urlscan.io logo urlscan.io
SecurityTrails logo

go.finances-et-liberte.com Open in urlscan Pro
2600:9000:26db:8800:12:89f7:b40:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://histoiredelites.com/
Effective URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Submission: On February 25 via manual from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 46 HTTP transactions. The main IP is 2600:9000:26db:8800:12:89f7:b40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is go.finances-et-liberte.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 10th 2024. Valid for: a year.
This is the only time go.finances-et-liberte.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.82.29.246 5606 (GTS-BACKB...)
1 2600:9000:26d... 16509 (AMAZON-02)
1 154.85.69.15 139057 (LDPL-AS-A...)
6 2600:9000:20c... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 144.126.202.246 14061 (DIGITALOC...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a03:2880:f00... 32934 (FACEBOOK)
5 3.225.17.177 14618 (AMAZON-AES)
19 2600:9000:214... 16509 (AMAZON-02)
4 2600:9000:223... 16509 (AMAZON-02)
1 54.210.236.23 14618 (AMAZON-AES)
1 2a03:2880:f17... 32934 (FACEBOOK)
46 14
1    45.82.29.246 (Romania)

ASN5606 (GTS-BACKBONE GTS Telecom, RO)
PTR: attractmedia.fr
histoiredelites.com
1    2600:9000:26db:8800:12:89f7:b40:93a1 (United States)

ASN16509 (AMAZON-02, US)
go.finances-et-liberte.com
1    154.85.69.15 (Singapore, Singapore)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)
polyfill.io
6    2600:9000:20c3:200:1c:d937:ae40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d3fit27i5nzkqh.cloudfront.net
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    144.126.202.246 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
cdn.digital-speak.com
1    2606:4700:10::6816:40c5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.deadlinefunnel.com
2    2a03:2880:f007:8:face:b00c:0:1 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    3.225.17.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-17-177.compute-1.amazonaws.com
182125.t.hyros.com
19    2600:9000:214f:b600:f:a462:c1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d1yei2z3i6k35z.cloudfront.net
4    2600:9000:223f:3e00:f:e793:dc40:21 (United States)

ASN16509 (AMAZON-02, US)
d3syewzhvzylbl.cloudfront.net
1    54.210.236.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-236-23.compute-1.amazonaws.com
c.deadlinefunnel.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
29 cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d1yei2z3i6k35z.cloudfront.net
d3syewzhvzylbl.cloudfront.net
3 MB
5 hyros.com
182125.t.hyros.com
44 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
69 KB
2 deadlinefunnel.com
a.deadlinefunnel.com — Cisco Umbrella Rank: 59159
c.deadlinefunnel.com — Cisco Umbrella Rank: 58240
194 KB
2 digital-speak.com
cdn.digital-speak.com
6 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
185 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 362
31 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 306
10 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226
27 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1590
724 B
1 finances-et-liberte.com
go.finances-et-liberte.com
59 KB
1 histoiredelites.com
histoiredelites.com
290 B
46 12
Domain Requested by
19 d1yei2z3i6k35z.cloudfront.net go.finances-et-liberte.com
cdn.digital-speak.com
d3fit27i5nzkqh.cloudfront.net
6 d3fit27i5nzkqh.cloudfront.net go.finances-et-liberte.com
d3fit27i5nzkqh.cloudfront.net
5 182125.t.hyros.com go.finances-et-liberte.com
182125.t.hyros.com
4 d3syewzhvzylbl.cloudfront.net go.finances-et-liberte.com
2 connect.facebook.net go.finances-et-liberte.com
connect.facebook.net
2 cdn.digital-speak.com go.finances-et-liberte.com
1 www.facebook.com go.finances-et-liberte.com
1 c.deadlinefunnel.com a.deadlinefunnel.com
1 a.deadlinefunnel.com go.finances-et-liberte.com
1 ajax.googleapis.com go.finances-et-liberte.com
1 cdn.jsdelivr.net go.finances-et-liberte.com
1 cdnjs.cloudflare.com go.finances-et-liberte.com
1 polyfill.io go.finances-et-liberte.com
1 go.finances-et-liberte.com
1 histoiredelites.com 1 redirects
46 15

This site contains links to these domains. Also see Links.

Domain
www.getfunnels.design
Subject Issuer Validity Valid
go.finances-et-liberte.com
Amazon RSA 2048 M03		 2024-02-10 -
2025-03-10		 a year crt.sh
*.polyfill.io
Sectigo RSA Domain Validation Secure Server CA		 2024-02-20 -
2025-02-19		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
cdn.digital-speak.com
R3		 2024-02-18 -
2024-05-18		 3 months crt.sh
a.deadlinefunnel.com
Cloudflare Inc ECC CA-3		 2023-10-10 -
2024-10-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-04 -
2024-03-03		 3 months crt.sh
t.hyros.com
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-20		 a year crt.sh
dfimage.com
Amazon RSA 2048 M03		 2023-09-29 -
2024-10-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Frame ID: CEB6E0DAD0219F0BB3E7D5B7676BF9BC
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Finances & Liberté

Page URL History Show full URLs

  1. http://histoiredelites.com/ HTTP 302
    https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

