URL: https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWC...
Submission: On November 18 via api from LU — Scanned from CH

Summary

This website contacted 23 IPs in 4 countries across 19 domains to perform 75 HTTP transactions. The main IP is 91.200.144.88, located in Switzerland and belongs to Hidora HIDORA SA, CH. The main domain is www.letemps.ch. The Cisco Umbrella rank of the primary domain is 881154.
TLS certificate: Issued by R11 on October 2nd 2024. Valid for: 3 months.
This is the only time www.letemps.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 91.200.144.88 56798 (Hidora HI...)
13 2a0b:4d07:102::1 44239 (PROINITY ...)
18 172.67.68.225 13335 (CLOUDFLAR...)
2 146.75.120.157 54113 (FASTLY)
3 18.245.46.128 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 185.89.210.153 29990 (ASN-APPNEX)
1 172.67.149.20 13335 (CLOUDFLAR...)
1 65.108.134.244 24940 (HETZNER-A...)
1 2a02:26f0:350... 20940 (AKAMAI-AS...)
2 2600:9000:249... 16509 (AMAZON-02)
2 216.58.212.130 15169 (GOOGLE)
1 188.40.160.1 24940 (HETZNER-A...)
1 2a02:26f0:780... 20940 (AKAMAI-AS...)
1 2606:4700:440... ()
3 2602:803:c003... ()
3 51.178.195.208 ()
2 37.252.171.52 ()
1 104.18.26.193 ()
2 46.137.23.186 ()
1 185.64.189.112 ()
1 37.157.4.29 ()
75 23
Apex Domain
Subdomains
Transfer
19 adnz.co
adnz.co — Cisco Umbrella Rank: 84761
api.adnz.co — Cisco Umbrella Rank: 93498
cdn.adnz.co — Cisco Umbrella Rank: 156789
pbjs.adnz.co — Cisco Umbrella Rank: 383889
img.adnz.co — Cisco Umbrella Rank: 423575
950 KB
13 kxcdn.com
letemps-17455.kxcdn.com — Cisco Umbrella Rank: 948909
367 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
2 KB
4 letemps.ch
www.letemps.ch — Cisco Umbrella Rank: 881154
privacy.letemps.ch
195 KB
3 smartadserver.com
prg.smartadserver.com
2 KB
3 rubiconproject.com
fastlane.rubiconproject.com
2 KB
2 presage.io
mweb-hb.presage.io
152 B
2 adnxs-simple.com
ib.adnxs-simple.com
9 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
185 KB
2 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2080
149 KB
2 adnami.io
functions.adnami.io — Cisco Umbrella Rank: 17202
macro.adnami.io — Cisco Umbrella Rank: 13510
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
239 KB
2 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1634
27 KB
1 adform.net
adx.adform.net
531 B
1 pubmatic.com
hbopenbid.pubmatic.com
112 B
1 casalemedia.com
htlb.casalemedia.com
562 B
1 4dex.io
mp.4dex.io
422 B
1 assertcom.de
api.assertcom.de — Cisco Umbrella Rank: 3392
308 B
1 ay.delivery
pmtae6gdwwnlfghxs.ay.delivery — Cisco Umbrella Rank: 421040
32 KB
75 19
Domain Requested by
13 letemps-17455.kxcdn.com www.letemps.ch
11 api.adnz.co adnz.co
cdn.adnz.co
4 ib.adnxs.com adnz.co
cdn.adnz.co
3 prg.smartadserver.com pbjs.adnz.co
3 fastlane.rubiconproject.com pbjs.adnz.co
3 img.adnz.co
3 privacy.letemps.ch www.letemps.ch
privacy.letemps.ch
2 mweb-hb.presage.io pbjs.adnz.co
2 ib.adnxs-simple.com pbjs.adnz.co
2 securepubads.g.doubleclick.net adnz.co
rumcdn.geoedge.be
2 rumcdn.geoedge.be www.letemps.ch
rumcdn.geoedge.be
2 cdn.adnz.co www.letemps.ch
2 www.googletagmanager.com www.letemps.ch
www.googletagmanager.com
2 platform.twitter.com www.letemps.ch
platform.twitter.com
2 adnz.co www.letemps.ch
rumcdn.geoedge.be
1 adx.adform.net pbjs.adnz.co
1 hbopenbid.pubmatic.com pbjs.adnz.co
1 htlb.casalemedia.com pbjs.adnz.co
1 mp.4dex.io pbjs.adnz.co
1 macro.adnami.io functions.adnami.io
1 pbjs.adnz.co adnz.co
1 functions.adnami.io www.letemps.ch
1 api.assertcom.de pmtae6gdwwnlfghxs.ay.delivery
1 pmtae6gdwwnlfghxs.ay.delivery www.letemps.ch
1 www.letemps.ch
75 25
Subject Issuer Validity Valid
letemps.ch
R11
2024-10-02 -
2024-12-31
3 months crt.sh
*.kxcdn.com
Thawte TLS RSA CA G1
2024-07-18 -
2025-07-23
a year crt.sh
adnz.co
WE1
2024-09-27 -
2024-12-26
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-24 -
2025-07-25
a year crt.sh
privacy.letemps.ch
Amazon RSA 2048 M03
2024-05-28 -
2025-06-26
a year crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
ay.delivery
WE1
2024-10-16 -
2025-01-14
3 months crt.sh
api.assertcom.de
R10
2024-10-11 -
2025-01-09
3 months crt.sh
functions.adnami.io
R11
2024-10-23 -
2025-01-21
3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M03
2024-07-12 -
2025-08-09
a year crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
pbjs.adnz.co
R11
2024-10-10 -
2025-01-08
3 months crt.sh
mp.4dex.io
WE1
2024-10-27 -
2025-01-25
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018
2024-02-29 -
2025-03-31
a year crt.sh
casalemedia.com
E6
2024-10-13 -
2025-01-11
3 months crt.sh
*.prod.cloud.ogury.io
E6
2024-10-03 -
2025-01-01
3 months crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-19 -
2025-04-19
a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-03 -
2025-09-24
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
Frame ID: 4152A44BDC3197D707C50092339A4D24
Requests: 70 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.letemps.ch
Frame ID: E3171448665CE8F33C32CF79310A6D0B
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/539e5206-9e3c-4f1f-8023-6b4c01e73e2b/grumi.js
Frame ID: FAAD0617E893C6A1A597CF3D82616B71
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

