0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SR8FQJPVG5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.letemps.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 82ms
42ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SR8FQJPVG5&cid=968799346.1677513557&gtm=45je32m0&aip=1&z=1789476282

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
244 B 48ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RK4TFZGQ66&gtm=45je32m0&_p=235793138&cid=968799346.1677513557&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677513556&sct=1&seg=0&dl=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&dt=Des%20centaines%20de%20millions%20de%20dollars%20d%C3%A9tourn%C3%A9s%20au%20Liban%20auraient%20atterri%20dans%20des%20banques%20suisses%20-%20Le%20Temps&en=page_view&_fv=1&_ss=2&ep.anonymizeIp=true&up.subscription=anonymous
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RK4TFZGQ66&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.letemps.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.3bdf981e73ecd1bf9fca.js Show response
script.hotjar.com/ 263 KB
68 KB 64ms
8ms Script
application/javascript 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3bdf981e73ecd1bf9fca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1305381.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-26.fra2.r.cloudfront.net

Software

Resource Hash

5cfe66ee024c0c4640ab3f01e85b885bf78a44e65ac037af6c5d1d1d5c15907e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 09:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 24610
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68683
last-modified: Mon, 27 Feb 2023 09:08:08 GMT
etag: "ebfd5ece1732ea77a9b33e8ec7afb91a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: DAxwKy-WHiEB9CF6WEHiKWnLtuuzNkqOoau892FMCr4uBIambvuSgg==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 143ms
32ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1677513556688&plid=7261167&idsite=letemps.ch&url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&sref=&sts=1677513556684&slts=0&title=Des+centaines+de+millions+de+dollars+d%C3%A9tourn%C3%A9s+au+Liban+auraient+atterri+dans+des+banques+suisses+-+Le+Temps&date=Mon+Feb+27+2023+15%3A59%3A16+GMT%2B0000+(GMT)&action=pageview&pvid=58951368&u=pid%3D3cfce9da390ee74b3d8064596ea5aa34
Requested by: Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 15:59:16 GMT
Cache-Control: no-cache
Last-Modified: Monday, 27-Feb-2023 15:59:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 icon-facebook.svg
assets.letemps.ch/themes/custom/letemps/assets/img/ 1 KB
1 KB 25ms
24ms Image
image/svg+xml 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/img/icon-facebook.svg

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01c8f8c3987a29ba5144fe13855c4682343bac383c54959c35c21bdf82f9a265

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4710953
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 00-16d6e1725cdf464666696036c25e51fe-f284cc5f3541c49c-00
pragma: public
last-modified: Thu, 24 Feb 2022 08:19:58 GMT
server: cloudflare
etag: W/"62173fae-547"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exQESUko0DT9xB5z69EwsSHI74sWRrqfAQaCEESmWt%2B1Mqc84n7vl1fV5GwilsCAxIwm5CdpbYZ1Lgx66XQ1uoXlaOfDV6phSGwqYR5dhAbyUoKPfjPH606owYt06yjUENMh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a0220715aae2c6d-FRA
expires: Sat, 25 Feb 2023 00:56:35 GMT

GET
H3 200 icon-twitter.svg
assets.letemps.ch/themes/custom/letemps/assets/img/ 2 KB
1 KB 27ms
26ms Image
image/svg+xml 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/img/icon-twitter.svg

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

266f939c1cf432933399411aa730e9bafd4474f5f6bdb100c831b0a9b78eacc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4710953
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 00-16cd72db9a7d429d8bcfab2266b27d3d-b40d6b30dafad175-00
pragma: public
last-modified: Fri, 21 Jan 2022 12:16:24 GMT
server: cloudflare
etag: W/"61eaa418-726"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrY%2Bwn%2FRoQ78Fs3roiIxG2WnkJhWg0eLw6hbrNcvVUaxyew6LIKiGjwW2JolvODhVnnhic2NdboZGmhH%2BKIwqvpX%2F%2FbLlshFUoQPLgo%2BAeH4foWQGVhaolUYCzPV91EhA%2Fuk"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a0220715ab02c6d-FRA
expires: Wed, 25 Jan 2023 07:28:46 GMT

GET
H3 200 icon-linkedin.svg
assets.letemps.ch/themes/custom/letemps/assets/img/ 2 KB
1 KB 25ms
24ms Image
image/svg+xml 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/img/icon-linkedin.svg

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6b893b27543581c7ce5276773a9524d38619277a051fd6f222f7ebdf9e962d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4710953
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 00-170e2435b5aaa2d8986f139c62e8a486-f78d41543ca6c45f-00
pragma: public
last-modified: Mon, 22 Aug 2022 08:42:51 GMT
server: cloudflare
etag: W/"6303418b-656"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTZ0WrN3XV9Yxzt5AQc7IBb9JxnsIG4NOpxgPycYKFE7AXqaw3DIqcNLHxcZTqrXW%2BIbCZibfg1%2BuWNBS95O2HMQ6Tztxwv7qUIRzVVF%2FKoI62UIZstg6cxw%2FnaGgkDSHzjP"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a0220715ab42c6d-FRA
expires: Thu, 24 Aug 2023 01:38:45 GMT

GET
H3 200 icon-envelope.svg
assets.letemps.ch/themes/custom/letemps/assets/img/ 2 KB
1 KB 22ms
21ms Image
image/svg+xml 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.letemps.ch/themes/custom/letemps/assets/img/icon-envelope.svg

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ff3a85de71e1bd2044a10b52c0b0177282e3668be940fb87206fd4dd4d9fdba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4443345
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 00-16a440cb845e39b0e30e4d684d8f6569-795d2887522d728e-00
pragma: public
last-modified: Wed, 08 Sep 2021 11:27:00 GMT
server: cloudflare
etag: W/"61389e04-87b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YzR6mYW%2FMzn%2Fa9ms97JTLwqQzsp%2F3S7bwBj6qoDOsiiesNbCFY%2BXawoS%2B2N1NnWbukBaeSCMTEuOZ96fLgzLUcOfUCu554BaoISwIT00abD%2Ft3kthJOxX6WmzNFcE8Y8JaR"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7a0220715ab52c6d-FRA
expires: Tue, 13 Sep 2022 02:30:07 GMT

GET
H3 200 65cdf5e_1667984157004-3831f030-2030-4fba-9538-e9246448b157-1-105-c.jpeg
assets.letemps.ch/sites/default/files/styles/thumbnail/public/media/2022/11/09/ 3 KB
4 KB 28ms
27ms Image
image/jpeg 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.letemps.ch/sites/default/files/styles/thumbnail/public/media/2022/11/09/65cdf5e_1667984157004-3831f030-2030-4fba-9538-e9246448b157-1-105-c.jpeg?itok=O4oY-8_G

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2914ae07822593a8150b862548aa5678fdd236967d8b6d159709c7a9875db31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155789
traceresponse: 00-17379cc0b6b7e9dd41d5bfe9e69d537a-3aec40a7e0f00fb6-00
cf-polished: origSize=3371, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3351
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Wed, 09 Nov 2022 08:56:23 GMT
server: cloudflare
etag: "636b6b37-d2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDrgr%2FCO4S%2FZ6bkvmJLlUtxdf42SfT0KsqcehdEDuT41c75ve3zCOoLsqchasHehy9i%2B%2BxFWdkjAId%2Bmvt0Xrg1W5%2BUS7yRDaNohls%2FYt3bHLK1OacC2IxDLvQcrLMD7xYC%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220716abb2c6d-FRA
expires: Sat, 06 Jan 2024 04:08:58 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1163156/domain/letemps.ch/ 36 B
368 B 55ms
8ms XHR
application/json 2600:9000:20eb:f400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1163156/domain/letemps.ch/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 12:00:52 GMT
content-encoding: gzip
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 14304
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=25198
x-amz-cf-id: xWE1YxJX74c7ozk5YM4uNCd6iljT2sEjTY8p5tcgnO-ZjXA3Eg1Xmw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1163156&time=1677513556698&url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1163156%26time%3D1677513556698%26url%3Dhttps%253A%252F%252Fwww.letemps.ch%252Feco...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1163156&time=1677513556698&url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suiss...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1163156&time=1677513556698&url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suis...

0
265 B

411ms
151ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1163156&time=1677513556698&url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&liSync=true&e_ipv6=AQL184z4-4nb0wAAAYaTmYSqTr3wi89CoFXcJO1GW9gf50kW5_K6gtKrqL9gZe6djdexl5oEdldtbw
Requested by: Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 15620536E6064433AE83D2C7907E556B Ref B: FRAEDGE1411 Ref C: 2023-02-27T15:59:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX1sI+0XkgbuQ06mCxOYg==

Redirect headers

date: Mon, 27 Feb 2023 15:59:16 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DAD78097C730495484876F46C9050AAC Ref B: FRAEDGE1309 Ref C: 2023-02-27T15:59:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1163156&time=1677513556698&url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&liSync=true&e_ipv6=AQL184z4-4nb0wAAAYaTmYSqTr3wi89CoFXcJO1GW9gf50kW5_K6gtKrqL9gZe6djdexl5oEdldtbw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX1sI+uG0HmdTwc7xgXLA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
181 B 23ms
22ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=235793138&t=pageview&_s=1&dl=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&ul=en-us&de=UTF-8&dt=Des%20centaines%20de%20millions%20de%20dollars%20d%C3%A9tourn%C3%A9s%20au%20Liban%20auraient%20atterri%20dans%20des%20banques%20suisses%20-%20Le%20Temps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABQAAAACAAI~&jid=1631232350&gjid=1320331787&cid=968799346.1677513557&tid=UA-4651172-23&_gid=550874129.1677513557&_r=1&_slc=1&gtm=45He32m0n71TQ2B8Q&cd1=anonymous&z=599766753

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.letemps.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 22ms
22ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=235793138&t=pageview&_s=1&dl=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&ul=en-us&de=UTF-8&dt=Des%20centaines%20de%20millions%20de%20dollars%20d%C3%A9tourn%C3%A9s%20au%20Liban%20auraient%20atterri%20dans%20des%20banques%20suisses%20-%20Le%20Temps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABQAAAACAEK~&jid=1154543790&gjid=695924532&cid=968799346.1677513557&tid=UA-4651172-21&_gid=550874129.1677513557&_r=1&_slc=1&gtm=45He32m0n71TQ2B8Q&cd1=anonymous&cd2=Economie&cd3=np8_news&cd4=0&cd5=banques&cd9=1501-3000&cd10=2023&cd11=1361205&cd13=2023-02-26T10%3A21%3A10&cd17=&cd18=0&cd19=278&cd21=disabled&cd23=1600x1200&cd31=false&cd32=Agathe%20Seppey&cd35=article-news&cd37=Agathe%20Seppey&cd30=968799346.1677513557&z=1343746711

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.letemps.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2018798538367767 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 13ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2018798538367767?v=2.9.97&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b162a0a65843db1893ff8e56b114b2abba645f8a4da15cff3569405c25ebb72a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 27 Feb 2023 15:59:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110238
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ICqm1WeEcKWbK+bJqNqX1djkbptKHTKU5dhc1fdd5iKVkBKM2IRHinmbW28noF41kWhtLuVeLz8neZVHSjU52w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-4651172-23&cid=968799346.1677513557&jid=1631232350&gjid=1320331787&_gid=550874129.1677513557&_u=aADAAEAAQAAAACAAI~&z=1684758167

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 27 Feb 2023 15:59:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.letemps.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 95 KB
33 KB 37ms
7ms Script
application/javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bf4aa8f1f339ab14bd142750fbd5d6aff7614187d1e2e0b491818fad0c7fb236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 15:59:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Jan 2023 17:19:51 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63c6d8b7-17dc7"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 33183
Expires: Tue, 28 Feb 2023 15:59:18 GMT

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 556 B
1 KB 15ms
14ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7d47a1f2cedc671e955ad1e6d5b266082936ae9f44959f4f05c4a6c3d732602d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

pragma: no-cache
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
cache-control: no-cache
Referer: https://www.letemps.ch/
X-Is-Test: 0

Response headers

Date: Mon, 27 Feb 2023 15:59:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8765679f-6abe-4af5-aacd-4d14c6c82fdc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.letemps.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H/1.1 200
OK v3
ib.adnxs.com/ut/ Frame 0
0 40ms
13ms Preflight
text/plain 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,pragma,x-is-test
Access-Control-Request-Method: POST
Origin: https://www.letemps.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

AN-X-Request-Uuid: 405c02a3-238e-47c6-8ff4-02ca2e720571
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: cache-control,content-type,pragma,x-is-test
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://www.letemps.ch
Access-Control-Max-Age: 86400
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 27 Feb 2023 15:59:16 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-4651172-21&cid=968799346.1677513557&jid=1154543790&gjid=695924532&_gid=550874129.1677513557&_u=aADAAEABQAAAACAEK~&z=1773807367