46
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

15
Subdomains

14
IPs

5
Countries

3331 kB
Transfer

6030 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://histoiredelites.com/ HTTP 302
    https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
go.finances-et-liberte.com/
Redirect Chain
  • http://histoiredelites.com/
  • https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
355 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:8800:12:89f7:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
d1d0d75f738a08996fec82b5edf2bc2b379d3dba069bde0bf5d80a9f56e8ccf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 25 Feb 2024 09:03:43 GMT
expires
Sun, 25 Feb 2024 09:03:43 GMT
server
nginx/1.24.0
vary
Accept-Encoding
via
1.1 fe6d656eba9969a63bb94889f81e9bf8.cloudfront.net (CloudFront)
x-amz-cf-id
Dp7hoP09BFr6f61qNiu744I9u9-Gr97Lk4Rm52gKLE_2fXLt9hhsgw==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
334
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 25 Feb 2024 09:03:43 GMT
Keep-Alive
timeout=3, max=100
Location
https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Server
Apache
polyfill.min.js
polyfill.io/v3/ 		104 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=es2015%2CIntl.Locale%2CIntl.getCanonicalLocales%2CmatchMedia%2CIntl.DisplayNames%2CResizeObserver
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.85.69.15 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software
nginx /
Resource Hash
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 09:03:43 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
access-control-allow-methods
GET,HEAD,OPTIONS
Content-Type
text/javascript; charset=UTF-8
access-control-allow-origin
*
Cache-Control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
useragent_normaliser
chrome/113.0.0
Vary
User-Agent, Accept-Encoding
Connection
keep-alive
X-Ser
BC32_US-Georgia-atlanta-1-cache-4, BC13_DE-Frankfurt-Frankfurt-11-cache-2, BC15_DE-Frankfurt-Frankfurt-11-cache-2
all.min.css
d3fit27i5nzkqh.cloudfront.net/assets/css/ 		486 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:200:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 14:49:04 GMT
content-encoding
gzip
via
1.1 e01f54b21119ff385b2879b6a08078e0.cloudfront.net (CloudFront)
last-modified
Wed, 18 May 2022 12:25:57 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
10779280
etag
W/"325672b036bab9b57f6873aed5eccc43"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
x-amz-cf-id
AXFC60Rnc_EidKm3yoRB_WrftPhMeBpmK0E8UwvZbiU1KruqP2Nmog==
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 09:03:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
450582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27192
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-152b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGREF6r6QIya85sJHS5LBMJN%2Bcz3xIoXNt9wby4z5A7BaPak66J8XTnmkX%2FwXg8oZpeYk2s5KVbdNcj2RltqosHFSRHxJrrDYc0n2ba5puOmwutG3r5PE%2Fip624TG0KChuN02lUcxs%2Fukmm7Ekoyucy6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85aec6d9ebbf24be-ZRH
expires
Fri, 14 Feb 2025 09:03:43 GMT
slick.min.js
cdn.jsdelivr.net/jquery.slick/1.5.0/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.5.0/slick.min.js
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f295ebe06fc74dd639fc1d926abdea188a4c960b17266e73da205d034ac37f0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 09:03:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7520694
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220065-FRA, cache-mxp6973-MXP
server
cloudflare
etag
W/"8f1d-IT+QFeYwKrSVBRlke6pKSL0BtcQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2ho%2Brinw7beKhOP7l3TCJJnq%2Fdoo%2FGIvi06s%2FTwgPJvwusaC5%2BycArlodfLUKcjDyuDISnvWiwF2%2BpACC0uC2y3Tiq4BWmctcMd51WXBPXKHncT%2FJCp77ZIvJzfGbp1kuVL%2FrxXViplMTq0e5w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
85aec6d9fef14c4c-MXP
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 23 Feb 2024 11:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 Feb 2025 11:08:13 GMT
DS_CFl_O_Anime.js
cdn.digital-speak.com/Customization/Systemio/Challenge_Fl/Optin/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.digital-speak.com/Customization/Systemio/Challenge_Fl/Optin/DS_CFl_O_Anime.js?a0003
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.126.202.246 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
485622915894aa1be4b61f3d8fd5adc9cc2dbcaa68e267879b01c02e31436c7e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 09:03:43 GMT
content-encoding
gzip
last-modified
Mon, 12 Feb 2024 14:29:47 GMT
server
nginx
etag
W/"65ca2b5b-15c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
DS_CFl_O_Style.css
cdn.digital-speak.com/Customization/Systemio/Challenge_Fl/Optin/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.digital-speak.com/Customization/Systemio/Challenge_Fl/Optin/DS_CFl_O_Style.css?a0000012
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.126.202.246 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
68c9a38bd89d4adc67a6f26b4db2d389bc18cfff46ca14db221ba9a3de66190f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 09:03:43 GMT
content-encoding
gzip
last-modified
Mon, 12 Feb 2024 19:52:50 GMT
server
nginx
etag
W/"65ca7712-6160"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
reactunified.bundle.js
a.deadlinefunnel.com/unified/ 		672 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6ImVIbG5lVXlwTEFFMkJrSkZGWXIvZXc9PSIsInZhbHVlIjoiWnc3Vk5kaWt5dmNhWUlCcXdLRkxUdz09IiwibWFjIjoiYjBlMDA1ZmU4NWUzY2ZmYWY4MzUzOWIzYjUxYTMxYmVhNmQzYTIzN2I4MGJkMmI2NjkzMmQ5ZDNmZTUyZWUxMCJ9&pageFromUrl=aHR0cHM6Ly9nby5maW5hbmNlcy1ldC1saWJlcnRlLmNvbS8_c2E9c2EwMDExMzE4MDQyOTEyY2RlOGI3MTVkNWE3MTAxMzMxMzRmOGY2MDVi&parentPageFromUrl=
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:40c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b8361205b785e973a0a44c560e350c3b0473602802efadafc80232c6561660f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 09:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Jan 2024 14:40:34 GMT
server
cloudflare
x-amz-request-id
NN7QVHPDCY39BP59
age
65845
etag
W/"ade2b0fd985ddd97f23a9d5e1a4bff65"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
85aec6db5dc6bad5-MXP
x-amz-id-2
ivkX23lVBdhoEwogt/6h+tlbuD1Ba7JlNFUoQqEkBb+fi0ddBvMCUz7qD8te6Cey3iZetojfM4c=
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 25 Feb 2024 09:03:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
+PFVr/1BkzykgOwg+WQhuOXYVJwpT0OhawHrNKrXuLqZxBkZJwR/BxuplXCBwpHqWRgH4WxzW000EwbL9tt4yw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
universal-script
182125.t.hyros.com/v1/lst/ 		43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://182125.t.hyros.com/v1/lst/universal-script?ph=f90031e2f1bcea4edcb2fe603e7563aec3849788af911fb0dc8ccf448aedf322&tag=!clicked&ref_url=https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.17.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-17-177.compute-1.amazonaws.com
Software
/
Resource Hash
39d58e2d0886ed13fd43ac334238c2d5a57ee3fec412484b271d937bba3f879f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 09:03:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
text/javascript;charset=ISO-8859-1
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
43966
runtimeSimplePage.1f5d57551aa31777b361.js
d3fit27i5nzkqh.cloudfront.net/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/js/runtimeSimplePage.1f5d57551aa31777b361.js
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:200:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
406f6483997aabca124a29e793e21a0da6010ef125fa82c1a88ab0e557818b3b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 14:12:38 GMT
content-encoding
br
via
1.1 e01f54b21119ff385b2879b6a08078e0.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 14:12:29 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
6288666
etag
W/"b36fb59db1b08c77338df8b86396266b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
MzjnuMOKE8ABEhripVRAO2oRXCZixOZnHF4p_TjHWgV58G63j9XwYA==
simplePage.630077afbf7f7cd491a1.js
d3fit27i5nzkqh.cloudfront.net/js/ 		566 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/js/simplePage.630077afbf7f7cd491a1.js
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:200:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e64960f82078503d51cc84b421464ee5061fcace13ccbdff0ff7503c9b99a94