UBS et DSM-Firmenich touchées par un vol de données concernant leurs employés - Le Temps

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

75
Requests

88 %
HTTPS

32 %
IPv6

19
Domains

25
Subdomains

23
IPs

4
Countries

2186 kB
Transfer

5459 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/
114 KB
33 KB
Document
General
Full URL
https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.200.144.88 , Switzerland, ASN56798 (Hidora HIDORA SA, CH),
Reverse DNS
Software
nginx / Phusion Passenger(R) 6.0.17
Resource Hash
f72109916a218c3c447c06dd1c02ad97523a4a1ea79c804607044763afaf5dea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-security-policy-report-only
default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: 'unsafe-inline'; img-src 'self' https: data: blob:; font-src 'self' https: data:; connect-src 'self' https: wss:; media-src 'self' https: blob: data:; object-src https: blob:; worker-src 'self' https: blob:; frame-src 'self' https: blob:; form-action 'self' https:; block-all-mixed-content; report-uri /csp-violation-report
content-type
text/html; charset=utf-8
date
Mon, 18 Nov 2024 15:14:45 GMT
etag
W/"f72109916a218c3c447c06dd1c02ad97"
link
<https://letemps-17455.kxcdn.com/assets/letemps/FinancierDisplay-Medium-d4857bde44b114c55200920b0f80396c95a699cd6e28f600a56e429773694f17.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://letemps-17455.kxcdn.com/assets/letemps/FinancierText-Bold-d89b447fefc8b7c607a42d74c8ea3ed7ed330844a9ee87b1161e26834bd6aa70.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://letemps-17455.kxcdn.com/assets/letemps/FinancierText-Regular-ddcfb6938efa48243576f57cbeede38630ecdfd00ab1b2a51e8f83aa42b5473a.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://letemps-17455.kxcdn.com/assets/letemps/Ratio-Medium-718d80096914b6caf2da4f23a5d7fa35e647746888f4b5a5ab5c8d80e2514fb7.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,<https://letemps-17455.kxcdn.com/assets/letemps/Ratio-Regular-226efe3c68d1a2ab29954ae26b9e91e044d1df7117e210c1b5227e7f27dd49f0.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous
server
nginx
status
200 OK
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Phusion Passenger(R) 6.0.17
x-request-id
03a240ac-c611-4540-b05c-115e0e523b7f
x-runtime
0.219471
FinancierDisplay-Medium-d4857bde44b114c55200920b0f80396c95a699cd6e28f600a56e429773694f17.woff2
letemps-17455.kxcdn.com/assets/letemps/
44 KB
45 KB
Font
General
Full URL
https://letemps-17455.kxcdn.com/assets/letemps/FinancierDisplay-Medium-d4857bde44b114c55200920b0f80396c95a699cd6e28f600a56e429773694f17.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
9d4e9229bfbef9e2e33a3b5843dbd86849c9d5e6d75d4922a6b6cb08ec6d4619

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Origin
https://www.letemps.ch
Referer
https://www.letemps.ch/

Response headers

link
<https://next.letemps.ch/assets/letemps/FinancierDisplay-Medium-d4857bde44b114c55200920b0f80396c95a699cd6e28f600a56e429773694f17.woff2>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
etag
"6582b51a-b158"
expires
Mon, 25 Nov 2024 15:14:46 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
45400
date
Mon, 18 Nov 2024 15:14:46 GMT
content-type
application/octet-stream
last-modified
Wed, 20 Dec 2023 09:34:18 GMT
server
keycdn
FinancierText-Bold-d89b447fefc8b7c607a42d74c8ea3ed7ed330844a9ee87b1161e26834bd6aa70.woff2
letemps-17455.kxcdn.com/assets/letemps/
43 KB
44 KB
Font
General
Full URL
https://letemps-17455.kxcdn.com/assets/letemps/FinancierText-Bold-d89b447fefc8b7c607a42d74c8ea3ed7ed330844a9ee87b1161e26834bd6aa70.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
9e9e4d41fa7c52b403a8c6372e34a5d5cd314fd19c20852789dba698382e5a09

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Origin
https://www.letemps.ch
Referer
https://www.letemps.ch/

Response headers

link
<https://next.letemps.ch/assets/letemps/FinancierText-Bold-d89b447fefc8b7c607a42d74c8ea3ed7ed330844a9ee87b1161e26834bd6aa70.woff2>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
etag
"652ced25-acd0"
expires
Mon, 25 Nov 2024 15:14:46 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
44240
date
Mon, 18 Nov 2024 15:14:46 GMT
content-type
application/octet-stream
last-modified
Mon, 16 Oct 2023 07:58:29 GMT
server
keycdn
FinancierText-Regular-ddcfb6938efa48243576f57cbeede38630ecdfd00ab1b2a51e8f83aa42b5473a.woff2
letemps-17455.kxcdn.com/assets/letemps/
43 KB
43 KB
Font
General
Full URL
https://letemps-17455.kxcdn.com/assets/letemps/FinancierText-Regular-ddcfb6938efa48243576f57cbeede38630ecdfd00ab1b2a51e8f83aa42b5473a.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
2af8b2aa93e899c21ce0f18d34732061a53955d231ee2bd3bdf3cc766b0d5102

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Origin
https://www.letemps.ch
Referer
https://www.letemps.ch/

Response headers

link
<https://next.letemps.ch/assets/letemps/FinancierText-Regular-ddcfb6938efa48243576f57cbeede38630ecdfd00ab1b2a51e8f83aa42b5473a.woff2>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
etag
"652ced13-ab84"
expires
Mon, 25 Nov 2024 15:14:46 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
43908
date
Mon, 18 Nov 2024 15:14:46 GMT
content-type
application/octet-stream
last-modified
Mon, 16 Oct 2023 07:58:11 GMT
server
keycdn
Ratio-Medium-718d80096914b6caf2da4f23a5d7fa35e647746888f4b5a5ab5c8d80e2514fb7.woff2
letemps-17455.kxcdn.com/assets/letemps/
15 KB
15 KB
Font
General
Full URL
https://letemps-17455.kxcdn.com/assets/letemps/Ratio-Medium-718d80096914b6caf2da4f23a5d7fa35e647746888f4b5a5ab5c8d80e2514fb7.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
0f3321c48bc696edcdf6815fb040528039a537710970793bc1a135ad1355b4b9