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 27 Feb 2023 15:59:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.letemps.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 1305381 Show response
vc.hotjar.io/sessions/ 0
257 B 77ms
34ms XHR
text/plain 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1305381?s=0.25&r=0.19904597064374774
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.3bdf981e73ecd1bf9fca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: gy9FRJo9eCnrSi7bb0zr2u_7n_Cck0iC9AbYNDEz1mKOKGdz9Y4jEg==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1D99 15 KB
6 KB 202ms
13ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.letemps.ch&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.letemps.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 15:59:16 GMT
server: Kestrel
server-processing-duration-in-ticks: 424869
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 82ms
43ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4651172-23&cid=968799346.1677513557&jid=1631232350&_u=aADAAEAAQAAAACAAI~&z=2005315002

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 45ms
43ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4651172-23&cid=968799346.1677513557&jid=1631232350&_u=aADAAEAAQAAAACAAI~&z=2005315002

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 81ms
42ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4651172-21&cid=968799346.1677513557&jid=1154543790&_u=aADAAEABQAAAACAEK~&z=896418027

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 48ms
48ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4651172-21&cid=968799346.1677513557&jid=1154543790&_u=aADAAEABQAAAACAEK~&z=896418027

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 28ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2018798538367767&ev=PageView&dl=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&rl=&if=false&ts=1677513556825&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677513556824.1233678053&it=1677513556748&coo=false&rqm=GET

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 27 Feb 2023 15:59:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 28ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2018798538367767&ev=Article%20vu&dl=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&rl=&if=false&ts=1677513556827&cd[rubrique]=Economie&cd[type]=0&cd[subscription]=anonymous&cd[tags]=banques&sw=1600&sh=1200&v=2.9.97&r=stable&ec=1&o=30&fbp=fb.1.1677513556824.1233678053&it=1677513556748&coo=false&tm=2&rqm=GET

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 27 Feb 2023 15:59:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 page-keywords Show response
api.adnz.co/api/ws-contextual/ 328 B
733 B 14ms
13ms Fetch
application/json 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-contextual/page-keywords?url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1323a034fe5d32bd451b99e1a15161763d0244d793383fa07786f823ac680472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 15:49:01 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXckKmhIoJnz%2Fp0J3qjxHE1oNArAxCCzlyM7zMXWPQXG7OP8uSquL2lLHu%2BNU7EaZXmhPsIv7zzCBSPNRQanKsh92N3M5tS761CVPn6mgkhS8Mvt%2BwIDexX3oNzyVWamamZsIsMJcf3l"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 7a02207259da3aa3-FRA
expires: Mon, 27 Feb 2023 16:29:16 GMT

GET
H3 200 page-keywords Show response
api.adnz.co/api/ws-contextual/ 328 B
734 B 14ms
13ms Fetch
application/json 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-contextual/page-keywords?url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1323a034fe5d32bd451b99e1a15161763d0244d793383fa07786f823ac680472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 15:49:01 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vytRZuRz7476Bb3LFYJGp2suNXIpEd5cTs2XyDdRR%2FKRyTxrkvr7X08XhiSmz0UHn3tDAdr9qRtCaXA%2BdR8VHLNua3xosAfcZxSt1mWjdeFl%2FFP4%2Bug2EeinTLr26hc47%2FyOq67l1fXp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 7a02207259db3aa3-FRA
expires: Mon, 27 Feb 2023 16:29:16 GMT

GET
H3 200 page-keywords Show response
api.adnz.co/api/ws-contextual/ 328 B
732 B 14ms
14ms Fetch
application/json 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-contextual/page-keywords?url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1323a034fe5d32bd451b99e1a15161763d0244d793383fa07786f823ac680472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 15:49:01 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsqtrksEc2CsalIAy66Kow1J5CsRcuQxAoXTM5dRYbSDSpY9YOVck2%2BgBzb33FXlit%2FkEzjn09wTV62zRv%2BR0WVU63ScIu5WRknGnaEqxMZMhGbqoqvFOfVNmAMWh91jSK85ABwKmwxx"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 7a02207259dd3aa3-FRA
expires: Mon, 27 Feb 2023 16:29:16 GMT

GET
H3 200 page-keywords Show response
api.adnz.co/api/ws-contextual/ 328 B
737 B 15ms
15ms Fetch
application/json 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-contextual/page-keywords?url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1323a034fe5d32bd451b99e1a15161763d0244d793383fa07786f823ac680472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 15:49:01 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhy84UN7m6fWQ8it1vILPzaw5UUvqw4%2FvUTZzxhA%2F06HI9XKHhSFsEREVHzl9%2F3TS6QrQArAJ3sZ9gzblNkuJCcvUmw%2BhvzOvH42ZsWDnfDD9L6Dc8E%2FMX1CXYJ0vsxzbj5F5ZdNl4k5"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 7a02207259de3aa3-FRA
expires: Mon, 27 Feb 2023 16:29:16 GMT

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 53 KB
14 KB 292ms
292ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a94b6c4a445594014af7a2252b0f4e4712888600823828272ba9bee4da5fe2d2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 27 Feb 2023 15:59:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4080dc1f-1a69-47e8-88fd-09251ce992c0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.letemps.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ls.html Show response
forecast.letemps.ch/ Frame DD52 1014 B
892 B 9ms
6ms Document
text/html 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://forecast.letemps.ch/ls.html?origin=www.letemps.ch

Requested by

Host: forecast.letemps.ch
URL: https://forecast.letemps.ch/sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

1e56a278644107e9c6e0afa1f28371d74da3e09334a76526287814a4d67bbd35

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;frame-ancestors www.letemps.ch
Strict-Transport-Security	max-age=300
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.letemps.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: www.letemps.ch
age: 320
cache-control: public, max-age=600, stale-while-revalidate=30
content-encoding: gzip
content-length: 358
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;frame-ancestors www.letemps.ch
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 15:59:16 GMT
expires: Mon, 27 Feb 2023 16:03:56 GMT
last-modified: Mon, 27 Feb 2023 15:53:56 GMT
server: nginx/1.14.0 (Ubuntu)
strict-transport-security: max-age=300
vary: Accept-Encoding
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-eddf8230127-FRA
x-timer: S1677513557.873422,VS0,VE1
x-xss-protection: 1; mode=block

OPTIONS
H3 200 mediation-excluded
api.adnz.co/api/ws-appnexus-proxy/creatives/ Frame 0
0 55ms
55ms Preflight 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-appnexus-proxy/creatives/mediation-excluded
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.letemps.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization, cache-control, content-type, if-modified-since, keep-alive, user-agent, requested-status, access-control-request-headers, access-control-request-method, access-control-allow-credentials, origin, referer, sec-fetch-mode, accept-ranges, allow, vary, x-selected-company, sentry-trace
access-control-allow-methods: GET, PUT, DELETE, POST, OPTIONS
access-control-allow-origin: https://www.letemps.ch
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a0220727a103aa3-FRA
content-length: 0
date: Mon, 27 Feb 2023 15:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtUhS%2BDcy%2B65ypcsoR6zSxnAQefBQZYtf0dEA%2FZMmQ9U9Nieevlqs7qpJqCDA77CSa8L8xMODFh%2B9jEiIIBWypTcjKeaP%2Bi2aBnovCvEamLpmRNiyHuSG6Lzu408l8mEx3slhOEkG8Eh"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 mediation-excluded Show response
api.adnz.co/api/ws-appnexus-proxy/creatives/ 16 KB
6 KB 17ms
16ms XHR
application/json 2606:4700:20::ac43:44e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-appnexus-proxy/creatives/mediation-excluded
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a906650191b412b846a54142d2a37a4f6155aef21b12bbfd0a01b184a5a15b05

Request headers

Accept: application/json
Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3442
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 27 Feb 2023 15:01:54 GMT
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3SBlPr6AZBUsvUBMQJiQeJq%2BuXs559IlSUg8iszuiBIXiohaX9KEzfms2T0jTWw8CvAu00dpWzlxPBqOb5Cx%2FhIs1zKs2%2F5eoKW1upJ%2BEfnQBXnzUDGWAkIA5FpH4SVndCmaFZvwYum"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.letemps.ch
cache-control: public, max-age=300
access-control-allow-credentials: true
cf-ray: 7a022072daa03aa3-FRA
expires: Mon, 27 Feb 2023 16:04:16 GMT

GET gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7BC0 0
0

GET gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 540B 0
0

GET
H3 200 xdomain_cookie.html Show response
xd.adnz.co/ Frame 7EC1 3 KB
2 KB 65ms
64ms Document
text/html 2606:4700:20::681a:305
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xd.adnz.co/xdomain_cookie.html

Requested by

Host: xd.adnz.co
URL: https://xd.adnz.co/xdomain_cookie.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:305 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd2717d6c9540ef58d7a2551925e8756b072e2a2efe80e6813b7f0319f5f5df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.letemps.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public
cf-cache-status: DYNAMIC
cf-ray: 7a022072ad3d90d6-FRA
content-encoding: br
content-type: text/html
date: Mon, 27 Feb 2023 15:59:16 GMT
last-modified: Tue, 21 Feb 2023 14:19:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=633YWCkFEG9KiGjP%2BtoZo0KBADN0bSFlzk9reVA9H0d6r4c%2Fdb%2BMDt%2FqBjqrnWdRGbJISCGqaOhKUM9vxfJ%2FRfbOAqnRTtdCHwZWJNPOBvawKexrmfSXZ4gVkPSIIirXc23cSKqgMMs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-request-id: tx000005f07133196df8a86-0063fcd354-10d0d57-default
x-envoy-upstream-service-time: 0
x-rgw-object-type: Normal

GET
H3 200 visitor-id Show response
api.adnz.co/api/ws-convey/ 20 B
737 B 163ms
162ms Fetch
text/plain 2606:4700:20::681a:305
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-convey/visitor-id?url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&appnexusId=&profileHash=&firstPartyVisitorId=
Requested by: Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:305 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 223c079dce84a3dae3aa62a4c14cbebf7a631589ef212888b975ba4197598323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="Not used"
x-envoy-upstream-service-time: 12
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20
pragma: no-cache
server: cloudflare
etag: -6499230366981721501
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXNXqxywQptzxU4nG99BkY%2FMQek20IwLJb%2FwxLkq%2BIrZ3RKYRBZXcvq9U5rLjIIwefZH7K%2BoXn8iL%2FzPPkqMde0qYJqmrpCu3XK1rVHnxF%2B5uYg63d1F67o1HtSDtyrFucYK5OO5sd6Z"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://www.letemps.ch
access-control-expose-headers: ETag, Authorization
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7a022072ad4090d6-FRA
expires: -1

GET gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B54D 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0BAF 76 KB
26 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bbb6bab9e1720944187369ab324f269311e17d59276e552a180541872b48b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26606
x-xss-protection: 0
server: sffe
etag: "1495 / 816 of 1000 / last-modified: 1677499644"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Feb 2023 15:59:16 GMT

POST
H2 200 / Show response
forecast.letemps.ch/a/action/ 18 B
681 B 257ms
257ms Fetch
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://forecast.letemps.ch/a/action/

Requested by

Host: forecast.letemps.ch
URL: https://forecast.letemps.ch/sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

forecast /

Resource Hash

9f79a8b32fd93678d6f6bf01360f73f8bcf6eae282eb09763dc14d90847379d7

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;frame-ancestors https://www.letemps.ch
Strict-Transport-Security	max-age=300
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;frame-ancestors https://www.letemps.ch
via: 1.1 google, 1.1 varnish
date: Mon, 27 Feb 2023 15:59:17 GMT
strict-transport-security: max-age=300
x-cache: MISS
content-length: 18
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230127-FRA
server: forecast
x-timer: S1677513557.939703,VS0,VE250
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.letemps.ch
cache-control: private, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1D99
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=letemps.ch&sn=ChromeSyncframe&so=0&topUrl=www.letemps.ch&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=bSAn8nw5TDl6SjJxQ2ZQRzA1aU1hcC9jVmtNbGd2WU8vVG4xa2Q4N0lSSG4wbWJwajBNTkwzOVJBd3Vaamorb25Xb1NVdUk1bXpvR2dzWDQyTzFBMDlRMFVOeUwyaEVxVXQ4QjhTMUpzSnhSWGU0dHZKQzVQMTNHaW5hN1...