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 12:48:33 GMT
content-encoding
br
via
1.1 e01f54b21119ff385b2879b6a08078e0.cloudfront.net (CloudFront)
last-modified
Thu, 22 Feb 2024 12:48:26 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
245711
etag
W/"eee57c2c1d162734106206fc38738c58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
Ub-XGd909aRx93kX8ZNWzAbdhxeiiXLsZF98am55sZM9KNDBt-DFkQ==
vendors~simplePage.54d652335cc34d21921c.js
d3fit27i5nzkqh.cloudfront.net/js/ 		724 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/js/vendors~simplePage.54d652335cc34d21921c.js
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:200:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6612524e156bd0fe87b62a36dd82fe23c246231fb1843f78dcdd0a1359dc3656

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 14:34:24 GMT
content-encoding
gzip
via
1.1 e01f54b21119ff385b2879b6a08078e0.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jan 2024 14:34:16 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
2917760
etag
W/"407bc32638c8560616b4e6c666925743"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
913x7vJJIFR7w60xF0apey2KyLIOmgfLXRhdvcvw3YwjoB3gE7tqxQ==
65c49c1bd6ffc_DS_CFl_V_1_Bk_DS.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c49c1bd6ffc_DS_CFl_V_1_Bk_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64c5bdf71c5863a102c653c1dbe222470bd0e2df8fbfffed6ba56592aa51695e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
52236
last-modified
Thu, 08 Feb 2024 09:17:17 GMT
server
AmazonS3
etag
"c7359c3fb9d7492adb84bea3fd86d4a4"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
5Xi1ctrBEIhNd8WalzEg6tD-Zkec3EDeT61zCD0xfcFSOI-P5zg3FQ==
65c8e9ab4ded2_DS_CFl_V_6_Bk_DS.png
d1yei2z3i6k35z.cloudfront.net/3837476/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/3837476/65c8e9ab4ded2_DS_CFl_V_6_Bk_DS.png
Requested by
Host: cdn.digital-speak.com
URL: https://cdn.digital-speak.com/Customization/Systemio/Challenge_Fl/Optin/DS_CFl_O_Style.css?a0000012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
247137dcbcee49b5e32adad43de18444ca85741646a6e22eb72e2a8ca25cfbb5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.digital-speak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 05:48:10 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
789334
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33202
last-modified
Sun, 11 Feb 2024 15:37:17 GMT
server
AmazonS3
etag
"d070140e5dfa4a95fa4fd09e3f8d40f9"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
XCwv4n9SGgWsynWv0tVllBxuRkaN5THDtefI-kz-zdZo7FTsauH6Zw==
65c6182756436_DS_hand.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c6182756436_DS_hand.png
Requested by
Host: cdn.digital-speak.com
URL: https://cdn.digital-speak.com/Customization/Systemio/Challenge_Fl/Optin/DS_CFl_O_Style.css?a0000012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3138ddbd0fce7b35de299f1855a2ca6a9df53af08c3a619dba3f3491689fea23