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Origin
https://www.letemps.ch
Referer
https://www.letemps.ch/

Response headers

link
<https://next.letemps.ch/assets/letemps/Ratio-Medium-718d80096914b6caf2da4f23a5d7fa35e647746888f4b5a5ab5c8d80e2514fb7.woff2>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
etag
"652ced13-3c88"
expires
Mon, 25 Nov 2024 15:14:46 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
15496
date
Mon, 18 Nov 2024 15:14:46 GMT
content-type
application/octet-stream
last-modified
Mon, 16 Oct 2023 07:58:11 GMT
server
keycdn
Ratio-Regular-226efe3c68d1a2ab29954ae26b9e91e044d1df7117e210c1b5227e7f27dd49f0.woff2
letemps-17455.kxcdn.com/assets/letemps/
23 KB
23 KB
Font
General
Full URL
https://letemps-17455.kxcdn.com/assets/letemps/Ratio-Regular-226efe3c68d1a2ab29954ae26b9e91e044d1df7117e210c1b5227e7f27dd49f0.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
2d1c0ffca41cde94cd16b495d1e0e3488ee1596f2966b739371e897057f014e1

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Origin
https://www.letemps.ch
Referer
https://www.letemps.ch/

Response headers

link
<https://next.letemps.ch/assets/letemps/Ratio-Regular-226efe3c68d1a2ab29954ae26b9e91e044d1df7117e210c1b5227e7f27dd49f0.woff2>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
etag
"652ced13-5c00"
expires
Mon, 25 Nov 2024 15:14:46 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
23552
date
Mon, 18 Nov 2024 15:14:46 GMT
content-type
application/octet-stream
last-modified
Mon, 16 Oct 2023 07:58:11 GMT
server
keycdn
application-a2fc93d376ae5832bf3f00e7d35d5d4e15b8c75c61c9be06ec1b74dd8b0d0ec0.js
letemps-17455.kxcdn.com/assets/
119 KB
39 KB
Script
General
Full URL
https://letemps-17455.kxcdn.com/assets/application-a2fc93d376ae5832bf3f00e7d35d5d4e15b8c75c61c9be06ec1b74dd8b0d0ec0.js
Requested by
Host: www.letemps.ch
URL: https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
7360deafcad06168f3e21ff91c06f0b1139d2ff980f2002ce056cc1ea63b114f

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

link
<https://next.letemps.ch/assets/application-a2fc93d376ae5832bf3f00e7d35d5d4e15b8c75c61c9be06ec1b74dd8b0d0ec0.js>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
content-encoding
gzip
etag
W/"67337505-1dc78"
expires
Mon, 25 Nov 2024 15:14:46 GMT
access-control-allow-origin
*
x-cache
HIT
date
Mon, 18 Nov 2024 15:14:46 GMT
content-type
application/x-javascript
last-modified
Tue, 12 Nov 2024 15:32:21 GMT
server
keycdn
letemps-274aff1176845efa1ffa0af31dd4acc9978e5c4948fc61409d7c69327d5f1652.css
letemps-17455.kxcdn.com/assets/
330 KB
69 KB
Stylesheet
General
Full URL
https://letemps-17455.kxcdn.com/assets/letemps-274aff1176845efa1ffa0af31dd4acc9978e5c4948fc61409d7c69327d5f1652.css
Requested by
Host: www.letemps.ch
URL: https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
0bca7bc4e2f529258dbb2c532ce60e753db0a5072045f8115c8509f8c2a3532c

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

link
<https://next.letemps.ch/assets/letemps-274aff1176845efa1ffa0af31dd4acc9978e5c4948fc61409d7c69327d5f1652.css>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
content-encoding
gzip
etag
W/"672dcecc-52833"
expires
Mon, 25 Nov 2024 15:14:46 GMT
access-control-allow-origin
*
x-cache
HIT
date
Mon, 18 Nov 2024 15:14:46 GMT
content-type
text/css
last-modified
Fri, 08 Nov 2024 08:41:48 GMT
server
keycdn
logo-topbar-bd85d8c6801b9d3faefd2a1ac8205d879e18b97803cf0163b6f1816bf05e6184.svg
letemps-17455.kxcdn.com/assets/letemps/
3 KB
2 KB
Image
General
Full URL
https://letemps-17455.kxcdn.com/assets/letemps/logo-topbar-bd85d8c6801b9d3faefd2a1ac8205d879e18b97803cf0163b6f1816bf05e6184.svg
Requested by
Host: www.letemps.ch
URL: https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
01268994eb86023c835bcf17f7f968e21a150c0db3c9c7f93e21fc23e49299a1

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

link
<https://next.letemps.ch/assets/letemps/logo-topbar-bd85d8c6801b9d3faefd2a1ac8205d879e18b97803cf0163b6f1816bf05e6184.svg>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
content-encoding
gzip
etag
W/"652ced13-b41"
expires
Mon, 25 Nov 2024 15:14:46 GMT
access-control-allow-origin
*
x-cache
HIT
date
Mon, 18 Nov 2024 15:14:46 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Oct 2023 07:58:11 GMT
server
keycdn
lightbox-1704e8462cc5866603b7ba66e7c9062e9b0b1e579b47b567f1979bf5684c643b.js
letemps-17455.kxcdn.com/assets/
55 KB
18 KB
Script
General
Full URL
https://letemps-17455.kxcdn.com/assets/lightbox-1704e8462cc5866603b7ba66e7c9062e9b0b1e579b47b567f1979bf5684c643b.js
Requested by
Host: www.letemps.ch
URL: https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
2e6d5b1bec6ea4d4b654c21934a5f3eea1b973e1031142c64de286d1d1d89553