430 B
654 B

578ms
128ms

Fetch
application/json

74.119.118.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bSAn8nw5TDl6SjJxQ2ZQRzA1aU1hcC9jVmtNbGd2WU8vVG4xa2Q4N0lSSG4wbWJwajBNTkwzOVJBd3Vaamorb25Xb1NVdUk1bXpvR2dzWDQyTzFBMDlRMFVOeUwyaEVxVXQ4QjhTMUpzSnhSWGU0dHZKQzVQMTNHaW5hN1BIeUwwOFBENTQrbEpmU2ZSWGJqb1lXdTM4Mnk5TDlhK25LOE1yMmY1OWxHVEwvYjgybFF3RlpPdUN5eUh5ZzBkS2JsbnpTNFhMT29vQXVqVTZKc21UQUhJSmtNaXV6N2tKZ2tHMUowTjNlV1VpaTlodkNVMWZEZzZPZi9HakxSMnYvWm1CWHFUZ3RTMDBlNnRwVjBMc2ZEOEpLTTZudz09fA&cppv=2

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Server

74.119.118.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

41f2d967108f8d2ce976fdda80ca34f1bfd6ad2709a478e8e4198a689483d530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2468812
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=bSAn8nw5TDl6SjJxQ2ZQRzA1aU1hcC9jVmtNbGd2WU8vVG4xa2Q4N0lSSG4wbWJwajBNTkwzOVJBd3Vaamorb25Xb1NVdUk1bXpvR2dzWDQyTzFBMDlRMFVOeUwyaEVxVXQ4QjhTMUpzSnhSWGU0dHZKQzVQMTNHaW5hN1BIeUwwOFBENTQrbEpmU2ZSWGJqb1lXdTM4Mnk5TDlhK25LOE1yMmY1OWxHVEwvYjgybFF3RlpPdUN5eUh5ZzBkS2JsbnpTNFhMT29vQXVqVTZKc21UQUhJSmtNaXV6N2tKZ2tHMUowTjNlV1VpaTlodkNVMWZEZzZPZi9HakxSMnYvWm1CWHFUZ3RTMDBlNnRwVjBMc2ZEOEpLTTZudz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 338414
content-length: 0
expires: 0

OPTIONS
H/1.1 200
OK v3
ib.adnxs.com/ut/ Frame 0
0 125ms
124ms Preflight
text/plain 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,pragma,x-is-test
Access-Control-Request-Method: POST
Origin: https://www.letemps.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

AN-X-Request-Uuid: 80fcacd6-9b3b-4cfb-8efb-4547b6e048df
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: cache-control,content-type,pragma,x-is-test
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://www.letemps.ch
Access-Control-Max-Age: 86400
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Mon, 27 Feb 2023 15:59:17 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 556 B
1 KB 14ms
14ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

082be0a1908e87b7a38c1037f562a43894e5899287fca6875dbabfa005f937aa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

pragma: no-cache
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
cache-control: no-cache
Referer: https://www.letemps.ch/
X-Is-Test: 0

Response headers

Date: Mon, 27 Feb 2023 15:59:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2f5ae6e8-e8c3-4f98-bb21-9041f752de3a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.letemps.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 17 KB
8 KB 335ms
310ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

49bcfe2daa28a53873684eb108e56bae47aead09050cb7cad9c1be6dec0574fd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 27 Feb 2023 15:59:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6f4b94e4-123c-45f5-8ec7-ff28c235a605
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.letemps.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame E467 0
71 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.letemps.ch
Referer: https://www.letemps.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.letemps.ch
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 15:59:17 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 pubads_impl_2023022102.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0BAF 383 KB
129 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 10:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132325
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:18:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 27 Feb 2024 10:55:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 0BAF 387 B
225 B 82ms
50ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.letemps.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

386fe379e44c1e23694247c7a52beb8c607b40198b250a01f90d9f0a499bca16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200
x-xss-protection: 0
expires: Mon, 27 Feb 2023 15:59:17 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0BAF 107 B
531 B 67ms
26ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.letemps.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0BAF 107 B
456 B 136ms
53ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.letemps.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0BAF 21 KB
10 KB 291ms
291ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=546396650530030&correlator=380716798199213&eid=31072028&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=96628199%3A22864112785%2Cfr_letemps.ch_v2%2Cfr_letemps.ch_v2_11324&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C994x1%7C994x118%7C728x90%7C800x250%7C970x250%7C994x250%7C1x1&fluid=height&ifi=1&adks=1501486612&sfv=1-0-40&prev_scp=hb_pb%3D0.30&ppid=-6499230366981721501&sc=1&cookie_enabled=1&abxe=1&dt=1677513557530&lmt=1677513557&dlt=1677513556921&idt=587&adxs=800&adys=205&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=nrx0cy329ei&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&ref=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&top=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&frm=23&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=968799346.1677513557&ga_sid=1677513558&ga_hid=1066216921&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

035cc7d1ccc78990e092f5ceffe69282685a7568f30578ccbe09774722f554a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10128
x-xss-protection: 0
google-lineitem-id: 5439211341
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138299349748
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.letemps.ch
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
50cf3be3ef7d672d1ed2dc28a496f693.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F9AE 6 KB
3 KB 123ms
25ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://50cf3be3ef7d672d1ed2dc28a496f693.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.letemps.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 15:59:17 GMT
expires: Tue, 27 Feb 2024 15:59:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 111ms
30ms Script
application/x-javascript 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=58698&v=5.14.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=OJjGZF9kcUYwYnoxODVUMmg1U3J5dXVHdHclMkZFNVJyc3FhN0hqcWdXMGZhV2pNSUxnRnA1NHJYNmlvcCUyRlJNRjVXbmdjNVZldXU2SVdTTGVIUXR1a21qY2QlMkZYaE51MXNHN0xrbGQlMkZkR1ZERG5CVHZ6bGhoWGw1MFFVNGRUa3FIOEVWMENsTGVYZGw0TFQlMkYzUW5DSzhDM1dXSVd3JTNEJTNE&tld=letemps.ch&fu=https%253A%252F%252Fwww.letemps.ch%252Feconomie%252Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&dtycbr=80204

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

be44b398b5fcca1f26603dffc84f21a95d8dfbb02b5eb616490ddc309707f902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13283892
timing-allow-origin: *
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0BAF 15 KB
11 KB 106ms
67ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0eca3cf677ba7b88d1d00778f8e72ae5a8cea972e49b8a1252b3932ecb3f01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11290
x-xss-protection: 0

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 6574
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-qcpaKlOWHtFbSIg5Bbj0lBmLDUKDzzFtZKzkRw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qcpaKlOWHtFbSIg5Bbj0lBmLDUKDzzFtZKzkRw&expires=30

43 B
510 B

162ms
162ms

Image
image/gif

35.212.133.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qcpaKlOWHtFbSIg5Bbj0lBmLDUKDzzFtZKzkRw&expires=30
Protocol: HTTP/1.1
Server: 35.212.133.238 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.133.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 15:59:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qcpaKlOWHtFbSIg5Bbj0lBmLDUKDzzFtZKzkRw&expires=30
Date: Mon, 27 Feb 2023 15:59:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
widget.eu.criteo.com/dis/rtb/google/ Frame 6574
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-cLr5VFOWHtFbSIg5Bbj0lBmLDUK_7LrUXW4eYA&google_cm&google_hm=ay1jTHI1VkZPV0h0RmJTSWc1QmJqMGxCbUxEVUtfN0xyV...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-cLr5VFOWHtFbSIg5Bbj0lBmLDUK_7LrUXW4eYA&google_cm=&google_hm=ay1jTHI1VkZPV0h0RmJTSWc1QmJqMGxCbUxEVUtfN0x...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-cLr5VFOWHtFbSIg5Bbj0lBmLDUK_7LrUXW4eYA&google_gid=CAESEKewMDQit6Yr4znQc9GluQk&google_cver=1&google_ula=913071,0
https://widget.eu.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-cLr5VFOWHtFbSIg5Bbj0lBmLDUK_7LrUXW4eYA&google_gid=CAESEKewMDQit6Yr4znQc9GluQk&google_cver=1&google_ula=913071,0

43 B
370 B

50ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.eu.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-cLr5VFOWHtFbSIg5Bbj0lBmLDUK_7LrUXW4eYA&google_gid=CAESEKewMDQit6Yr4znQc9GluQk&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 769085
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://widget.eu.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-cLr5VFOWHtFbSIg5Bbj0lBmLDUK_7LrUXW4eYA&google_gid=CAESEKewMDQit6Yr4znQc9GluQk&google_cver=1&google_ula=913071,0
date: Mon, 27 Feb 2023 15:59:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 158916
content-length: 0

GET
H2

200

cookiematch.aspx
widget.eu.criteo.com/dis/rtb/appnexus/ Frame 6574
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2837747298672264706
https://widget.eu.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2837747298672264706

43 B
369 B

51ms
15ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.eu.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2837747298672264706

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 928895
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://widget.eu.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2837747298672264706
date: Mon, 27 Feb 2023 15:59:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 125435
content-length: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame 6574 237 B
978 B 190ms
133ms Image
image/gif 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-IEsVo1OWHtFbSIg5Bbj0lBmLDUKaNRols30yYg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 15:59:17 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 237
x-mnet-hl2: E
expires: Mon, 27 Feb 2023 15:59:17 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 6574 0
239 B 121ms
9ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-7jUIMlOWHtFbSIg5Bbj0lBmLDUIvUEQDHDLsjg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 6574 0
35 B 85ms
7ms Image
text/plain 18.198.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Jic4clOWHtFbSIg5Bbj0lBmLDULUyOCwp8undQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.178.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-178-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 6574 43 B
114 B 165ms
16ms Image
image/gif 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-8WH9bFOWHtFbSIg5Bbj0lBmLDUIDBDNWKhJs9Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 6574 0
100 B 584ms
157ms Image
text/plain 141.226.230.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-uj1ulFOWHtFbSIg5Bbj0lBmLDUJJcQTaBMb-_g
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.230.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 155542

GET
H2 200 um
criteo-sync.teads.tv/ Frame 6574 23 B
172 B 110ms
33ms Image
image/gif 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-39QcVFOWHtFbSIg5Bbj0lBmLDUJn1HBsDfRVaA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Mon, 27 Feb 2023 15:59:17 GMT
pragma: no-cache
date: Mon, 27 Feb 2023 15:59:17 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 6574 37 B
140 B 38ms
10ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-wLr_v1OWHtFbSIg5Bbj0lBmLDUIopUSpTvaaHg&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 6574
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JiIok1OWHtFbSIg5Bbj0lBmLDUJdbvLKssxAMQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JiIok1OWHtFbSIg5Bbj0lBmLDUJdbvLKssxAMQ&verify=true

0
121 B

176ms
176ms

Image
text/plain

18.144.106.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JiIok1OWHtFbSIg5Bbj0lBmLDUJdbvLKssxAMQ&verify=true

Protocol

Server

18.144.106.164 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-144-106-164.us-west-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-JiIok1OWHtFbSIg5Bbj0lBmLDUJdbvLKssxAMQ&verify=true
date: Mon, 27 Feb 2023 15:59:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 6574 43 B
163 B 111ms
24ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-j4ZJ1VOWHtFbSIg5Bbj0lBmLDUIBm0emtobv-w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 6574 49 B
236 B 95ms
28ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-OnvPzVOWHtFbSIg5Bbj0lBmLDUKgmYV_l5yXgw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:17 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 13
content-length: 49
expires: 0

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 6574 43 B
1 KB 14ms
14ms Image
image/gif 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-pIJUMFOWHtFbSIg5Bbj0lBmLDUKZxtDlm-jtAg&seg=130915

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Feb 2023 15:59:17 GMT
AN-X-Request-Uuid: 9d760619-6234-447c-80b9-0b922a05cf2d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.134; 178.162.209.134; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
r.casalemedia.com/ Frame 6574
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Lde4slOWHtFbSIg5Bbj0lBmLDULY-hXrzg7vBA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Lde4slOWHtFbSIg5Bbj0lBmLDULY-hXrzg7vBA&C=1

43 B
549 B

29ms
28ms

Image
image/gif

104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Lde4slOWHtFbSIg5Bbj0lBmLDULY-hXrzg7vBA&C=1
Protocol: H2
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBWKy5G0eXAn5T%2Bw2mTz%2FiMFneu7J5dXgpNPCEyxA96b6NFzSDjHXSGgua68grVHOiughfU0w%2BWzIjgTpP9L5WRe0TSbwV8uI4hRBSKvu%2BBULsiX2M34zj4MI5dH%2BabOdKp4"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7a022079683f927a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDKe8XZYjkaYiybeGgTZn26HSnPW7bi%2FJDtvHVBM1EMutVheyEN5J2TiLDeZ50EH4ipMidpprtJdiMLcQVMBqSc2QoB56dC6SiCgWnKlDhpRTxv%2FokP1kdarolvPXiSGggJK"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-Lde4slOWHtFbSIg5Bbj0lBmLDULY-hXrzg7vBA&C=1
cache-control: no-cache
cf-ray: 7a0220793ff1927a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 6574
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=xwSPLpeqzIg5o8MjaIJ_UQcFUaNx9u8B
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=xwSPLpeqzIg5o8MjaIJ_UQcFUaNx9u8B

42 B
942 B

39ms
38ms

Image
image/gif

34.246.68.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=xwSPLpeqzIg5o8MjaIJ_UQcFUaNx9u8B