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.digital-speak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 17:14:49 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
1007335
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15394
last-modified
Fri, 09 Feb 2024 12:18:48 GMT
server
AmazonS3
etag
"12658e5abe6149a321aceae33fe66b41"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
_8yuXNYrkBiihe2sNl_vCSRTVz7wBFPcMJ4fQq5IoKBWQC8AeEsOOQ==
65c4b03f3087f_DS_CFl_V_3_Bk_DS.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c4b03f3087f_DS_CFl_V_3_Bk_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2352cbcf48b05967154b545c716a869c46166a08f6ad30355624d190a2078e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28547
last-modified
Thu, 08 Feb 2024 10:43:12 GMT
server
AmazonS3
etag
"533e7905989fef41d11bdae1db164661"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
QVm26Dq0wJ7nl64nr_HvfBSBF3HhYiMw2vag_i9l7OPO2i_lyfdrIA==
65c49f6e98453_Jokker-Bold.ttf
d1yei2z3i6k35z.cloudfront.net/505757/ 		119 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c49f6e98453_Jokker-Bold.ttf
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
122f85c98058826c1f0049b15baecdd3a1849f87de9b4d77d2c3f06aabffbe0f

Request headers

Referer
https://go.finances-et-liberte.com/
Origin
https://go.finances-et-liberte.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
content-encoding
gzip
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 08 Feb 2024 09:31:28 GMT
server
AmazonS3
etag
W/"423d42354d51a3b38329f89dc1dba66d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=31536000
x-robots-tag
noindex
x-amz-cf-id
rhmPsJ7LFzSXvHH96nJ4gdg6xPvz5mZ2zzawQy3v3g7e_9H1hDS-Pg==
65c4a85d66970_Jokker-Regular.ttf
d1yei2z3i6k35z.cloudfront.net/505757/ 		118 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c4a85d66970_Jokker-Regular.ttf
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aff8790197f7be1847d5c9a97b1dbe87be00d86a868525ea3c2e39ae22d69449

Request headers

Referer
https://go.finances-et-liberte.com/
Origin
https://go.finances-et-liberte.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
content-encoding
gzip
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 08 Feb 2024 10:09:34 GMT
server
AmazonS3
etag
W/"5ecea89d97cb6316d5d524c2766a4e1c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=31536000
x-robots-tag
noindex
x-amz-cf-id
mLZTJvCHkTSkLo9D7h3uzFRz7lXmfGUrwTdZ82tt3iE5VSkj7qrv4w==
65c49f7d609ef_Jokker-Light.ttf
d1yei2z3i6k35z.cloudfront.net/505757/ 		117 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c49f7d609ef_Jokker-Light.ttf
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0de2560fe20553d799f2fb64e836ffd91e77d0183625f21069ff02beef86f825

Request headers

Referer
https://go.finances-et-liberte.com/
Origin
https://go.finances-et-liberte.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 17:14:46 GMT
content-encoding
gzip
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
1007338
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 08 Feb 2024 09:31:43 GMT
server
AmazonS3
etag
W/"435d0fa64981758258d751c80422eddc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=31536000
x-robots-tag
noindex
x-amz-cf-id
hKsHTu_PL_1Q7nom1gb6m3Hzpz7QzrkfoMx-AwlNjxpga59iw5wcrg==
700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/poppins/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/poppins/700.woff2
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3e00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abed9df5a82e987ff6a29fa802b7f72925eecaabc858660ec9c5a34edf1ac6fa

Request headers

Referer
https://go.finances-et-liberte.com/
Origin
https://go.finances-et-liberte.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 02:22:35 GMT
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
24110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
46932
last-modified
Fri, 14 Apr 2023 06:25:01 GMT
server
AmazonS3
etag
"5aaac6882d1f2196e64d57c618cdb821"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
cDBessGo8dyMJxJ5WXS2axxe-XipjIPqR6QMYV6BXY6yHghehvnUNQ==
fa-regular-400.woff2
d3fit27i5nzkqh.cloudfront.net/assets/webfonts/ 		380 KB
381 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/webfonts/fa-regular-400.woff2
Requested by
Host: d3fit27i5nzkqh.cloudfront.net
URL: https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:200:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e

Request headers

Referer
https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Origin
https://go.finances-et-liberte.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 01:22:55 GMT
via
1.1 ae3f020e2e89e632d339db198e9ba75a.cloudfront.net (CloudFront)
last-modified
Wed, 18 May 2022 12:25:29 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
4952449
etag
"a927362a975051e5d7361d860d8ffba7"
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
388900
x-amz-cf-id
dzTY8qG_HU2DY8rLGrQK00pj8F4Rx_r3jHKY-FtUPHVh8fcZfkQ4ew==
fa-solid-900.woff2
d3fit27i5nzkqh.cloudfront.net/assets/webfonts/ 		321 KB
322 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/webfonts/fa-solid-900.woff2
Requested by
Host: d3fit27i5nzkqh.cloudfront.net
URL: https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:200:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62

Request headers

Referer
https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Origin
https://go.finances-et-liberte.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:11:21 GMT
via
1.1 ae3f020e2e89e632d339db198e9ba75a.cloudfront.net (CloudFront)
last-modified
Wed, 18 May 2022 12:25:29 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-C1
age
3484343
etag
"6ebcf9f18ded9c54f71ec1198c32aa52"
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
329204
x-amz-cf-id
rmF2R9IJKxaeKJCFHXSqw1hEAoNrA6J6QBWkyl3FKocQ3mTk3dxhMQ==
300.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/poppins/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/poppins/300.woff2
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3e00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c52b8d46142d239861bd11a325a40f67343d9f94b6ed23a68d68171a5933dfa3