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

link
<https://next.letemps.ch/assets/lightbox-1704e8462cc5866603b7ba66e7c9062e9b0b1e579b47b567f1979bf5684c643b.js>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
content-encoding
gzip
etag
W/"66d82ea6-daa1"
expires
Mon, 25 Nov 2024 15:14:46 GMT
access-control-allow-origin
*
x-cache
HIT
date
Mon, 18 Nov 2024 15:14:46 GMT
content-type
application/x-javascript
last-modified
Wed, 04 Sep 2024 09:55:50 GMT
server
keycdn
header.js
adnz.co/
345 KB
49 KB
Script
General
Full URL
https://adnz.co/header.js?adTagId=628
Requested by
Host: www.letemps.ch
URL: https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d60521972d02eadbbb437f2e130f253090be665aef5e9aebe2baa79bfeae65c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"5655f-wnMFpPvjhMCsWEmtM89gI/8jkBk"
age
3428
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F0xXO5XyJ%2BPGPuWJzHVbEEY%2BDuAMuMNOsVeZKf0YDjdg%2FIFR%2B78wCYiQ9XSOyGy5pGasEQrsrMQjNXlls2LVUwEA4mbAMrRzVnb9bAREOD0kAzx2cK7qlDk%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 18 Nov 2024 15:34:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34212&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4265&recv_bytes=4304&delivery_rate=93112&cwnd=12000&unsent_bytes=0&cid=db1cbd8766e2fdbe&ts=172&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:46 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
origin, content-type, accept
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=1200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e48e9823b8dbbc1-FRA
access-control-allow-origin
*
x-powered-by
Express
server
cloudflare
widgets.js
platform.twitter.com/
91 KB
27 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.letemps.ch
URL: https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

content-encoding
gzip
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Mon, 18 Nov 2024 15:14:46 GMT
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200137-IAD, cache-fra-etou8220046-FRA
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
27597
x-amz-server-side-encryption
AES256
loader.js
privacy.letemps.ch/9899fcc5-cb95-4338-bf4d-b1ff05675c7a/
29 KB
11 KB
Script
General
Full URL
https://privacy.letemps.ch/9899fcc5-cb95-4338-bf4d-b1ff05675c7a/loader.js?target_type=notice&target=qpExkUfk
Requested by
Host: www.letemps.ch
URL: https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-128.fra56.r.cloudfront.net
Software
/
Resource Hash
7d4df6c28c7fac526bd1a00438e01b73b463fd4b96928f33676e7e68878c4296

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

cache-control
max-age=7200, public
x-didomi-remote-config-metadata
multiReg:true;legacyGlobalGdpr:true
content-encoding
gzip
etag
W/"1a6243af14b92a3f36e35a7b51335f96"
age
704
x-amzn-trace-id
Root=1-673b3b04-332926a00607fd766a3c7b58;Parent=6148bac263c6d72d;Sampled=0;Lineage=1:eaae1266:0
x-amzn-requestid
bfd5589a-efe6-428f-adc3-1548da4f7a41
via
1.1 b58f4c458263fcafb0c4b2b684d9bc50.cloudfront.net (CloudFront), 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
x-didomi-configs-version
113
x-cache
Miss from cloudfront
x-amz-cf-id
vw-ekx2qHGtQX-_G6sLfYyRK73wy9r9L34xU1cOuF37xYlMJRy5H-A==
date
Mon, 18 Nov 2024 15:03:02 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
FRA60-P10, FRA56-P9
gtm.js
www.googletagmanager.com/
326 KB
111 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-59MW7L4
Requested by
Host: www.letemps.ch
URL: https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d57602f3f3ae2fbf700388d47329b837c26867fadb4c3322d3f9ce3acf3c6e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 18 Nov 2024 15:14:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 15:14:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
112940
x-xss-protection
0
server
Google Tag Manager
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame E317
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.letemps.ch
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.letemps.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Mon, 18 Nov 2024 15:14:47 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kiad7000164-IAD, cache-fra-etou8220158-FRA
sdk.bd74275347b2dbbf9de41851f1f31c46055cd00f.js
privacy.letemps.ch/sdk/bd74275347b2dbbf9de41851f1f31c46055cd00f/modern/
362 KB
94 KB
Script
General
Full URL
https://privacy.letemps.ch/sdk/bd74275347b2dbbf9de41851f1f31c46055cd00f/modern/sdk.bd74275347b2dbbf9de41851f1f31c46055cd00f.js
Requested by
Host: privacy.letemps.ch
URL: https://privacy.letemps.ch/9899fcc5-cb95-4338-bf4d-b1ff05675c7a/loader.js?target_type=notice&target=qpExkUfk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-128.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f06e689aa1d08bdc9a50b185c3fc221ca08cd72080c36e728d2d5299720eb80

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=31536000
content-encoding
br
etag
W/"3953dbd63a48beec6f74e167045651a8-1"
age
20640
via
1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront), 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
sVFRptwi7uuewX4sRyPvlRNQz6mi1mU_mP7EFWYu-TKjvgbNodlI3w==
date
Mon, 18 Nov 2024 09:30:47 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 18 Nov 2024 09:30:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10, FRA56-P9
x-amz-server-side-encryption
AES256
85ade739-0818-4de9-83f5-6545f6433064
https://www.letemps.ch/
793 B
0
Script
General
Full URL
blob:https://www.letemps.ch/85ade739-0818-4de9-83f5-6545f6433064
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4db051fbdbba14411f013be0026c050855caa68b46d46871a1a5f0d31069d4c

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
text/javascript
Content-Length
793
getuidj
ib.adnxs.com/
11 B
570 B
Fetch
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
80.255.7.77; 80.255.7.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.letemps.ch
an-x-request-uuid
4304f1d3-c0be-40c9-b6d9-ee5b84fae2b5
content-length
11
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 18 Nov 2024 15:14:47 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
visitor-id
api.adnz.co/api/ws-convey/
19 B
966 B
Fetch
General
Full URL
https://api.adnz.co/api/ws-convey/visitor-id?url=https%3A%2F%2Fwww.letemps.ch%2Fcyber%2Fubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4fe5366cb385500ae891df4051cf3355b56f27bb9c2d18150a5a89c6a701aa1