Protocol

HTTP/1.1

Server

34.246.68.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-68-114.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-0decf6b17.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: P+5ud+p5RTc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v046-0d7e6a16f.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: rRSX31mwTSU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=xwSPLpeqzIg5o8MjaIJ_UQcFUaNx9u8B
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 6574 43 B
1 KB 59ms
14ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-5giwE1OWHtFbSIg5Bbj0lBmLDUKgvPFSwpAc9Q

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 27 Feb 2023 15:59:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 6574
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-KOf4M1OWHtFbSIg5Bbj0lBmLDUKsSrrEAvyHaw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-KOf4M1OWHtFbSIg5Bbj0lBmLDUKsSrrEAvyHaw

43 B
449 B

105ms
105ms

Image
image/gif

52.2.51.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-KOf4M1OWHtFbSIg5Bbj0lBmLDUKsSrrEAvyHaw
Protocol: H2
Server: 52.2.51.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-51-253.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Feb 2023 15:59:18 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-KOf4M1OWHtFbSIg5Bbj0lBmLDUKsSrrEAvyHaw
date: Mon, 27 Feb 2023 15:59:18 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 6574 42 B
274 B 121ms
20ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-EsNzeFOWHtFbSIg5Bbj0lBmLDULYqYU33sk2-g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 6574 0
969 B 512ms
172ms Image
text/html 54.176.140.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Urt44VOWHtFbSIg5Bbj0lBmLDUJGz6DX68gSvw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.176.140.13 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-176-140-13.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 6574 0
145 B 690ms
155ms Image
text/plain 66.225.223.31
NTTA-3946

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-fR5L71OWHtFbSIg5Bbj0lBmLDUIX65l-6hiiNA&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.225.223.31 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 15:59:18 GMT
Cache-Control: no-cache
X-TraceId: 9d129bc67bddbc68522623caa376eac5
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 6574 42 B
582 B 98ms
20ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-wO8e-1OWHtFbSIg5Bbj0lBmLDULvUmW_-CxlyA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 27 Feb 2023 15:59:18 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 6574 43 B
183 B 322ms
100ms Image
image/gif 2600:1f18:612b:4216:cd79:34ae:bc6a:5e70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-OQ7YX1OWHtFbSIg5Bbj0lBmLDUJERrYhOLOCcw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:cd79:34ae:bc6a:5e70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 27 Feb 2023 15:59:18 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 6574 43 B
153 B 68ms
22ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-qAq3wFOWHtFbSIg5Bbj0lBmLDUKFKbBfGxtWWQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Feb 2023 15:59:18 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 6574 0
525 B 102ms
35ms Image
text/plain 184.28.181.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k--R4EdFOWHtFbSIg5Bbj0lBmLDUKI0hkQpZj1qg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.28.181.42 Berlin, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-28-181-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Feb 2023 15:59:18 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 26 Feb 2023 15:59:18 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 6574 43 B
220 B 656ms
190ms Image
image/gif 54.188.190.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-12pc91OWHtFbSIg5Bbj0lBmLDUJXML47wLD39A&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.188.190.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-188-190-65.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 27 Feb 2023 15:59:18 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 event
logs1412.xiti.com/ 0
328 B 40ms
9ms Ping
text/plain 52.222.228.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logs1412.xiti.com/event?s=628826&idclient=len09c70ax90ivng

Requested by

Host: tag.aticdn.net
URL: https://tag.aticdn.net/piano-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.228.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-228-32.fra56.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
strict-transport-security: max-age=15768000
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
access-control-max-age: 600
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.letemps.ch
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: RKs4-5GLF8UOLzdp8OkegLXalrnTO_M5ig8lZqwSHl6adENBBdZQJQ==

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/le-temps-app/ 620 B
680 B 389ms
389ms Fetch
application/json 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/le-temps-app/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.10/firebase-performance.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfeeb6c8c9bf88d135a0b3475a6efe271a4a5e45ba8c713b9e615a1bf4549507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://www.letemps.ch/
x-goog-api-key: AIzaSyBb50w4-mHGaC7qFOKj4075266yBHnJDfg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.letemps.ch
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 490
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/le-temps-app/ Frame 0
0 147ms
51ms Preflight
text/html 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/le-temps-app/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://www.letemps.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.letemps.ch
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 27 Feb 2023 15:59:17 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0BAF 17 KB
7 KB 75ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 15:59:18 GMT

GET
H3 200 ebc7e5e_20230223150445571.jpg
assets.letemps.ch/sites/default/files/styles/lt_inline_center/public/media/2023/02/26/ 60 KB
61 KB 25ms
24ms Image
image/jpeg 104.26.7.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.letemps.ch/sites/default/files/styles/lt_inline_center/public/media/2023/02/26/ebc7e5e_20230223150445571.jpg?itok=Acf8evs_

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.7.150 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f165fbfe527c5a730c31e5e284ea54daa94e0c091241857c73ba0b3c44eb4664

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11438
traceresponse: 00-1747a76cb803583f96019855f77281bf-f561ff364356c2be-00
cf-polished: origSize=61852, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61441
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Sun, 26 Feb 2023 10:21:53 GMT
server: cloudflare
etag: "63fb32c1-f19c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxgcDutZWvx%2FEAD0DRJY8EmWBbGATWIGqLBcxfXu26GMbB5G4lsH9jRPgrHPMK2zNbpufR1WPlJRc%2Fo3PiwlD%2B1pc86VhB1Ug0L9%2FsGDDkPmLs4MBfFjaHgCeNrLW1sp3gFq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7a0220787f532c6d-FRA
expires: Tue, 27 Feb 2024 10:24:31 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ Frame 0BAF 24 KB
8 KB 83ms
13ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:53:07 GMT
content-encoding: gzip
age: 1638371
x-guploader-uploadid: ADPycduE5L2eeFp6uIBZXVmQzp1L-SpgDvDmbY_Q_CWTzkfDxzhrR4U1i09pt8tFiyeePrtu2s28XPWyuBaA4jWN06J35g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 08 Feb 2024 16:53:07 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ Frame 0BAF 732 B
1 KB 41ms
25ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26731
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0Vs%2FEv8jMJENuSgDX0DDhfGopluCpVA2KzdxpMQ2rk4NfPE%2FSM1iuYJw%2Bhx%2FypCE%2FiZldAIeqEHGNKVg6FuWcpWKocgsBVAaXHV1J4n38MLb8RCKbIruf%2FpzYmHALeFWzFBOoMOo7Erp3flC1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7a02207b9c4d923b-FRA

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ Frame 0BAF 39 KB
13 KB 34ms
34ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 28 Feb 2023 15:59:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F8DB 0
0 51ms
49ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZvh7aaR14CI5niyjoVucb9REE_jI78MpxbOSk8bEaEh2-ZsKgUJNIb5hdWPvq7vSDFiMbxbxR-POoec8g31GuVViLqRGgLMm1Ef0aC6_G12WEgTlg9Pd55IRbk3rM09KqI4-BSlG65WnHUXixh4eZJlv6R2YPMhpJGksA_zI4_Hb7OeEOxZPEH3vs7Md8ABiSkiHGIalSwqnfagXH4N2MLKdS5ZM2WaO5SSjTaCt-aaH76vL8H3y0ttefbiKjPG7YvnQkKDPdMGQqmTA207HsZVl5SwxW6C9APzwpnpjXrnGtxDpfVT4tIb1XFQIO16ZHxv1pb5KMdE-jt-pFxej2btG7UT7IxjiuPZa95g&sai=AMfl-YR5TqcdS72Sbw3i12dc-zobiklE1f8ctEzDFKqjsRT8b78Qu4bI5DkHgKQod6KghKaUb23VgSUCvPVSLKL7-u4H0aSm07HnpXUNFbBEGXgfwYSRZWcH9pHH3Ih5oOLD-TQ7SyC3DZNaTeO9pMLr&sig=Cg0ArKJSzCehzuHZCWoMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.letemps.ch
URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Feb 2023 15:59:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8DB 158 KB
49 KB 67ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Feb 2023 15:59:17 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DA51 15 KB
6 KB 16ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.letemps.ch

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.letemps.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 15:59:17 GMT
server: Kestrel
server-processing-duration-in-ticks: 911659
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame DA51
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=letemps.ch&sn=ChromeSyncframe&so=3&topUrl=www.letemps.ch&bundle=OJjGZF9kcUYwYnoxODVUMmg1U3J5dXVHdHclMkZFNVJyc3FhN0hqcWdXMGZhV2pNSUxnRnA...
https://mug.criteo.com/sid?cpp=DIyvb3xoVzJlRjgrSGNSMUg3Ylg5QldnUStrTnloc0VIR0ltOHd2ODZKQjBLQSszeTlJSW8wQzZOUGtRckN5OHo0ZTdZeEFXYjhJT2dzMnBiR3l6SG5pTmdid3JnZ2ZtRi8yczg5YzZjcTBXb1YxS3FwMUtudDkzb2t3Tl...

441 B
657 B

127ms
126ms

Fetch
application/json

74.119.118.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=DIyvb3xoVzJlRjgrSGNSMUg3Ylg5QldnUStrTnloc0VIR0ltOHd2ODZKQjBLQSszeTlJSW8wQzZOUGtRckN5OHo0ZTdZeEFXYjhJT2dzMnBiR3l6SG5pTmdid3JnZ2ZtRi8yczg5YzZjcTBXb1YxS3FwMUtudDkzb2t3TlBORk5HQllzeTlna0NYY203MkZrOFdsZjZrcTl3TU41NW5LcXl3ZGRNZ1dMY3Zqc2tlK1VySERRZFJOZXlibkc4QWJ0V2E2RVJWdkhpc3lXMTRFdEV6ODRicCtxbU5LMzlGbHE4RXp5dmJ0ZVlDd2lBOW0yY2ljLzdzTHl2VnEvb1V3Z2hicUZmUnZNQTZjRCs1SjBDVTVRaHo4bVdBVEd2ZXdQZmV2MjhURmNZNHRLd0J3cz18&cppv=2

Protocol

Server

74.119.118.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

74fe06b62aec690d25389608c8e5f222bcad075610fa2a6fcd72b825b885cc0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2061315
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=DIyvb3xoVzJlRjgrSGNSMUg3Ylg5QldnUStrTnloc0VIR0ltOHd2ODZKQjBLQSszeTlJSW8wQzZOUGtRckN5OHo0ZTdZeEFXYjhJT2dzMnBiR3l6SG5pTmdid3JnZ2ZtRi8yczg5YzZjcTBXb1YxS3FwMUtudDkzb2t3TlBORk5HQllzeTlna0NYY203MkZrOFdsZjZrcTl3TU41NW5LcXl3ZGRNZ1dMY3Zqc2tlK1VySERRZFJOZXlibkc4QWJ0V2E2RVJWdkhpc3lXMTRFdEV6ODRicCtxbU5LMzlGbHE4RXp5dmJ0ZVlDd2lBOW0yY2ljLzdzTHl2VnEvb1V3Z2hicUZmUnZNQTZjRCs1SjBDVTVRaHo4bVdBVEd2ZXdQZmV2MjhURmNZNHRLd0J3cz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 355807
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F8DB 0
0 49ms
48ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukC3dOeUWTeG5FegKh5C4vzS2YIO_gTK3_LyWWq_3Q1L62A0vtD7bA-Hd2x1gFILYoFNsB1OLqMy3Fkp-V2OP_P-qXMV6v_y0bTBswi5qY_JUsyj8bTOt0MxkMmDfV0yZxdgvyKixPHQRpGeRxcCR5FEDjPpWCYQe8avfifoeZsy9KBgsGBuTsxN3bkLjYLXtfYjqdw9a2zdm6i_Sw1h_SApUzBX4Fq-PWgzz7-iSzeWJRX17igV0J48gBgE20jVvwI5H7oWK6-3JjRtmM4piqTPeswfVrViVzOiOPP5Fcj3bAP1UP85WQO_i7Lom5WPSwMS605OuA-aa_uA9m839JYP_hXRPbjXCS02Krn9Ry&sai=AMfl-YReVO2A7eEK8wmdJn_fWWjZDW3QxTdX7AnagnGEhfmuv5zBFTzB83ggIxTahclaWlE9cscVbN094U9a0qOJrPJR8ZI-P9ANxUNM0m2r-8AsNzDjw4Ve8GEYNiD44fB7eDyI0_6xwOrEtjZi4FOl&sig=Cg0ArKJSzAyGm02CBw9zEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Feb 2023 15:59:18 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6574
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=gblCOvFZR-zj9L-xqKQ36IkcKfzVxfst