Request headers

Referer
https://go.finances-et-liberte.com/
Origin
https://go.finances-et-liberte.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:48:42 GMT
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
4700
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
47312
last-modified
Fri, 14 Apr 2023 06:25:01 GMT
server
AmazonS3
etag
"140c2691caf7452dda9e9ccb7a5a2ea0"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
TdI5Qvyt6LxUyGgO0VWBK7dAv67w2nLesPsvQiETnFwChoCqLvkkeg==
65c49c3a08c24_DS_CFl_Logo_DS.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c49c3a08c24_DS_CFl_Logo_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c0e02145ba3c53cfe8a7d0011dfc72b8d079ea0d599f6907ebd8f22e02bf4b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4751
last-modified
Thu, 08 Feb 2024 09:17:47 GMT
server
AmazonS3
etag
"59c3265df42742a56e90a115c5827485"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
VVyja7AidDF79fuK2PMwuLyTjbMvl-UJziCwCMmKsqpDtYkpsx1OxQ==
65c4b11aec312_DS_CFl_V_1_Flii_DS.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c4b11aec312_DS_CFl_V_1_Flii_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0ec95be63747d58adf69e29db911166ca49f14223861fbe71ac0edac9f7b753

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
77307
last-modified
Thu, 08 Feb 2024 10:46:52 GMT
server
AmazonS3
etag
"79dc294496dbd25f031be6649373fb00"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
wDGQyskgOCnb45vNcIQLadFjJ2IW376YYMDfLd_wfWB0-fuArgJLJw==
65c49c14ecae4_DS_CFl_V_1_Fli_DS.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		263 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c49c14ecae4_DS_CFl_V_1_Fli_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdc0390ef791ff9f1efb0d85760180fdbe071e712810cdf88867af97ceb7b3e9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
268837
last-modified
Thu, 08 Feb 2024 09:17:10 GMT
server
AmazonS3
etag
"5f6b63985187d0080c4d61bf8d851f49"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
h9dj5hV4UemQovJ5g18rmJFJW_8Pl4SKQcUC5wSMqeWl1D1E5zjuzA==
65c8e9baf3fef_DS_CFl_V_5_Flii_DS.png
d1yei2z3i6k35z.cloudfront.net/3837476/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/3837476/65c8e9baf3fef_DS_CFl_V_5_Flii_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2db585816ff86610f4f1004080808d2c729d8bf636c9ccfbddd988f5c594965b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
61823
last-modified
Sun, 11 Feb 2024 15:37:32 GMT
server
AmazonS3
etag
"03a80f6c4b4feda6a030729585ed8995"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
e9zVBiXDHl-voHm9xPAI-Y1zxjSiFdNCHUO9d6GYedUlctxzQoQ9Sg==
65c4c80c25379_DS_CFl_V_Int1_DS.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c4c80c25379_DS_CFl_V_Int1_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6480eea8fee93cedd9fabb1aa2597d6fcbd3cdec46a36396d15645df4202334a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
152380
last-modified
Thu, 08 Feb 2024 12:24:45 GMT
server
AmazonS3
etag
"74fdc220d21a7c9f29d696bf5d0e797a"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
oFXigrrGQmVeSPLSv9yiKk9AwgjBb4ZROhRFjzG-N38NO8MNC1KeWA==
65c4c81967daa_DS_CFl_V_Max_DS.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c4c81967daa_DS_CFl_V_Max_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3bd7e4da3dd5ad81d5be053acc893ed207ac1f9b4b066fac1540531aaaab59d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
137409
last-modified
Thu, 08 Feb 2024 12:24:58 GMT
server
AmazonS3
etag
"1288b8c901730e174e5b63c089a47fd2"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
7II97yn-6Y_w_g4aqZarZrxf0TKd3jRNdLOBqrVeaDuPNESgN6YJpA==
65c4c7fdbfe94_DS_CFl_V_Int2_DS.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c4c7fdbfe94_DS_CFl_V_Int2_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd8fc1f5126b8444c75fe767afc8022b6d2d5aba5070bdb328177511a78e8915

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
143571
last-modified
Thu, 08 Feb 2024 12:24:31 GMT
server
AmazonS3
etag
"2ccda4260736b11088e27c1c9269f057"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
l0iKzsfKx_bEbQM39-gO4kMqBaHn4RsCxix7tKwrHn4LHuNEZZ59Uw==
65c4c812e0a85_DS_CFl_V_Ruban_DS.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c4c812e0a85_DS_CFl_V_Ruban_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a19b40801d1c16eabdcac6dffc84e97486b0bbcd5b207d4c526cc89e4c0c73b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
146749
last-modified
Thu, 08 Feb 2024 12:24:52 GMT
server
AmazonS3
etag
"730e8cce1ab2b006222e7745986eb4f9"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
q38YJolo0VY6gmSLGabSkdNL2xmIZ5XdFt6165DGd4BVD2CDRD_jYw==
65c4c7f3cca8d_DS_CFl_V_Int3_DS.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c4c7f3cca8d_DS_CFl_V_Int3_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d689ee2db7a26ae0ce93c5c1708461a7827db4e1dc31fdce329925bf6ce3a02