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

access-control-expose-headers
ETag, Authorization
ratelimit-remaining
99
cf-cache-status
DYNAMIC
etag
7105200995047473180
ratelimit-reset
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IaGFcpbJs6ZBb%2FaCmbSDAmoqZq37VS50X69ntYItF7nNrUiXtFQMpl7r1kF%2BYirPNOEXcjtfRHQWjSLJJ9o3N0um37hIaHUV4sfzc1PCrrbygQoNOqCwWbaZyNDw"}],"group":"cf-nel","max_age":604800}
expires
-1
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47214&sent=58&recv=34&lost=0&retrans=0&sent_bytes=55203&recv_bytes=5814&delivery_rate=386086&cwnd=34800&unsent_bytes=0&cid=db1cbd8766e2fdbe&ts=665&x=1", cfExtPri, cfHdrFlush;dur=0
p3p
CP="Not used"
date
Mon, 18 Nov 2024 15:14:47 GMT
content-type
text/plain;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
priority
u=1,i
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
8e48e9853e96bbc1-FRA
access-control-allow-origin
https://www.letemps.ch
content-length
19
server
cloudflare
large.avif
letemps-17455.kxcdn.com/photos/24df443c-f84a-4e49-8d05-cf3e521ecff1/
43 KB
44 KB
Image
General
Full URL
https://letemps-17455.kxcdn.com/photos/24df443c-f84a-4e49-8d05-cf3e521ecff1/large.avif
Requested by
Host: www.letemps.ch
URL: https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn / Phusion Passenger(R) 6.0.17
Resource Hash
30378b25017db4018bfd3c144a033298ea435eb628bba1476e65c1fc3f8d3c78
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

x-request-id
6a9f009e-317f-4cf6-b800-535b13171549
etag
W/"30378b25017db4018bfd3c144a033298"
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 15:14:47 GMT
x-cache
MISS
date
Mon, 18 Nov 2024 15:14:47 GMT
content-type
image/avif
content-disposition
inline; filename="1bd2799_1731574024675-adobestock-873760730.avif"; filename*=UTF-8''1bd2799_1731574024675-adobestock-873760730.avif
x-runtime
0.028259
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
link
<https://next.letemps.ch/photos/24df443c-f84a-4e49-8d05-cf3e521ecff1/large.avif>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
content-transfer-encoding
binary
accept-ranges
bytes
access-control-allow-origin
*
content-length
43975
x-powered-by
Phusion Passenger(R) 6.0.17
server
keycdn
client-v2.js
pmtae6gdwwnlfghxs.ay.delivery/
99 KB
32 KB
Script
General
Full URL
https://pmtae6gdwwnlfghxs.ay.delivery/client-v2.js
Requested by
Host: www.letemps.ch
URL: blob:https://www.letemps.ch/85ade739-0818-4de9-83f5-6545f6433064
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48bae514478cd87f735c9356dd06003f56adee48f59c572ca5bd3ba6350b7501

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67292185-18c69"
age
289
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9rpWAqzo%2BdUY0mrDAywB5ncMJhnKGWU04I%2FhbWOoE0gMw9%2Bjh5Z5wcQD1UUPd10A%2F8a3mjCiJ%2FAjQ%2F94zRvlDCmNM5EpZqXNW%2BEl35DtU7%2B1J2tZ9ss3NidmIRT3pcJZdh8XpvcCQJMh782joutMDA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38496&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4170&recv_bytes=4318&delivery_rate=79878&cwnd=12000&unsent_bytes=0&cid=4dfe0ae701af89bf&ts=212&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:47 GMT
content-type
application/javascript
last-modified
Mon, 04 Nov 2024 19:33:25 GMT
vary
Accept-Encoding
cache-control
public, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e48e98718533c8f-CDG
server
cloudflare
188890d0-3042-4de7-9b5a-7e6d6cdbf4b0
https://www.letemps.ch/
1 KB
0
Script
General
Full URL
blob:https://www.letemps.ch/188890d0-3042-4de7-9b5a-7e6d6cdbf4b0
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa628d0d24e4945134dba6edfeb80695f9b852e80f57300b112d801570f5b6a3

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
text/javascript
Content-Length
1238
js
www.googletagmanager.com/gtag/
390 KB
128 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SR8FQJPVG5&l=dataLayer&cx=c&gtm=45He4bc0v870860302za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59MW7L4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4da2e7913f2cb8aacc630b50230e40eb166845bd4efd8e83e869072b05d32027
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 18 Nov 2024 15:14:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 15:14:47 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
130350
x-xss-protection
0
server
Google Tag Manager
ui-web-fr-web.bd74275347b2dbbf9de41851f1f31c46055cd00f.js
privacy.letemps.ch/sdk/bd74275347b2dbbf9de41851f1f31c46055cd00f/modern/
276 KB
57 KB
Script
General
Full URL
https://privacy.letemps.ch/sdk/bd74275347b2dbbf9de41851f1f31c46055cd00f/modern/ui-web-fr-web.bd74275347b2dbbf9de41851f1f31c46055cd00f.js
Requested by
Host: privacy.letemps.ch
URL: https://privacy.letemps.ch/sdk/bd74275347b2dbbf9de41851f1f31c46055cd00f/modern/sdk.bd74275347b2dbbf9de41851f1f31c46055cd00f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-128.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
122ea4f8eeb62f1b6eb28e376a3746c38711f31201c6868921f47c4f9a4bfb75

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=31536000
content-encoding
br
etag
W/"125eba3a5f8dd42ec5a4e7f65977a951-1"
age
20640
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront), 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
Kw5hk75TpXQKaDTRldzcRIvK9oO7sg_Y2A8EBBY_Wk4YvdP0fomQrA==
date
Mon, 18 Nov 2024 09:30:48 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 18 Nov 2024 09:30:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10, FRA56-P9
x-amz-server-side-encryption
AES256
9b838711-c365-4da8-88ab-8db08694a708
https://www.letemps.ch/
1 KB
0
Script
General
Full URL
blob:https://www.letemps.ch/9b838711-c365-4da8-88ab-8db08694a708
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1061f1ba1712b0ff081edb16c1c202e8c2638a1e2171225cacc002dcb42a418f

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
text/javascript
Content-Length
1084
c167ae3b-1cd9-4716-adf3-fd56d7d1cde4
https://www.letemps.ch/
1 KB
0
Script
General
Full URL
blob:https://www.letemps.ch/c167ae3b-1cd9-4716-adf3-fd56d7d1cde4
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ca3f9a76d15953dfc66576fd8b38ee4a4776559f58789af99bc751bfb1f9c5d