0
338 B

648ms
199ms

Image
text/plain

52.12.247.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=gblCOvFZR-zj9L-xqKQ36IkcKfzVxfst
Protocol: H2
Server: 52.12.247.47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-12-247-47.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by: beacon-n002-pdx-prod.krxd.net
date: Mon, 27 Feb 2023 15:59:18 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1677513558
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=gblCOvFZR-zj9L-xqKQ36IkcKfzVxfst
date: Mon, 27 Feb 2023 15:59:17 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1038590
content-length: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8BC7 13 KB
5 KB 17ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.letemps.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 15:46:04 GMT
expires: Tue, 27 Feb 2024 15:46:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 06AA 783 B
970 B 27ms
26ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4575c979b536412b3bf7de58a7c9985995b05ace1bce0711d6e505d184426b0f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yms40bO2YLfDB-gLj6bBlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.letemps.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Yms40bO2YLfDB-gLj6bBlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 15:59:18 GMT
expires: Mon, 27 Feb 2023 15:59:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 batch
api.adnz.co/api/ws-events-sink/ 0
0 26ms
26ms Fetch 2606:4700:20::681a:305
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-events-sink/batch?visitorId=-6499230366981721501&profileHash=&appnexusId=&events=W3sidHlwZSI6IlBBR0VfSU1QUkVTU0lPTiIsImJvZHkiOnt9LCJldmVudElkIjo0NjA3NTQwNzUzMDc5NzUsInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0RPTV9GT1VORCIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOjExMzI0fSwiZXZlbnRJZCI6MTI5MjcwODIyMjY4NjU4OSwicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJIRUFERVJfRE9NX0ZPVU5EIiwiYm9keSI6eyJhZFRhZ0lkIjo2MjgsImRpdklkIjoiYWRuel93aWRlYm9hcmRfMiIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6MTEzODJ9LCJldmVudElkIjozNzI0NTM4NDk5MzU0MTMxLCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9LHsidHlwZSI6IkhFQURFUl9ET01fRk9VTkQiLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X2hhbGZwYWdlXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOjExNDMzfSwiZXZlbnRJZCI6MTY0NTIxMjUzMjIyNzYzNywicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJIRUFERVJfQ0FOX0JFX1BSRUxPQURFRCIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOjExMzI0fSwiZXZlbnRJZCI6MTI5MDg2MjcwNzMwNjk4NywicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJIRUFERVJfQ0FOX0JFX1NIT1dOIiwiYm9keSI6eyJhZFRhZ0lkIjo2MjgsImRpdklkIjoiYWRuel93aWRlYm9hcmRfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6MTEzMjR9LCJldmVudElkIjo0MTc1MDM1MjcwNTI4MTM5LCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9LHsidHlwZSI6IkhFQURFUl9ET01fRk9VTkQiLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X2luZmVlZF8xIiwiaXNSZWxvYWQiOmZhbHNlfSwiZXZlbnRJZCI6NjMxMDUyNTUxMzk1NjkzNSwicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJIRUFERVJfRE9NX0ZPVU5EIiwiYm9keSI6eyJhZFRhZ0lkIjo2MjgsImRpdklkIjoiYWRuel9pbmZlZWRfMiIsImlzUmVsb2FkIjpmYWxzZX0sImV2ZW50SWQiOjMwODk4Njg2MTAwODI1MDcsInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0RPTV9GT1VORCIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOjExMzI0fSwiZXZlbnRJZCI6NjM0MTIzOTY0NjkzOTAzLCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9LHsidHlwZSI6IkhFQURFUl9ET01fRk9VTkQiLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8yIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoxMTM4Mn0sImV2ZW50SWQiOjc0MDM3MzM4MTcwMjU2NDcsInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0RPTV9GT1VORCIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfaGFsZnBhZ2VfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6MTE0MzN9LCJldmVudElkIjoxMzIzOTQ2OTcxNzE4NDEsInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0NBTl9CRV9QUkVMT0FERUQiLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoxMTMyNH0sImV2ZW50SWQiOjIzNDUyMzc5MjkxNTcxMTEsInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0NBTl9CRV9TSE9XTiIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOjExMzI0fSwiZXZlbnRJZCI6MjYxMDE3MjM0MDgxODcxMSwicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJIRUFERVJfRE9NX0ZPVU5EIiwiYm9keSI6eyJhZFRhZ0lkIjo2MjgsImRpdklkIjoiYWRuel93aWRlYm9hcmRfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6MTEzMjR9LCJldmVudElkIjo4NjIyMTU1NTExMzYwNTU3LCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9LHsidHlwZSI6IkhFQURFUl9ET01fRk9VTkQiLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8yIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoxMTM4Mn0sImV2ZW50SWQiOjc0ODI5MzMwNDI1Mzc1OTksInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0RPTV9GT1VORCIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfaGFsZnBhZ2VfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6MTE0MzN9LCJldmVudElkIjo3NTg5NzQ3MDg4NDA2MzE5LCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9LHsidHlwZSI6IkhFQURFUl9ET01fRk9VTkQiLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X2luZmVlZF8xIiwiaXNSZWxvYWQiOmZhbHNlfSwiZXZlbnRJZCI6MzAyNTYwNTkxMTU3MDQ0MywicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJIRUFERVJfRE9NX0ZPVU5EIiwiYm9keSI6eyJhZFRhZ0lkIjo2MjgsImRpdklkIjoiYWRuel9pbmZlZWRfMiIsImlzUmVsb2FkIjpmYWxzZX0sImV2ZW50SWQiOjQ5MjM4MjMxODk3NTQxNywicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJIRUFERVJfQ0FOX0JFX1BSRUxPQURFRCIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOjExMzI0fSwiZXZlbnRJZCI6MTY0MjM1NzcyOTg1MTU0OSwicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJIRUFERVJfQ0FOX0JFX1NIT1dOIiwiYm9keSI6eyJhZFRhZ0lkIjo2MjgsImRpdklkIjoiYWRuel93aWRlYm9hcmRfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6MTEzMjR9LCJldmVudElkIjo4NTcyMjQ5MDUzMjY3NDAxLCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9LHsidHlwZSI6IkhFQURFUl9ET01fRk9VTkQiLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoxMTMyNH0sImV2ZW50SWQiOjg4ODk1ODA2Njc0ODQ2NDcsInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0RPTV9GT1VORCIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzIiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOjExMzgyfSwiZXZlbnRJZCI6Njg4OTE0MzAzOTE0MTUwMywicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJIRUFERVJfRE9NX0ZPVU5EIiwiYm9keSI6eyJhZFRhZ0lkIjo2MjgsImRpdklkIjoiYWRuel9oYWxmcGFnZV8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoxMTQzM30sImV2ZW50SWQiOjg2NDExODA2MzE3OTM1NzksInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0RPTV9GT1VORCIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfaW5mZWVkXzEiLCJpc1JlbG9hZCI6ZmFsc2V9LCJldmVudElkIjo4NDI3NjgyMDE3MTk0OTE1LCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9LHsidHlwZSI6IkhFQURFUl9ET01fRk9VTkQiLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X2luZmVlZF8yIiwiaXNSZWxvYWQiOmZhbHNlfSwiZXZlbnRJZCI6NzQ2NTA2MTExNjUyODcsInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn1d
Requested by: Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:305 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtFnVB4M%2F7bkuojgRpVHfgEAxZmnXZVbzIc4%2BTZuiNOqeRjVTIE7e7E44cnZO6n02RGBKLXbNMzWnswvQjySLMg3fqe3iuQn5e2CuRs9Qz02RTFF8hOwcFhDfCQ8PYnyHGL73%2FN38Phl"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.letemps.ch
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
cf-ray: 7a02207bc89e90d6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 batch
api.adnz.co/api/ws-events-sink/ 0
0 24ms
23ms Fetch 2606:4700:20::681a:305
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-events-sink/batch?visitorId=-6499230366981721501&profileHash=&appnexusId=&events=W3sidHlwZSI6IkhFQURFUl9DQU5fQkVfUFJFTE9BREVEIiwiYm9keSI6eyJhZFRhZ0lkIjo2MjgsImRpdklkIjoiYWRuel93aWRlYm9hcmRfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6MTEzMjR9LCJldmVudElkIjo3MjA0MjA4NjY0ODgxMjgzLCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9LHsidHlwZSI6IkhFQURFUl9DQU5fQkVfU0hPV04iLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoxMTMyNH0sImV2ZW50SWQiOjI0NTUwMzAzNjgyMjQ0MDUsInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0RPTV9GT1VORCIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOjExMzI0fSwiZXZlbnRJZCI6MzAyMDk3MDI3MzA1NzE0OSwicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJIRUFERVJfRE9NX0ZPVU5EIiwiYm9keSI6eyJhZFRhZ0lkIjo2MjgsImRpdklkIjoiYWRuel93aWRlYm9hcmRfMiIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6MTEzODJ9LCJldmVudElkIjo1MDQzODExNDA4ODA4MTAxLCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9LHsidHlwZSI6IkhFQURFUl9ET01fRk9VTkQiLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X2hhbGZwYWdlXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOjExNDMzfSwiZXZlbnRJZCI6NTU0Mzk2NDQ5MDg0NTk5OSwicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJIRUFERVJfRE9NX0ZPVU5EIiwiYm9keSI6eyJhZFRhZ0lkIjo2MjgsImRpdklkIjoiYWRuel9pbmZlZWRfMSIsImlzUmVsb2FkIjpmYWxzZX0sImV2ZW50SWQiOjY4MTYzODU1NjkzMDQ4NDksInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0RPTV9GT1VORCIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfaW5mZWVkXzIiLCJpc1JlbG9hZCI6ZmFsc2V9LCJldmVudElkIjo3OTE0NTQ2NDA5MzIzMTQxLCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9LHsidHlwZSI6IkhFQURFUl9DQU5fQkVfUFJFTE9BREVEIiwiYm9keSI6eyJhZFRhZ0lkIjo2MjgsImRpdklkIjoiYWRuel93aWRlYm9hcmRfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6MTEzMjR9LCJldmVudElkIjo3Nzk0ODMyNDI3Nzc1NzUxLCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9LHsidHlwZSI6IkhFQURFUl9DQU5fQkVfU0hPV04iLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoxMTMyNH0sImV2ZW50SWQiOjgwNDAyNzUyMTg1NjAxOTMsInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiQklEX1JFUVVFU1QiLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiNjI4IiwiY3JlYXRlZCI6MTY3NzUxMzU1NzM2OCwicmVxdWVzdElkIjoiODk0Njk2OTY3NDk2NjQ5IiwiYmlkZGVycyI6WyJBUFBORVhVUyIsIlRFQURTIiwiSVgiLCJBTUFaT04iLCJCQyIsIkJUQSIsIkNPREUiLCJYQU5EUl9CQU5ORVIiXSwic2l6ZXMiOlsiOTk0eDI1MCIsIjk5NHgyNTAiLCI5OTR4MjUwIiwiOTk0eDI1MCIsIjk5NHgyNTAiLCI5OTR4MSIsIjk5NHgxMTgiLCI3Mjh4OTAiLCI4MDB4MjUwIiwiOTcweDI1MCIsIjk5NHgyNTAiXSwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIn0sImV2ZW50SWQiOjYyMzY4MjI3MDc0MzcyNTMsInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiQklEX1JFUVVFU1QiLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiNjI4IiwiY3JlYXRlZCI6MTY3NzUxMzU1NzM2OCwicmVxdWVzdElkIjoiODk0Njk2OTY3NDk2NjQ5IiwiYmlkZGVycyI6WyJBUFBORVhVUyIsIlRFQURTIiwiSVgiLCJBTUFaT04iLCJCQyIsIkJUQSIsIkNPREUiLCJYQU5EUl9CQU5ORVIiXSwic2l6ZXMiOlsiOTk0eDI1MCIsIjk5NHgyNTAiLCI5OTR4MjUwIiwiOTk0eDI1MCIsIjk5NHgyNTAiLCI5OTR4MTE4IiwiOTk0eDUwMCIsIjcyOHg5MCIsIjgwMHgyNTAiLCI5NzB4MjUwIiwiOTk0eDI1MCJdLCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzIifSwiZXZlbnRJZCI6MjU1NzI3NjU0Mjg2NzU3MSwicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJCSURfUkVRVUVTVCIsImJvZHkiOnsiaGVhZGVyVGFnSWQiOiI2MjgiLCJjcmVhdGVkIjoxNjc3NTEzNTU3MzY5LCJyZXF1ZXN0SWQiOiI4OTQ2OTY5Njc0OTY2NDkiLCJiaWRkZXJzIjpbIkFQUE5FWFVTIiwiVEVBRFMiLCJJWCIsIkFNQVpPTiIsIkJDIiwiQlRBIiwiQ09ERSIsIlhBTkRSX0JBTk5FUiJdLCJzaXplcyI6WyI5OTR4MjUwIiwiOTk0eDI1MCIsIjk5NHgyNTAiLCI5OTR4MjUwIiwiOTk0eDI1MCIsIjk5NHgxMTgiLCI5OTR4NTAwIiwiNzI4eDkwIiwiODAweDI1MCIsIjk3MHgyNTAiLCI5OTR4MjUwIl0sImRpdklkIjoiYWRuel93aWRlYm9hcmRfMyJ9LCJldmVudElkIjo4NjY4NjUwODg2OTYxNTAzLCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9LHsidHlwZSI6IkJJRF9SRVFVRVNUIiwiYm9keSI6eyJoZWFkZXJUYWdJZCI6IjYyOCIsImNyZWF0ZWQiOjE2Nzc1MTM1NTczNjksInJlcXVlc3RJZCI6Ijg5NDY5Njk2NzQ5NjY0OSIsImJpZGRlcnMiOlsiQVBQTkVYVVMiLCJURUFEUyIsIklYIiwiQU1BWk9OIiwiQkMiLCJCVEEiLCJDT0RFIiwiWEFORFJfQkFOTkVSIl0sInNpemVzIjpbIjE2MHg2MDAiLCIxNjB4NjAwIiwiMTYweDYwMCIsIjE2MHg2MDAiLCIxNjB4NjAwIiwiMTYweDYwMCIsIjMwMHg2MDAiLCIzMDB4MjUwIl0sImRpdklkIjoiYWRuel9oYWxmcGFnZV8xIn0sImV2ZW50SWQiOjYzMjE2NzM4OTUxNjQzNDksInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0FVQ1RJT04iLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoxMTMyNH0sImV2ZW50SWQiOjU3NzQ4NzIwNzk0NDM2MzksInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0FMTE9XRUQiLCJib2R5Ijp7ImFkVGFnSWQiOjYyOCwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoxMTMyNH0sImV2ZW50SWQiOjM3NDE2MzgwODM1NDQwNTksInBhZ2VJbXByZXNzaW9uSWQiOjc4NDU5ODIxNjY2NDgzNDcsInVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvZWNvbm9taWUvY2VudGFpbmVzLW1pbGxpb25zLWRvbGxhcnMtZGV0b3VybmVzLWxpYmFuLWF1cmFpZW50LWF0dGVycmktYmFucXVlcy1zdWlzc2VzIn0seyJ0eXBlIjoiSEVBREVSX0dQVF9JTkpFQ1RFRCIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOjExMzI0fSwiZXZlbnRJZCI6NzUxNjUwNjA0ODc1MjM2OSwicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJCSURfV0lOTkVSIiwiYm9keSI6eyJoZWFkZXJUYWdJZCI6IjYyOCIsImNyZWF0ZWQiOjE2Nzc1MTM1NTc4NTQsInNpemVNYXBwaW5nSWQiOiIiLCJzaXplIjoiIiwicmVxdWVzdElkIjoiODk0Njk2OTY3NDk2NjQ5IiwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiYmlkZGVyU2NvcmVzIjp7IkFQUE5FWFVTIjpudWxsLCJURUFEUyI6bnVsbCwiSVgiOm51bGwsIkFNQVpPTiI6bnVsbCwiQkMiOm51bGwsIkJUQSI6bnVsbCwiQ09ERSI6bnVsbCwiWEFORFJfQkFOTkVSIjpudWxsLCJHT09HTEUiOjB9fSwiZXZlbnRJZCI6MjgzMTI2MTQxMzYyODMwNywicGFnZUltcHJlc3Npb25JZCI6Nzg0NTk4MjE2NjY0ODM0NywidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9lY29ub21pZS9jZW50YWluZXMtbWlsbGlvbnMtZG9sbGFycy1kZXRvdXJuZXMtbGliYW4tYXVyYWllbnQtYXR0ZXJyaS1iYW5xdWVzLXN1aXNzZXMifSx7InR5cGUiOiJIRUFERVJfQURfSU1QUkVTU0lPTiIsImJvZHkiOnsiYWRUYWdJZCI6NjI4LCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEiLCJpc1JlbG9hZCI6ZmFsc2UsImlzRGVsaXZlcmVkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6MTEzMjR9LCJldmVudElkIjozODY1NjUxNzA5ODM1OTQzLCJwYWdlSW1wcmVzc2lvbklkIjo3ODQ1OTgyMTY2NjQ4MzQ3LCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2Vjb25vbWllL2NlbnRhaW5lcy1taWxsaW9ucy1kb2xsYXJzLWRldG91cm5lcy1saWJhbi1hdXJhaWVudC1hdHRlcnJpLWJhbnF1ZXMtc3Vpc3NlcyJ9XQ%3D%3D
Requested by: Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:305 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3murZSRB%2FitONDVUaBPTwieoEF63XR3jCuhici5rNDmyoWVHG6DKBEbUrzg19iNZAXfnrzI9SGlz91ecmgwol2squpnTCcJAHhV7uytz0QtJcxnkHYeAHshzfphsd%2Fc9bpHS%2Bc%2F50JH"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.letemps.ch
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
cf-ray: 7a02207bc8a090d6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 06AA 0
0 148ms
117ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022102&jk=546396650530030&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BC7 36 KB
14 KB 46ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 20:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 20:35:11 GMT