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 15:39:05 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
840278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
143064
last-modified
Thu, 08 Feb 2024 12:24:21 GMT
server
AmazonS3
etag
"91f3d7846abe2b540984c037f849fa55"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
ZeX8FW3SnrJ-07H7kgAcilu-lMtNT9TwbkF5gLWUv2ZXQUll5mYr0A==
65c4b9c080967_DS_CFl_V_3_Flii_DS.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c4b9c080967_DS_CFl_V_3_Flii_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27740583394373ce0bcb623a34e0da3b69e814f2e2994779b981148d96ef878f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 19:13:15 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
827429
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
87905
last-modified
Thu, 08 Feb 2024 11:23:46 GMT
server
AmazonS3
etag
"99e5aab5f1a7d4638502659189086e48"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
KaUtwVt47pVbMcnVi-LnH5X-2TS2w6taPpFTmO7Vkcvb83jOwHvBFQ==
65c8ee1cd1017_DS_CFl_O_4_M_DS.png
d1yei2z3i6k35z.cloudfront.net/3837476/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/3837476/65c8ee1cd1017_DS_CFl_O_4_M_DS.png
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f75cceab9dd3b9a129a0e3963101f740dc3039c5fbdc881c18b8c05d47c4f8d0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 19:13:15 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
827429
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
134287
last-modified
Sun, 11 Feb 2024 15:56:14 GMT
server
AmazonS3
etag
"75b53e2170345c58f114a9cfd92156a5"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
Df0IgOAOGpPamcpr06ws-UJTPmEwoqHTMv4PgCuYnJ4zei7f86PJMw==
405593081591921
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/405593081591921?v=2.9.147&r=stable&domain=go.finances-et-liberte.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fc0b5a027b45e99b31975cd5fd5aa690157d475fda6e16a82dd1311840b9b30c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 25 Feb 2024 09:03:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
PH00DaRe90yDeeLumuHSbgW6k6H40DppE+iCggZ45PEgzhrEYRqvm75nI/1MDEAHszSSk4yzyrg9KPGT23T0uA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
c.deadlinefunnel.com/identify/ 		0
434 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.deadlinefunnel.com/identify/?callback=callDFJsonP&domain=https%3A%2F%2Fdeadlinefunnel.com&clientUrl=https%3A%2F%2Fgo.finances-et-liberte.com%2F%3Fsa%3Dsa0011318042912cde8b715d5a710133134f8f605b&debug=false&showCountdownNow=0&redisDomain=https%3A%2F%2Fc.deadlinefunnel.com&userIdHash=eyJpdiI6ImVIbG5lVXlwTEFFMkJrSkZGWXIvZXc9PSIsInZhbHVlIjoiWnc3Vk5kaWt5dmNhWUlCcXdLRkxUdz09IiwibWFjIjoiYjBlMDA1ZmU4NWUzY2ZmYWY4MzUzOWIzYjUxYTMxYmVhNmQzYTIzN2I4MGJkMmI2NjkzMmQ5ZDNmZTUyZWUxMCJ9&pageFromUrl=aHR0cHM6Ly9nby5maW5hbmNlcy1ldC1saWJlcnRlLmNvbS8_c2E9c2EwMDExMzE4MDQyOTEyY2RlOGI3MTVkNWE3MTAxMzMxMzRmOGY2MDVi&parentPageFromUrl=&sa=sa0011318042912cde8b715d5a710133134f8f605b&promocode=undefined
Requested by
Host: a.deadlinefunnel.com
URL: https://a.deadlinefunnel.com/unified/reactunified.bundle.js?userIdHash=eyJpdiI6ImVIbG5lVXlwTEFFMkJrSkZGWXIvZXc9PSIsInZhbHVlIjoiWnc3Vk5kaWt5dmNhWUlCcXdLRkxUdz09IiwibWFjIjoiYjBlMDA1ZmU4NWUzY2ZmYWY4MzUzOWIzYjUxYTMxYmVhNmQzYTIzN2I4MGJkMmI2NjkzMmQ5ZDNmZTUyZWUxMCJ9&pageFromUrl=aHR0cHM6Ly9nby5maW5hbmNlcy1ldC1saWJlcnRlLmNvbS8_c2E9c2EwMDExMzE4MDQyOTEyY2RlOGI3MTVkNWE3MTAxMzMxMzRmOGY2MDVi&parentPageFromUrl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.236.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-236-23.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 25 Feb 2024 09:03:44 GMT
x-powered-by
Express
content-length
0
content-type
application/json; charset=utf-8
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=405593081591921&ev=PageView&dl=https%3A%2F%2Fgo.finances-et-liberte.com%2F%3Fsa%3Dsa0011318042912cde8b715d5a710133134f8f605b&rl=&if=false&ts=1708851824393&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1708851824393.1457715064&ler=empty&cdl=API_unavailable&it=1708851824224&coo=false&exp=e1&rqm=GET
Requested by
Host: go.finances-et-liberte.com
URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 25 Feb 2024 09:03:44 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
gusid
182125.t.hyros.com/v1/lst/ 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://182125.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Fgo.finances-et-liberte.com%2F%3Fsa%3Dsa0011318042912cde8b715d5a710133134f8f605b
Requested by
Host: 182125.t.hyros.com
URL: https://182125.t.hyros.com/v1/lst/universal-script?ph=f90031e2f1bcea4edcb2fe603e7563aec3849788af911fb0dc8ccf448aedf322&tag=!clicked&ref_url=https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.17.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-17-177.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://go.finances-et-liberte.com/
Product-ID
182125
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 09:03:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
session-id
HB-ET_382e81843981cb7098d5848db5812115cef7f94052a32aa7f21d1b1de5f2e02b
etag
HB-ET_382e81843981cb7098d5848db5812115cef7f94052a32aa7f21d1b1de5f2e02b
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://go.finances-et-liberte.com
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
0
gusid
182125.t.hyros.com/v1/lst/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://182125.t.hyros.com/v1/lst/gusid?ref_url=https%3A%2F%2Fgo.finances-et-liberte.com%2F%3Fsa%3Dsa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.17.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-17-177.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
product-id
Access-Control-Request-Method
GET
Origin
https://go.finances-et-liberte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
product-id
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://go.finances-et-liberte.com
access-control-expose-headers
Session-ID
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Sun, 25 Feb 2024 09:03:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pc
182125.t.hyros.com/v1/lst/ 		117 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://182125.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fgo.finances-et-liberte.com%2F%3Fsa%3Dsa0011318042912cde8b715d5a710133134f8f605b&fbp_id=405593081591921&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F122.0.6261.69+Safari%2F537.36
Requested by
Host: 182125.t.hyros.com
URL: https://182125.t.hyros.com/v1/lst/universal-script?ph=f90031e2f1bcea4edcb2fe603e7563aec3849788af911fb0dc8ccf448aedf322&tag=!clicked&ref_url=https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.17.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-17-177.compute-1.amazonaws.com
Software
/
Resource Hash
b36afc56addf72032cde9bfde094ce2b2710359991c728d2abb82992596f2e31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Session-ID
HB-ET_382e81843981cb7098d5848db5812115cef7f94052a32aa7f21d1b1de5f2e02b
Product-ID
182125
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Referer
https://go.finances-et-liberte.com/
Access-Control-Allow-Headers
*