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
text/javascript
Content-Length
1103
pageview
api.assertcom.de/
0
308 B
Ping
General
Full URL
https://api.assertcom.de/pageview
Requested by
Host: pmtae6gdwwnlfghxs.ay.delivery
URL: https://pmtae6gdwwnlfghxs.ay.delivery/client-v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.108.134.244 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.244.134.108.65.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

access-control-max-age
86400
cache-control
no-store, no-cache, private, no-transform
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
expires
Thu, 01 Jan 1980 00:00:01 GMT
access-control-allow-origin
https://www.letemps.ch
content-length
0
date
Mon, 18 Nov 2024 15:14:48 GMT
content-type
text/plain
server
nginx
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding
logo-topbar-bd85d8c6801b9d3faefd2a1ac8205d879e18b97803cf0163b6f1816bf05e6184.svg
letemps-17455.kxcdn.com/assets/letemps/
3 KB
0
Image
General
Full URL
https://letemps-17455.kxcdn.com/assets/letemps/logo-topbar-bd85d8c6801b9d3faefd2a1ac8205d879e18b97803cf0163b6f1816bf05e6184.svg
Requested by
Host: www.letemps.ch
URL: https://www.letemps.ch/articles/ubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes/gifts/UuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
01268994eb86023c835bcf17f7f968e21a150c0db3c9c7f93e21fc23e49299a1

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

link
<https://next.letemps.ch/assets/letemps/logo-topbar-bd85d8c6801b9d3faefd2a1ac8205d879e18b97803cf0163b6f1816bf05e6184.svg>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
content-encoding
gzip
etag
W/"652ced13-b41"
expires
Mon, 25 Nov 2024 15:14:46 GMT
access-control-allow-origin
*
x-cache
HIT
date
Mon, 18 Nov 2024 15:14:46 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Oct 2023 07:58:11 GMT
server
keycdn
c342b7a3-08dc-47f8-a7d8-ce99b82f5034
https://www.letemps.ch/
154 B
0
Script
General
Full URL
blob:https://www.letemps.ch/c342b7a3-08dc-47f8-a7d8-ce99b82f5034
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cca689d63f6cc503de5e9197857805839e2c4a01d5cf4d5e67ee5c7e81f539fa

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
text/javascript
Content-Length
154
index.js
cdn.adnz.co/yaleo/
406 KB
141 KB
Script
General
Full URL
https://cdn.adnz.co/yaleo/index.js
Requested by
Host: www.letemps.ch
URL: blob:https://www.letemps.ch/9b838711-c365-4da8-88ab-8db08694a708
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aac709df210dc768bf29682d46aac397de0c697affbf8c73f922876b667cf5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

access-control-expose-headers
Content-Length,Content-Range
content-encoding
gzip
cf-cache-status
HIT
etag
W/"fab87ae71c142729963793e2b3b0bc23"
age
7100
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KO0q4037BPC2oULQM8ZtCKAdASwsTQVAAt8%2FS3UaUp%2BIY%2FXFdJov0X48U5mNP0A6N5PKbAB6WKzRk2o7ecasmo6z4gpJVXMSqmvQ3j%2B8kj4hDLJbi3SYl9gbzDoL"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47184&sent=70&recv=37&lost=0&retrans=0&sent_bytes=68215&recv_bytes=6435&delivery_rate=10865&cwnd=34800&unsent_bytes=0&cid=db1cbd8766e2fdbe&ts=1611&x=1", cfExtPri, cfHdrFlush;dur=50
date
Mon, 18 Nov 2024 15:14:48 GMT
x-rgw-object-type
Normal
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 17:45:37 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
x-amz-request-id
tx00000bbe5bb845f5fcfb9-00673b3e2c-14eab47-default
cf-ray
8e48e98b2e39bbc1-FRA
server
cloudflare
index.js
cdn.adnz.co/app-bta-feed/
540 KB
178 KB
Script
General
Full URL
https://cdn.adnz.co/app-bta-feed/index.js
Requested by
Host: www.letemps.ch
URL: blob:https://www.letemps.ch/c167ae3b-1cd9-4716-adf3-fd56d7d1cde4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68fb57f8c30d7a1eef477b414ea43c1f2931d8abccd3589910418265f562e35c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

access-control-expose-headers
Content-Length,Content-Range
content-encoding
gzip
cf-cache-status
HIT
etag
W/"e9fcc11f939e0e1b016616bfbf039a74"
age
7102
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HE%2Frs7OOEgnh%2FKpBOh1KSAOKVgBfOCg9gHVLVx13qw9K9svAhYR0Wa3JsO30Y%2Fc0SAEbnwMKBaoultywIyKgm1LzFzCCbxQuG8Xtw6sA%2FWh5kUZv8v5ePgkwVYX"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47184&sent=60&recv=37&lost=0&retrans=0&sent_bytes=56215&recv_bytes=6435&delivery_rate=10865&cwnd=34800&unsent_bytes=0&cid=db1cbd8766e2fdbe&ts=1611&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:48 GMT
x-rgw-object-type
Normal
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 17:45:13 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
x-amz-request-id
tx00000a0f08f249ecbc052-00673b3e2a-13331fd-default
cf-ray
8e48e98b2e33bbc1-FRA
server
cloudflare
a9ff5bf5-7c5f-424a-a992-0be7047552cc
https://www.letemps.ch/
594 B
0
Script
General
Full URL
blob:https://www.letemps.ch/a9ff5bf5-7c5f-424a-a992-0be7047552cc
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
482cfbf2be29fbc8f710aefacdb6197d9a64e71937181ab7396778c950cefc27

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
text/javascript
Content-Length
594
30a2f896-5753-4ee0-9a08-385dc76e1486
https://www.letemps.ch/
260 B
0
Script
General
Full URL
blob:https://www.letemps.ch/30a2f896-5753-4ee0-9a08-385dc76e1486
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df4d4a655954ce0076908056c07e93f2ef7141a140c7a67cda0f9d021d775314

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
text/javascript
Content-Length
260
8e5d506f-5350-4847-bee9-1d161f2df236
https://www.letemps.ch/
235 B
0
Script
General
Full URL
blob:https://www.letemps.ch/8e5d506f-5350-4847-bee9-1d161f2df236
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d49812d3523e9d003c540b4f2db78536c268a801ce28814658edde0b976ea70b