GET
H2

200

esp Show response
oajs.openx.net/ Frame 0BAF
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&rid=esp&cc=1

85 B
203 B

145ms
145ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: b6b8fae2e8e975fc19ee0240780c1de41a73e7bc21bc91738b45664447eed610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-bqkf8tmxTfOfdaUU0qd/YZjkzW8"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.letemps.ch
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 27 Feb 2023 15:59:18 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.letemps.ch
location: /esp?url=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 fireperf:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/le-temps-app/namespaces/ 1 KB
689 B 31ms
31ms Fetch
application/json 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/le-temps-app/namespaces/fireperf:fetch?key=AIzaSyBb50w4-mHGaC7qFOKj4075266yBHnJDfg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.10/firebase-performance.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3002dfd4bdaa1a51d6a9f79ba9aa5e6cd090470c8f3b7dcd953fbe71e6c20ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
Authorization: FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6MTAwODQzMDQzMzU0MDp3ZWI6MDUwMDZmOTI4ODc3ZTdkYSIsImV4cCI6MTY3ODExODM1OCwiZmlkIjoiZXpMbVppQ2pldi1lelluVFlOMDRPZyIsInByb2plY3ROdW1iZXIiOjEwMDg0MzA0MzM1NDB9.AB2LPV8wRQIgUvo2xK4aaoZk-0HjNf8uNBpLnsLRrmbLS3ihNPi4GUcCIQDKIHcrYlVE87CqUvBfk8Tf8RbHO65Yk6oa5d_6mDEmWA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-le-temps-app-fireperf-fetch--815608889
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.letemps.ch
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 462
x-xss-protection: 0

OPTIONS
H2 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/le-temps-app/namespaces/ Frame 0
0 78ms
23ms Preflight
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/le-temps-app/namespaces/fireperf:fetch?key=AIzaSyBb50w4-mHGaC7qFOKj4075266yBHnJDfg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://www.letemps.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.letemps.ch
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 27 Feb 2023 15:59:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8BC7 0
10 B 15ms
14ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NiF-8Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:59:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 459C 0
176 B 61ms
19ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.letemps.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 27 Feb 2023 15:59:18 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

cs
s.thebrighttag.com/ Frame 6574
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=lNhvQ3uEIQ4WDp4LIF16c6T0aO6pik9d

35 B
268 B

369ms
119ms

Image
image/gif

3.22.158.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=lNhvQ3uEIQ4WDp4LIF16c6T0aO6pik9d
Protocol: H2
Server: 3.22.158.170 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-22-158-170.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:19 GMT
x-bt-requestid: b17db770-b6b7-11ed-bcf0-0000ac170031
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=lNhvQ3uEIQ4WDp4LIF16c6T0aO6pik9d
date: Mon, 27 Feb 2023 15:59:18 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1069509
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0BAF 0
0 121ms
121ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022102&jk=546396650530030&bg=!n5ylnMjNAAZYlHKzeJQ7ADkAdvg8WiM-mKD40PAHl4ztpS7Hxplevl92z6ksJpVPu9kFdoxj9DRBU8uQshj7uixr_3fmEgBVw3sCAAAAXVIAAAADaAEHCgAWEy9RP0rdxXicOJOoPgF6AlRPObbDhZkCvR-Ng7eCcyXjB1E01xx1che0Tz6oKWi6_c5UQQX0h4UdT9PSBXkw_TSALMzTkxHYJ1a1tvi0hlGJ2insD0b0VX776OHghXdni2nfsNReLlNMwf0oFc28EaEX9RZH3spZ7mouE96zIBrFT_9J42AIcNjG-6V5BAnkW48on6Wj6UEcLZeThcuL4DDyFRxpgWuntyNed4ezZ8flWvz2ZLbx1QiKTEqxnkCOSsM_qCHbSNeyBJa4A4XSyMRtIdXMRVuDwdlk0ZKbw9tWKYrt6VaYSVo444yhlzxGrXwEFNm3nyazVJQcM9SezZZ_KOUkf3sFH0W7BFASWZ5nK8u3zlcCWM4KjqCXrIL5Ix3LcDkFiYZCLOW8UFGgCZLNddwvzz4x7i9g2nVuK2S-XsCmLhs6reuTnTx6UxgZB5mKHH706xsXnFDiRtwfhtukK8zDuoe048L5sMPOldx8g2kXiF0H9AW4wfoHCCyGMBOdrrnGJIvmqrbLa8U3K1xIVjRs7W8nc7IMLuaFrp_Y3A9l_BKqhNy-mQOCSYGVsOnrV_TVIvbXgSzKJny_BYKQCCTtrOlN3DuVwXXUzq-Q3ZU4lci79InpZkuCEkVwkDobdmtfltmIk5AneUuFdV-BuncXdN8B-YiRWKo9HAT2I4fSdTI520xoFI7AnFLxRcsCAbRnNc7kQMl4pY9-Krv8WzLtWf7-mCotGUYuZSVuz61CYk6mhboHe6UiAlPd-rynTKrFBxfk0u3391HiKtoczqBmw74e4n0bsFK9VXALkN6TudupI1ws6wDtoP6NAa2_grFvf6leor1cmQlVhaZmzqUkl_L-h6gPRX9mEEuVsebvkf1Pqit9JCqmQQ_wlHHRUj0csc1IyDcA4A69d6kTGZXeH4Gb9KGCjDjkDXCV08wiN7UGrMQWd4kmPBFH5GZ6gBdz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RK4TFZGQ66&gtm=45je32m0&_p=235793138&cid=968799346.1677513557&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1677513556&sct=1&seg=0&dl=https%3A%2F%2Fwww.letemps.ch%2Feconomie%2Fcentaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses&dt=Des%20centaines%20de%20millions%20de%20dollars%20d%C3%A9tourn%C3%A9s%20au%20Liban%20auraient%20atterri%20dans%20des%20banques%20suisses%20-%20Le%20Temps&en=content_view&ep.anonymizeIp=true&ep.articleId=1361205&ep.contentType=np8_news&epn.premiumContent=0&ep.category=Economie&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RK4TFZGQ66&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.letemps.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 15:59:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.letemps.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log Show response
firebaselogging-pa.googleapis.com/v1/firelog/legacy/ 123 B
436 B 188ms
120ms Fetch
application/json 2a00:1450:4001:810::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaselogging-pa.googleapis.com/v1/firelog/legacy/log?key=AIzaSyCx80ru6-RXeTi3GvqkFsMVyMf-vpgIoVw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.10/firebase-performance.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