Response headers

date
Sun, 25 Feb 2024 09:03:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://go.finances-et-liberte.com
access-control-expose-headers
Session-ID
access-control-allow-credentials
true
content-length
117
pc
182125.t.hyros.com/v1/lst/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://182125.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fgo.finances-et-liberte.com%2F%3Fsa%3Dsa0011318042912cde8b715d5a710133134f8f605b&fbp_id=405593081591921&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F122.0.6261.69+Safari%2F537.36
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.17.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-17-177.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method
GET
Origin
https://go.finances-et-liberte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin
https://go.finances-et-liberte.com
access-control-expose-headers
Session-ID
access-control-max-age
86400
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Sun, 25 Feb 2024 09:03:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
65c49c2534996_DS_CFl_LogoW_DS.png
d1yei2z3i6k35z.cloudfront.net/505757/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/505757/65c49c2534996_DS_CFl_LogoW_DS.png
Requested by
Host: d3fit27i5nzkqh.cloudfront.net
URL: https://d3fit27i5nzkqh.cloudfront.net/js/vendors~simplePage.54d652335cc34d21921c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:b600:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f58c44d784d236576751b3a7eb807d0c9964d75db41c767996d6a2ee22154ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 19:13:16 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
827430
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31674
last-modified
Thu, 08 Feb 2024 09:17:26 GMT
server
AmazonS3
etag
"42a4a50afd58b3b8c7fa7efa4bd5bd97"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
6_NMgP2btY83oq66wz3zcOXbzaLVLDlRfZJ8nRPfBd50HoDepDKaDA==
800.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/poppins/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/poppins/800.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3e00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
beb004798bcb80639c20475be6704af752c1706024138fd635a10ff0e9f42691

Request headers

Referer
https://go.finances-et-liberte.com/
Origin
https://go.finances-et-liberte.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 08:25:46 GMT
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2318
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
46896
last-modified
Fri, 14 Apr 2023 06:25:02 GMT
server
AmazonS3
etag
"b6c843664226a0d70cc2ffdf24c8c641"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
TWqhh7CFbDbFFQw6Kr_OLBQObu1o_X_h-lI0sy2oNXG5ZHhB3Ddszg==
ch.svg
d3syewzhvzylbl.cloudfront.net/images/flag-icons/ 		258 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3syewzhvzylbl.cloudfront.net/images/flag-icons/ch.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3e00:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8dd74c5a29474b0f704b6b7aa652002e84390200e3412a4e18db24bce86e86c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://go.finances-et-liberte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 07:43:37 GMT
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
4941
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
258
last-modified
Thu, 28 Sep 2023 09:02:06 GMT
server
AmazonS3
etag
"728982808359b77ea519b24e6be7a218"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
YcGThjQkX5lwzZqZmahD_3kq-TStj1rWiPSYkRmT_wi7u0kFOYHWpA==

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| SendUrlToDeadlineFunnel string| dfUrl string| dfParentUrlValue string| dfParentUrl function| fbq function| _fbq object| head object| script function| $ function| jQuery object| initialI18nStore string| initialLanguage function| popUp function| handleButtonClick object| webpackChunkeditor object| scCGSHMRCache object| regeneratorRuntime function| setImmediate function| clearImmediate object| webpackJsonpDf number| floatingBarMinimizedHeight number| floatingBarMaximizedHeight object| dfAppConfig boolean| inlineCountdownLoaded boolean| floatingBarLoaded boolean| isTeachable boolean| fullWidth object| dfPages object| dfPageUrl function| callDFJsonP function| processJson function| afterDeadline boolean| mh_uts_available function| mcAsyncInit object| adSetId object| adSetIdFromPrevUrl