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
text/javascript
Content-Length
235
adsm.macro.letemps.ch.js
functions.adnami.io/api/macro/
27 KB
5 KB
Script
General
Full URL
https://functions.adnami.io/api/macro/adsm.macro.letemps.ch.js
Requested by
Host: www.letemps.ch
URL: blob:https://www.letemps.ch/8e5d506f-5350-4847-bee9-1d161f2df236
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d4e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
d42f6624dc19e1dfeee7e18a156d6eb639f8c8c0558cf2683654650c1f82d508

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

request-context
appId=cid-v1:ef4820a1-b38c-4383-9c84-5bdfd7a9bb51
x-ms-middleware-request-id
00000000-0000-0000-0000-000000000000
cache-control
max-age=6201
content-encoding
br
content-length
4851
date
Mon, 18 Nov 2024 15:14:48 GMT
content-type
text/javascript
ca814f5a-0c31-4a99-a33d-3fd1b66bede0
https://www.letemps.ch/
475 B
0
Script
General
Full URL
blob:https://www.letemps.ch/ca814f5a-0c31-4a99-a33d-3fd1b66bede0
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcaa7675aa085c5db7619b17b17293ca0decf68e01d08ec2b8006b5f9f5c61af

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
text/javascript
Content-Length
475
grumi-ip.js
rumcdn.geoedge.be/539e5206-9e3c-4f1f-8023-6b4c01e73e2b/
16 KB
7 KB
Script
General
Full URL
https://rumcdn.geoedge.be/539e5206-9e3c-4f1f-8023-6b4c01e73e2b/grumi-ip.js
Requested by
Host: www.letemps.ch
URL: blob:https://www.letemps.ch/ca814f5a-0c31-4a99-a33d-3fd1b66bede0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d7be6f59fe99ff493b48c1ff9bb7cad6d8d13b5abf62a009e8f08fb07ad45d2

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

vary
accept-encoding
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
content-encoding
br
x-amz-version-id
soYQtAzrqG9I1mxNJ9likbS3WQg3klwl
etag
W/"f0532961cd7857f31499843a77d47ecb"
age
2374
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
yM0_YgoeZETfygIDDz-YwEMesRivQ_dHDpyZwM9dIcdeiyskhLjgEw==
date
Mon, 18 Nov 2024 14:35:15 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 14:17:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
page-keywords
api.adnz.co/api/ws-semantiq/
413 B
1 KB
Fetch
General
Full URL
https://api.adnz.co/api/ws-semantiq/page-keywords?tenantIds=1,3454&url=https%3A%2F%2Fwww.letemps.ch%2Fcyber%2Fubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa992020eee169aa2446e65b03f28daa375ce901efb19021a38a8b0140b52752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

ratelimit-remaining
99
content-encoding
br
cf-cache-status
DYNAMIC
ratelimit-reset
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Fp%2FBvtLHNFURSzYTGsYmA8EnLlfJTb5DDt%2FZaEAdS87GePzCook3TajyMvKc2j18Kb%2FwqcGk3N2%2B1mHB%2FJOQadjyCwkdOlo%2FMTovPKA7p0mwpf6l78iFbkmOLiO"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37756&sent=15&recv=10&lost=0&retrans=0&sent_bytes=9635&recv_bytes=5186&delivery_rate=88526&cwnd=12000&unsent_bytes=0&cid=55d2fddb02395c5f&ts=113&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:48 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
priority
u=1,i
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
8e48e98bff02dc91-FRA
access-control-allow-origin
https://www.letemps.ch
x-xss-protection
0
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/
109 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
e89bb9961d6387c6f4801d5f37cb29d4777d91cc4bfb8fe02891206f8dac5bba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

content-encoding
br
etag
635 / 20045 / 31089025 / config-hash: 9506866230099060792
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 15:14:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 18 Nov 2024 15:14:48 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33761
x-xss-protection
0
server
cafe
prebid.js
pbjs.adnz.co/
364 KB
365 KB
Script
General
Full URL
https://pbjs.adnz.co/prebid.js?id=628
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.40.160.1 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.1.160.40.188.clients.your-server.de
Software
/
Resource Hash
964f0c8b0425307b2c6d88c8858555a1954ae40cd08736421ff1a23857cfeb86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
date
Mon, 18 Nov 2024 15:14:48 GMT
etag
W/c3503bb5da385bfc3574d600d2aee552
content-type
text/javascript; charset=utf-8
access-control-allow-headers
origin, content-type, accept
mediation-excluded
api.adnz.co/api/ws-appnexus-proxy/creatives/
13 KB
5 KB
Fetch
General
Full URL
https://api.adnz.co/api/ws-appnexus-proxy/creatives/mediation-excluded
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
339d73e06494ad1e92cd5d416fcfdff12d34eda11197b97e7e43e46dbdc8b235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Accept
application/json
Referer
https://www.letemps.ch/

Response headers

ratelimit-remaining
99
content-encoding
br
cf-cache-status
HIT
ratelimit-reset
1
age
3439
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LBGk4VWSCUMspm%2F%2F3adDd7nJmYFYz4bo%2BnqY0nTZAG2eZ%2Figg%2BblODFYPhhPM8tDRFh1irqylCoDYADff7qhw%2F51HGRNfRe%2F4IQvL7cViq%2FFHYPJWc0YbThvYy3z"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 15:19:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37756&sent=10&recv=10&lost=0&retrans=0&sent_bytes=4218&recv_bytes=5186&delivery_rate=88526&cwnd=12000&unsent_bytes=0&cid=55d2fddb02395c5f&ts=107&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:48 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
last-modified
Mon, 18 Nov 2024 14:17:29 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
priority
u=1,i
cache-control
public, max-age=300
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
8e48e98bff04dc91-FRA
access-control-allow-origin
https://www.letemps.ch
x-xss-protection
0
server
cloudflare
country
api.adnz.co/api/ws-geodata/
2 B
850 B
Fetch
General
Full URL
https://api.adnz.co/api/ws-geodata/country
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab861dc170dc2e43224e45278d3d31a675b9ebc34c9b0f48c066ca1eeaed8ee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Accept
application/text
Referer
https://www.letemps.ch/