b99f88e652026d4d811f3eeba9411584440f3d735a3d79ea76cbefd25eb595a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.letemps.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 27 Feb 2023 15:59:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.letemps.ch
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.letemps.ch/	1970-01-20 09:58:33	Name: __adblocker Value: false
www.letemps.ch/	1970-01-20 12:08:09	Name: __pnahc Value: 0
.adnxs.com/	1970-01-20 12:08:09	Name: uuid2 Value: 2837747298672264706
.letemps.ch/	1970-01-20 19:27:21	Name: _pcid Value: %7B%22browserId%22%3A%22len09c70ax90ivng%22%2C%22_t%22%3A%22lubf6tmd%22%7D
www.letemps.ch/	1970-01-20 19:27:21	Name: _pcid Value: %7B%22browserId%22%3A%22len09c70ax90ivng%22%2C%22_t%22%3A%22lubf6tmd%22%7D
www.letemps.ch/	1970-01-20 19:27:21	Name: pa_privacy Value: %22optin%22
.letemps.ch/	1970-01-20 19:34:33	Name: _ga_SR8FQJPVG5 Value: GS1.1.1677513556.1.0.1677513556.60.0.0
.piano.io/	1970-01-20 09:58:35	Name: __cf_bm Value: 7WUnetyMtpgE_j3AKOzgyQrWwCzk2yIPP0xeXdsoNsY-1677513556-0-AVMV71qBODtgBdEILnnBga5GUwDAV3AWsv3cbA+7IHKYlY5wUrOKlV3LbSyk44PCTomd77j6WW/YIDEg00WV5vw=
.letemps.ch/	1970-01-20 19:34:33	Name: _ga_RK4TFZGQ66 Value: GS1.1.1677513556.1.0.1677513556.0.0.0
.letemps.ch/	1970-01-20 09:58:35	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses%22%2C%22sref%22:%22%22%2C%22sts%22:1677513556684%2C%22slts%22:0}
.letemps.ch/	1970-01-20 19:27:57	Name: _parsely_visitor Value: {%22id%22:%22pid=3cfce9da390ee74b3d8064596ea5aa34%22%2C%22session_count%22:1%2C%22last_session_ts%22:1677513556684}
.letemps.ch/	1970-01-20 19:34:33	Name: __tbc Value: %7Bkpex%7Dsw82R9BRUczVcyglvMzHuP6PmVOm4HQ09F6ne3tysDHclLJIXV_rBQj4RfLzxh6l
.letemps.ch/	1970-01-20 10:41:45	Name: __pat Value: 3600000
.letemps.ch/	1970-01-20 09:59:59	Name: __pvi Value: eyJpZCI6InYtMjAyMy0wMi0yNy0xNS01OS0xNi00ODMtRnN5dHhmZ2NVUHZzV2xFbi1kZDIyZmRjMDMyNjIxNWFhMGRhYmNiZjVhNzkxNTFlNCIsImRvbWFpbiI6Ii5sZXRlbXBzLmNoIiwidGltZSI6MTY3NzUxMzU1NjcwMn0%3D
www.letemps.ch/	1970-01-20 19:27:21	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXSwH18zUwAIwBmANnwAHQSAC%2BQA
.letemps.ch/	1970-01-20 19:34:33	Name: xbc Value: %7Bkpex%7DizJZrze7D8CLOqyeUkmQoaLgYJwqidHDPLNURTHqFN4oujt2xZv86TGnz-xkw8JWeHstWcfwD2w-25ySGmVBuZTg1wvpm30FhAqv1w-1OKUiPsEL7H5TV_EgPtnBCbg2_kF4A5rjbI7tt_WTF6BYSBh7posm6ulOEwjHXgXlcqDbh8QXM2M3G4KXoQRwmZLqA66iuCLPCB551y8kcstKzx6IC1hR9kpMK4OoHeTGS28xwTrtDweAcYVchQgDDYo9ebIb8Za2fJg_9FEs4G6YWrJpnU8nIWmn8QdbtyzSAHmheg7beWAyGfqNdig6BpwXnCRKZbHC_WnPQpLBgZ18lKJGIBaqCarqMtMGlithm74
.letemps.ch/	1970-01-20 19:34:33	Name: _ga Value: GA1.2.968799346.1677513557
.letemps.ch/	1970-01-20 09:59:59	Name: _gid Value: GA1.2.550874129.1677513557
.letemps.ch/	1970-01-20 09:58:33	Name: _gat_UA-4651172-23 Value: 1
.letemps.ch/	1970-01-20 09:58:33	Name: _gat_UA-4651172-21 Value: 1
www.letemps.ch/	1970-01-20 09:59:59	Name: ln_or Value: eyIxMTYzMTU2IjoiZCJ9
.letemps.ch/	1970-01-20 18:44:09	Name: _hjSessionUser_1305381 Value: eyJpZCI6IjFmYTE5YjQ5LTYzYjAtNTU0YS04YTIyLTMzODczNjBjNmUxYSIsImNyZWF0ZWQiOjE2Nzc1MTM1NTY3OTYsImV4aXN0aW5nIjpmYWxzZX0=
.letemps.ch/	1970-01-20 09:58:35	Name: _hjFirstSeen Value: 1
.letemps.ch/	1970-01-20 09:58:33	Name: _hjIncludedInSessionSample_1305381 Value: 0
.letemps.ch/	1970-01-20 09:58:35	Name: _hjSession_1305381 Value: eyJpZCI6IjYyMGM2YTY1LWFlNjgtNDk2MS1hNWFjLTBhNDNmNzY2ZjQ0MiIsImNyZWF0ZWQiOjE2Nzc1MTM1NTY4MDQsImluU2FtcGxlIjpmYWxzZX0=
.letemps.ch/	1970-01-20 09:58:35	Name: _hjAbsoluteSessionInProgress Value: 1
.letemps.ch/	1970-01-20 12:08:09	Name: _fbp Value: fb.1.1677513556824.1233678053
.linkedin.com/	1970-01-20 10:41:45	Name: UserMatchHistory Value: AQL93OKvwRGBLQAAAYaTmYNrF-o08ymbO8CY0BU3Y_4ITWqRpjGeaUZ9ziguLT4dBvC4GNnhN8BcpA
.linkedin.com/	1970-01-20 10:41:45	Name: AnalyticsSyncHistory Value: AQJsEvLDxGwv5gAAAYaTmYNrcqKOvsZ82HdiBIMwJaCH0GuBY2eZqByinrc3_FR5B5zBqICaotX_oxluzyDeMg
.linkedin.com/	1970-01-20 18:44:09	Name: bcookie Value: "v=2&ef0a2648-9f89-44bf-876a-b2261cc9f760"
.linkedin.com/	1970-01-20 09:59:59	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2717:u=1:x=1:i=1677513556:t=1677599956:v=2:sig=AQGhxy32ym3neis_15fww-Qkvu2GPH0a"
.criteo.com/	1970-01-20 19:20:09	Name: uid Value: 6d512bc3-b974-4a7f-b88f-329da22381f3
.api.adnz.co/	1970-01-20 18:44:09	Name: adnzVisitorId Value: -6499230366981721501
www.letemps.ch/	1970-01-20 12:51:21	Name: adnzVisitorId Value: -6499230366981721501
xd.adnz.co/	1970-01-20 12:51:21	Name: adnzVisitorId Value: -6499230366981721501
.www.linkedin.com/	1970-01-20 18:44:09	Name: bscookie Value: "v=1&20230227155916b77f9dec-2124-4c77-8ee3-82407e309395AQHeFBpZqbBZqWXOlJVsTOJmDLkxvvmx"
.linkedin.com/	1970-01-20 14:17:45	Name: li_gc Value: MTswOzE2Nzc1MTM1NTY7MjswMjHJH29clacv0N7cKIEDCsGVzaDjE3APwesoYgHwQEIOJg==
.adnxs.com/	1970-01-20 12:08:09	Name: icu Value: ChkI_4-IARAKGAEgASgBMNWm858GOAFAAUgBENWm858GGAA.
.letemps.ch/	1970-01-20 18:44:09	Name: lead Value: 802b6597-4300-4ed4-aa89-3130fee53405
.letemps.ch/	1970-01-20 19:20:09	Name: __gads Value: ID=ee5a964d5c1ea3e3:T=1677513557:S=ALNI_MYoBKrlvZjOLRjpEDjhme1J6VJUZw
.letemps.ch/	1970-01-20 19:20:09	Name: __gpi Value: UID=00000bbcfc16166f:T=1677513557:RT=1677513557:S=ALNI_MZXguVa2mgzJFum-r0cVdqPBmDAJw
.adnxs.com/	1970-01-20 12:08:09	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GVIr)L]U!]tcF8i_it:z!9CUYaI%N^zWN^JG%S:z>KN^a4TL?h<tMRe6-E=?r(9:B]_7^(:=xE'ON.E^<1q<QG=%9sk@3@'s>TUjIF:
.doubleclick.net/	1970-01-20 19:20:09	Name: IDE Value: AHWqTUkYCZEthTeZdPrruhwqIuGC_PzzVC_fcQiyFhIxqburMNTybn3rZ-6gYX1gEaU
.doubleclick.net/	1970-01-20 09:58:34	Name: test_cookie Value: CheckForPermission
.media.net/	1970-01-20 18:44:09	Name: visitor-id Value: 3205151571491887000V10
.media.net/	1970-01-20 10:41:45	Name: data-c-ts Value: 1677513557
.media.net/	1970-01-20 10:41:45	Name: data-c Value: k-IEsVo1OWHtFbSIg5Bbj0lBmLDUKaNRols30yYg~~3
.casalemedia.com/	1970-01-20 18:44:09	Name: CMID Value: Y-zTVRBcD88Of9JC.zAtzgAA
.casalemedia.com/	1970-01-20 12:08:09	Name: CMPS Value: 1115
.casalemedia.com/	1970-01-20 12:08:09	Name: CMPRO Value: 1115
.id5-sync.com/	1970-01-20 09:58:33	Name: cf Value:
.id5-sync.com/	1970-01-20 09:58:33	Name: cip Value:
.id5-sync.com/	1970-01-20 09:58:33	Name: cnac Value:
.id5-sync.com/	1970-01-20 09:58:33	Name: car Value:
.id5-sync.com/	1970-01-20 09:58:33	Name: gdpr Value:
.id5-sync.com/	1970-01-20 09:58:33	Name: callback Value:
.letemps.ch/	1970-01-20 19:20:09	Name: cto_bundle Value: BB48eV9kcUYwYnoxODVUMmg1U3J5dXVHdHd4MDhVSnkwTmdRSlFhYmUlMkJ2NzZwd1ZobE56cGpPOWozUHl2cXB1cXJNViUyQkhzaHVDV01zaEtOJTJGZkJXRzglMkJVJTJCcm9GME1wJTJCMFROdTZnRDRMejJJYjl1eURGRUNmRWZ3bSUyQiUyRjcxJTJGT3dsSG1SQzJJdElUUlAwWWJLSENTR1VvSmVzUVElM0QlM0Q
.pubmatic.com/	1970-01-20 10:41:45	Name: KRTBCOOKIE_97 Value: 3385-uid:k-wO8e-1OWHtFbSIg5Bbj0lBmLDULvUmW_-CxlyA&KRTB&23144-uid:k-wO8e-1OWHtFbSIg5Bbj0lBmLDULvUmW_-CxlyA&KRTB&23286-uid:k-wO8e-1OWHtFbSIg5Bbj0lBmLDULvUmW_-CxlyA&KRTB&23287-uid:k-wO8e-1OWHtFbSIg5Bbj0lBmLDULvUmW_-CxlyA
.pubmatic.com/	1970-01-20 10:41:45	Name: PugT Value: 1677513558
.demdex.net/	1970-01-20 14:17:45	Name: demdex Value: 76758788620885208122180591432955518537
.dpm.demdex.net/	1970-01-20 14:17:45	Name: dpm Value: 76758788620885208122180591432955518537
.360yield.com/	1970-01-20 12:08:09	Name: tuuid Value: d489cf75-5f89-4f80-948a-fef85b2ff577
.360yield.com/	1970-01-20 12:08:09	Name: tuuid_lu Value: 1677513558
.360yield.com/	1970-01-20 12:08:09	Name: um Value: !38,uFRsNTyf6-sFz-xj2rFDtl3xKd9je2keDWPIXCqNUvgCf5ueJWgIRFUxXzO8bLN0wPoRWpUR,1685289558
.360yield.com/	1970-01-20 12:08:09	Name: umeh Value: !38,0,1739721558,-1
exchange.mediavine.com/	1970-01-20 10:18:43	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22b10b6da0-b6b7-11ed-aa1f-49138739ab58%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 10:18:43	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22b10b6da0-b6b7-11ed-aa1f-49138739ab58%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 10:18:43	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22b10b6da0-b6b7-11ed-aa1f-49138739ab58%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 10:18:43	Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22b10b6da0-b6b7-11ed-aa1f-49138739ab58%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 10:18:43	Name: criteo Value: %7B%22id%22%3A%22k-Urt44VOWHtFbSIg5Bbj0lBmLDUJGz6DX68gSvw%22%2C%22version%22%3A%22criteo%22%7D
.openx.net/	1970-01-20 18:44:09	Name: i Value: bf198104-66f9-40ca-8562-ccce1256b834\|1677513558
.bidswitch.net/	1970-01-20 18:44:09	Name: tuuid Value: b11ee93c-d752-4c2b-9a53-f9322b1238b8
.bidswitch.net/	1970-01-20 18:44:09	Name: c Value: 1677513558
.bidswitch.net/	1970-01-20 18:44:09	Name: tuuid_lu Value: 1677513558
.yahoo.com/	1970-01-20 18:44:31	Name: A3 Value: d=AQABBFbT_GMCEHCrmofuPmFG9mK3xFyPUXMFEgEBAQEk_mMGZAAAAAAA_eMAAA&S=AQAAAmBxSA0kk_46uA1HTDTk-rA
.krxd.net/	1970-01-20 14:17:45	Name: _kuid_ Value: PZ6Xf_Qx
.analytics.yahoo.com/	1970-01-20 18:44:09	Name: IDSYNC Value: 18zh~2a8f