4 Cookies

Domain/Path Name / Value
182125.t.hyros.com/v1/lst Name: __mh_tt_s
Value: HB-ET_382e81843981cb7098d5848db5812115cef7f94052a32aa7f21d1b1de5f2e02b
go.finances-et-liberte.com/ Name: v
Value: 01HQFR30YPPDHFFK87YMC1Y21X
.go.finances-et-liberte.com/ Name: systeme_affiliate
Value: sa0011318042912cde8b715d5a710133134f8f605b
.finances-et-liberte.com/ Name: _fbp
Value: fb.1.1708851824393.1457715064

4 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/405593081591921?v=2.9.147&r=stable&domain=go.finances-et-liberte.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://go.finances-et-liberte.com/?sa=sa0011318042912cde8b715d5a710133134f8f605b
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

182125.t.hyros.com
a.deadlinefunnel.com
ajax.googleapis.com
c.deadlinefunnel.com
cdn.digital-speak.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
d1yei2z3i6k35z.cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d3syewzhvzylbl.cloudfront.net
go.finances-et-liberte.com
histoiredelites.com
polyfill.io
www.facebook.com
144.126.202.246
154.85.69.15
2600:9000:20c3:200:1c:d937:ae40:93a1
2600:9000:214f:b600:f:a462:c1c0:93a1
2600:9000:223f:3e00:f:e793:dc40:21
2600:9000:26db:8800:12:89f7:b40:93a1
2606:4700:10::6816:40c5
2606:4700::6810:5914
2606:4700::6811:180e
2a00:1450:4001:811::200a
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f177:185:face:b00c:0:25de
3.225.17.177
45.82.29.246
54.210.236.23
0de2560fe20553d799f2fb64e836ffd91e77d0183625f21069ff02beef86f825
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
122f85c98058826c1f0049b15baecdd3a1849f87de9b4d77d2c3f06aabffbe0f
247137dcbcee49b5e32adad43de18444ca85741646a6e22eb72e2a8ca25cfbb5
27740583394373ce0bcb623a34e0da3b69e814f2e2994779b981148d96ef878f
2b8361205b785e973a0a44c560e350c3b0473602802efadafc80232c6561660f
2c0e02145ba3c53cfe8a7d0011dfc72b8d079ea0d599f6907ebd8f22e02bf4b6
2db585816ff86610f4f1004080808d2c729d8bf636c9ccfbddd988f5c594965b
3138ddbd0fce7b35de299f1855a2ca6a9df53af08c3a619dba3f3491689fea23
39d58e2d0886ed13fd43ac334238c2d5a57ee3fec412484b271d937bba3f879f
3e64960f82078503d51cc84b421464ee5061fcace13ccbdff0ff7503c9b99a94
406f6483997aabca124a29e793e21a0da6010ef125fa82c1a88ab0e557818b3b
485622915894aa1be4b61f3d8fd5adc9cc2dbcaa68e267879b01c02e31436c7e
6480eea8fee93cedd9fabb1aa2597d6fcbd3cdec46a36396d15645df4202334a
64c5bdf71c5863a102c653c1dbe222470bd0e2df8fbfffed6ba56592aa51695e
6612524e156bd0fe87b62a36dd82fe23c246231fb1843f78dcdd0a1359dc3656
68c9a38bd89d4adc67a6f26b4db2d389bc18cfff46ca14db221ba9a3de66190f
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
7d689ee2db7a26ae0ce93c5c1708461a7827db4e1dc31fdce329925bf6ce3a02
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a19b40801d1c16eabdcac6dffc84e97486b0bbcd5b207d4c526cc89e4c0c73b
9f58c44d784d236576751b3a7eb807d0c9964d75db41c767996d6a2ee22154ef
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
a8dd74c5a29474b0f704b6b7aa652002e84390200e3412a4e18db24bce86e86c
abed9df5a82e987ff6a29fa802b7f72925eecaabc858660ec9c5a34edf1ac6fa
aff8790197f7be1847d5c9a97b1dbe87be00d86a868525ea3c2e39ae22d69449
b36afc56addf72032cde9bfde094ce2b2710359991c728d2abb82992596f2e31
bdc0390ef791ff9f1efb0d85760180fdbe071e712810cdf88867af97ceb7b3e9
beb004798bcb80639c20475be6704af752c1706024138fd635a10ff0e9f42691
c2352cbcf48b05967154b545c716a869c46166a08f6ad30355624d190a2078e1
c3bd7e4da3dd5ad81d5be053acc893ed207ac1f9b4b066fac1540531aaaab59d
c52b8d46142d239861bd11a325a40f67343d9f94b6ed23a68d68171a5933dfa3
d0ec95be63747d58adf69e29db911166ca49f14223861fbe71ac0edac9f7b753
d1d0d75f738a08996fec82b5edf2bc2b379d3dba069bde0bf5d80a9f56e8ccf9
dd8fc1f5126b8444c75fe767afc8022b6d2d5aba5070bdb328177511a78e8915
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f295ebe06fc74dd639fc1d926abdea188a4c960b17266e73da205d034ac37f0e
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
f75cceab9dd3b9a129a0e3963101f740dc3039c5fbdc881c18b8c05d47c4f8d0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc0b5a027b45e99b31975cd5fd5aa690157d475fda6e16a82dd1311840b9b30c