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses(Line 1138) Message: A preload for 'https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ltpsicon.woff' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses(Line 1138) Message: A preload for 'https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ratio_bold.woff' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses(Line 1138) Message: A preload for 'https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ratio_light.woff' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses(Line 1138) Message: A preload for 'https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ratio_medium.woff' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses(Line 1138) Message: A preload for 'https://assets.letemps.ch/themes/custom/letemps/assets/fonts/ratio_reg.woff' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses(Line 1138) Message: A preload for 'https://assets.letemps.ch/themes/custom/letemps/assets/fonts/rooney_light.woff' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses(Line 1138) Message: A preload for 'https://assets.letemps.ch/themes/custom/letemps/assets/fonts/rooney_bold.woff' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses(Line 1138) Message: A preload for 'https://assets.letemps.ch/themes/custom/letemps/assets/fonts/rooney_medium.woff' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses(Line 1138) Message: A preload for 'https://assets.letemps.ch/themes/custom/letemps/assets/fonts/fontawesome-webfont.woff2?v=4.3.0' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses(Line 1138) Message: A preload for 'https://assets.letemps.ch/themes/custom/letemps/assets/fonts/apercu-light.woff' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://www.letemps.ch/economie/centaines-millions-dollars-detournes-liban-auraient-atterri-banques-suisses(Line 1138) Message: A preload for 'https://assets.letemps.ch/themes/custom/letemps/assets/fonts/apercu-bold.woff' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

50cf3be3ef7d672d1ed2dc28a496f693.safeframe.googlesyndication.com
a.twiago.com
acdn.adnxs.com
ad.360yield.com
ad.yieldlab.net
adnz.co
adservice.google.com
adservice.google.de
api.adnz.co
assets.letemps.ch
beacon.krxd.net
c2.piano.io
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.tinypass.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
experience.tinypass.com
firebaseinstallations.googleapis.com
firebaselogging-pa.googleapis.com
firebaseremoteconfig.googleapis.com
forecast.letemps.ch
google-bidout-d.openx.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
labs.letemps.ch
logs1412.xiti.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p1.parsely.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.thebrighttag.com
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tag.aticdn.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
vc.hotjar.io
visitor.omnitagjs.com
widget.eu.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.letemps.ch
www.linkedin.com
x.bidswitch.net
xd.adnz.co
securepubads.g.doubleclick.net
104.111.217.42
104.18.24.185
104.26.7.150
13.107.42.14
13.224.189.26
13.225.78.69
141.226.230.48
141.95.98.64
142.250.201.194
151.101.194.216
151.101.66.217
178.250.0.163
178.250.1.9
18.144.106.164
18.198.178.8
18.66.100.58
18.66.112.15
18.66.147.21
184.28.181.42
185.255.84.152
185.64.190.80
185.86.139.94
185.89.210.141
185.89.211.116
2001:4860:4802:34::36
23.35.236.188
2600:1f18:612b:4216:cd79:34ae:bc6a:5e70
2600:9000:20eb:f400:2:53b2:240:93a1
2606:4700:20::681a:305
2606:4700:20::ac43:44e1
2606:4700::6810:5614
2606:4700::6810:f015
2606:4700::6811:b8b1
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c09::9a
2a00:1450:400d:803::2002
2a00:1450:400d:80a::200a
2a02:2638:3::c
2a02:2638::3
2a02:26f0:11a::217:9a4a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.22.158.170
34.102.146.192
34.117.157.22
34.120.107.143
34.246.68.114
35.212.133.238
35.244.159.8
37.157.3.20
46.101.124.83
52.12.247.47
52.17.99.225
52.2.51.253
52.222.228.32
54.176.140.13
54.188.190.65
66.225.223.31
69.173.144.139
74.119.118.138
74.119.118.149
76.223.111.18
85.215.5.31
92.123.38.97
01c8f8c3987a29ba5144fe13855c4682343bac383c54959c35c21bdf82f9a265
01ce45080ecadf29fa77d4e1e845c631d8d3e61a8a39b895243cff1c7c6e32ee
026e065a353c0c379f82816badf8e1cc9ed74ad7ee6b75ca2414acba8686812c
0321fdbe66e35663c87d556c5712689e1c082f33bb4059c172093f56360b748f
035cc7d1ccc78990e092f5ceffe69282685a7568f30578ccbe09774722f554a6
082be0a1908e87b7a38c1037f562a43894e5899287fca6875dbabfa005f937aa
0fcca770a3fdfb7dd9af74930301e9c954d83a4a74a54def4ccb4d7815723eeb
108c39b62060a201f4105239f8da0f7adc7e311458af736fcb9a403aa2ce36de
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
12098eac01ef4bffaebccb2b755e2a47e0d31cc348678c2e2ec8a76b480155c3
1323a034fe5d32bd451b99e1a15161763d0244d793383fa07786f823ac680472
1383bd82b082b046773ad5208cae31101c4bfc03949c0556ef12f918b80625f1
1514e51d01107fe7f5a0f5ea4ea001284a367340e707988a7aed700b24453327
1bae8b5a0c5c4551a2534982a41b3e0d7e74011ae232793bf9052eef1b46fe9d
1e56a278644107e9c6e0afa1f28371d74da3e09334a76526287814a4d67bbd35
1ef364b9f6eadc0e071de194510bf707fce7994c6b64cd550930e5aff1fad121
223c079dce84a3dae3aa62a4c14cbebf7a631589ef212888b975ba4197598323
2530e230a7e6a615d5b00585f1940c60b8ec153bebf94d3617644ba7de7393c4
255b44a09bc6cf96e5aca9d87f9bfdf4a751434620afc36bcf378dc6a5822cc8
266f939c1cf432933399411aa730e9bafd4474f5f6bdb100c831b0a9b78eacc0
2914ae07822593a8150b862548aa5678fdd236967d8b6d159709c7a9875db31c
29756f4cf3499ea436376e92d1648cc1442cccf55e80302603a8340d1cb57eed
2acfa7732d0e0f783a0538650784e99dd9475f53051485cff2e26689a2f5a8a2
3002dfd4bdaa1a51d6a9f79ba9aa5e6cd090470c8f3b7dcd953fbe71e6c20ca0
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ff7f6b18a2f1c4a8b9c79722d096b5486c90ae44f23c6b8e5bbaa52c441e71
34dc3b7ccb51dcbf6f429e3206fd345906564dc9ebfe066e05606a520b67ca61
34ff407dd685b716e5f2b9c93e2509c3880e2ece2f091aad1b9cc1ad7f28bbad
365c6813146bc403e45b488a773464e56996bfd440c5b3367e39cb883b2d0a58
386fe379e44c1e23694247c7a52beb8c607b40198b250a01f90d9f0a499bca16
3c73d8ed60046aed678ea5a4afa4eaa3c70f0e274c50c72f6816c6bacb14b252
40caf7b3bdd5fab3111b4a06599b18e3f447038ddadbf86e8ca0a3982825d7a9
41f2d967108f8d2ce976fdda80ca34f1bfd6ad2709a478e8e4198a689483d530
42bbb6bab9e1720944187369ab324f269311e17d59276e552a180541872b48b7
42ed8be92d145315eeaefe757f8df99e60e9d851469dd2407b6999324decde87
4575c979b536412b3bf7de58a7c9985995b05ace1bce0711d6e505d184426b0f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4707562f805245fe2e14e7f2096699430ebe1b37070add0d55acf2b415c5e2b6
49bcfe2daa28a53873684eb108e56bae47aead09050cb7cad9c1be6dec0574fd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ff41625f9d1e150a371ac721c45aefb3be794cd4149116c86d399b34a69e14b
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5530c956d8793499adff1d37445b95e6a1045dad58684cb183df58b09486e12e
5599c90089f624e931b62e736d3d8d5026e3303b92e76fb17d0030c8b905c2ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a39b06cd11337572cc786f9a972faf231667bd41a9eb75cc73a345d93c58e9b
5b7b7967e0884e61a52ef95dd2e53f5a5a05e2e08bd949194c469f8b33d4eedf
5cfe66ee024c0c4640ab3f01e85b885bf78a44e65ac037af6c5d1d1d5c15907e
5d09a796f39aef13c8611ef6e0c45d201502d0eee6e884bbafb3341f07a18fbf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd
65b9da79197ec517159bd5d27e851bb771ac4e3bff21804bdc105b286533ee31
6debbfac41e6ca7b6a060f666f15356cf683a7b14a46d84c3a6fd4e1f93e5fb0
74fe06b62aec690d25389608c8e5f222bcad075610fa2a6fcd72b825b885cc0d
77f8ebf7e6d2ed7168a4d27d884d23e875ea6bd9048b4f3570c88c58e3cb8d56
7ab2ea1441b39631098acd733ca467aa0d098f61fbdbba0edd12331a0e396c28
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d47a1f2cedc671e955ad1e6d5b266082936ae9f44959f4f05c4a6c3d732602d
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86f60c52f5606ce7c5399af09cdad319ebd979af0dbc32a6ba50445d2dbcde3d
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
8799e74984b6c3fb4aba50dfa8065aaa605653e5719105c5f9ad1eb69ac4c3f4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ad40d8e4328ad2f6a30f8d4ba6947bffa08b62ce9c313dc3a90d292af4d6198
8b6ee9afb49bcf7b733959d941d840a25f525b8b95d9ebdb90925a94cd2754fc
8cc85f47fe103dd1529efdb17f42faad16856187a1dbabf67024ce0bba5c32e5
9685eb765661ea3b95f31e1bb3c3b5501d0c2acdf353feeaa4d8fe32f95f77fb
9744336b70c6f9991d4dc09a826827ba40ef82dead84545dbb7cf902aea80363
97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2
9f79a8b32fd93678d6f6bf01360f73f8bcf6eae282eb09763dc14d90847379d7
9ff3a85de71e1bd2044a10b52c0b0177282e3668be940fb87206fd4dd4d9fdba
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a386bb743ababcb43b67e47a9ca843cc313c8baee1ddc47d224ca59cf47bee19
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6b893b27543581c7ce5276773a9524d38619277a051fd6f222f7ebdf9e962d2
a906650191b412b846a54142d2a37a4f6155aef21b12bbfd0a01b184a5a15b05
a94b6c4a445594014af7a2252b0f4e4712888600823828272ba9bee4da5fe2d2
aa7e1471bee855e8d86cc427d24a5d5d430d516eb0bf916378d7b0bbdd8bdfce
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b162a0a65843db1893ff8e56b114b2abba645f8a4da15cff3569405c25ebb72a
b55a5bc6685eef84a0a46bf88c60324c5f792171cd844beb79818b6919842b6c
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
b6b8fae2e8e975fc19ee0240780c1de41a73e7bc21bc91738b45664447eed610
b8d6475299960462522c4c27d5a3ea9abbc7916944d54cec696e0136bbf2cf12
b99f88e652026d4d811f3eeba9411584440f3d735a3d79ea76cbefd25eb595a1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd2717d6c9540ef58d7a2551925e8756b072e2a2efe80e6813b7f0319f5f5df9
be44b398b5fcca1f26603dffc84f21a95d8dfbb02b5eb616490ddc309707f902
bf4aa8f1f339ab14bd142750fbd5d6aff7614187d1e2e0b491818fad0c7fb236
bfeeb6c8c9bf88d135a0b3475a6efe271a4a5e45ba8c713b9e615a1bf4549507
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cd22cf9afa6ac5d0e68c3da1d3bcb05fa209b19e32893f10e487d9682df45979
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d62b1d1519e18be8991497f6413f87f4fe09ecc0107607a5e7dc0cc487d4605a
dacf57da61a66359a972609f2aa2a29ae09563c154f3be160bc12d8c8c7ff907
df622f934537903f5db7688b651904b555daa34dc7880366078358579446ff66
e10c0d38c8c7608f11eb84d247008d1828e70fe057bd6df94a446bb37e5caff7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55eb21a99d7e6234cf00d23bc111f7aa384ec4ee8529f970b0e5f424c1c9173
ebda7a83b40065f9a8d98fece780655d3375dbe3fb55ab1c3ede9b8ecc415c7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0eca3cf677ba7b88d1d00778f8e72ae5a8cea972e49b8a1252b3932ecb3f01b
f165fbfe527c5a730c31e5e284ea54daa94e0c091241857c73ba0b3c44eb4664
f1afabdbc9ffd54173ee5d42ffafe4026965be1c28143570c7d32e6cfa46cdd7
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f6192aba6005755c411f1f90baed93b9796c57e24c028bdcc67a00018c612359
f97a710249d772d1c149a8cb944d47bed46d3a1f5331d1e3dcc15d6c8151d070
ff88aa21fd939084b41073539671782a58674f59f7cfac268e417b6c1cf5a613

www.letemps.ch Open in urlscan Pro 151.101.194.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

189 Requests

91 %HTTPS

39 %IPv6

54 Domains

81 Subdomains

75 IPs

9 Countries

2846 kBTransfer

6188 kBSize

77 Cookies

21 Outgoing links

Page URL History

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.letemps.ch Open in urlscan Pro
151.101.194.216 Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

91 %
HTTPS

39 %
IPv6

54
Domains

81
Subdomains

75
IPs

9
Countries

2846 kB
Transfer

6188 kB
Size

77
Cookies

189 HTTP transactions
1 data transactions