Response headers

ratelimit-remaining
99
cf-cache-status
DYNAMIC
ratelimit-reset
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=00cYnHEUwaueDueTczSv4uvlKoVkNSWrvsgEmoA%2FlrU0O1r4Tk2%2FdkW3n7uUTpnH%2F4D8dGg%2BeGyHehdqMKxcoYRIdeEOatm7bZcROjQBx%2FurAIUx8zlnxi%2B63yBw"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37756&sent=16&recv=10&lost=0&retrans=0&sent_bytes=10689&recv_bytes=5186&delivery_rate=88526&cwnd=12000&unsent_bytes=0&cid=55d2fddb02395c5f&ts=114&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:48 GMT
content-type
application/text;charset=UTF-8
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
priority
u=1,i
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
8e48e98bff06dc91-FRA
access-control-allow-origin
https://www.letemps.ch
content-length
2
x-xss-protection
0
server
cloudflare
adsm.macro.rmb.js
macro.adnami.io/macro/gen/
70 KB
20 KB
Script
General
Full URL
https://macro.adnami.io/macro/gen/adsm.macro.rmb.js
Requested by
Host: functions.adnami.io
URL: https://functions.adnami.io/api/macro/adsm.macro.letemps.ch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3691 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e6e0127e8e63c20def799bd1d26ddbbd68542b6b61e24f4d9c2e260c1de730ba

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

content-md5
KIOgNlJ0tUCkycruIpiL3Q==
cache-control
max-age=3713
content-encoding
br
x-ms-version
2009-09-19
etag
0x8DD03D92A532514
x-ms-lease-status
unlocked
x-ms-request-id
b7b95afc-f01e-006d-2da1-38ca0b000000
access-control-allow-origin
*
content-length
19965
date
Mon, 18 Nov 2024 15:14:48 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Nov 2024 11:49:00 GMT
x-ms-blob-type
BlockBlob
grumi.js
rumcdn.geoedge.be/539e5206-9e3c-4f1f-8023-6b4c01e73e2b/ Frame FAAD
377 KB
142 KB
Script
General
Full URL
https://rumcdn.geoedge.be/539e5206-9e3c-4f1f-8023-6b4c01e73e2b/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/539e5206-9e3c-4f1f-8023-6b4c01e73e2b/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8c7efc72d2be48f34dae8f69cb38154e8c15f3b317f1848f4f8e10a92c594e9

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer

Response headers

content-encoding
br
x-amz-version-id
9w8dfUlT42XypXYX8hWw0X8e51ZOTbFy
etag
W/"38406388905a3660f4d6217ea0f57ed5"
age
2376
x-cache
Hit from cloudfront
x-amz-cf-id
a4LBuXssf0laCw9DTExqrpe0enLSNE0UloYvakW_JBE_wHmaIgvXJw==
date
Mon, 18 Nov 2024 14:35:13 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Mon, 18 Nov 2024 14:24:36 GMT
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411130102/
489 KB
152 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411130102/pubads_impl.js?cb=31089025
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/539e5206-9e3c-4f1f-8023-6b4c01e73e2b/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
9e9558fe12b61a71d65a039cd3348fe2572cb55fbe72eaa19e1ac34b51d35054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

content-encoding
br
etag
18000071572711967338
age
78213
x-content-type-options
nosniff
expires
Mon, 17 Nov 2025 17:31:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 17 Nov 2024 17:31:15 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155155
x-xss-protection
0
server
cafe
publisher.js
adnz.co/dmp/
37 KB
15 KB
Script
General
Full URL
https://adnz.co/dmp/publisher.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/539e5206-9e3c-4f1f-8023-6b4c01e73e2b/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d140cb3c2874f8c61827b8948165c46b9e74c1e146c62da60283b8dba23f332c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

access-control-expose-headers
Content-Length,Content-Range
content-encoding
gzip
cf-cache-status
HIT
etag
W/"334e70ad31fa01c5bc764168cbaacf15"
age
3500
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0C10qCHdrSqVwnPOQTORumEAaLnOUa504fzQ0ObGVtfDbT4Rq31T%2Fow7dZ6w7VvV%2F5WBNpVwlx7MdV%2FmAMiN8DxysL6%2FqOEKJsdmBsgLPE2v473oyvcqjOw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33456&sent=346&recv=87&lost=0&retrans=0&sent_bytes=390255&recv_bytes=8904&delivery_rate=1345547&cwnd=156000&unsent_bytes=0&cid=db1cbd8766e2fdbe&ts=2564&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:49 GMT
x-rgw-object-type
Normal
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 17:45:24 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
1
x-amz-request-id
tx00000b2ba5b30068ab064-00673b4c3d-13331fd-default
cf-ray
8e48e9912d3bbbc1-FRA
server
cloudflare
bta-feed-data.json
api.adnz.co/api/ws-yaleo/v2/
14 KB
6 KB
Fetch
General
Full URL
https://api.adnz.co/api/ws-yaleo/v2/bta-feed-data.json?id=df3fa2cc-ee05-42d4-8b4f-911aa85318ba&url=https%253A%252F%252Fwww.letemps.ch%252Fcyber%252Fubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes&visitorUuid=8959199125297044&mock=false&mobile=true
Requested by
Host: cdn.adnz.co
URL: https://cdn.adnz.co/app-bta-feed/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
921357c4c0ba2f3af0eee732036ea1fcf85b4f2aca2807f127d0544765a9f7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Accept
application/json
Referer
https://www.letemps.ch/

Response headers

ratelimit-remaining
99
content-encoding
br
cf-cache-status
DYNAMIC
ratelimit-reset
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccdQFk5u%2B1YD6d%2FIcwBRPZ9p2PdIY%2BlIt9W1FH2YRWt15HmIjj9rn%2BlSN8EhxFWfXld5FOQAEmkglEIMiseMD847TwxiZgGuucgOi90SI15wVtVHKPlnRN68odtY"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40627&sent=19&recv=17&lost=0&retrans=0&sent_bytes=11614&recv_bytes=5968&delivery_rate=168992&cwnd=12000&unsent_bytes=0&cid=55d2fddb02395c5f&ts=971&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:49 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
priority
u=1,i
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
x-envoy-upstream-service-time
8
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
8e48e9913c64dc91-FRA
access-control-allow-origin
https://www.letemps.ch
x-xss-protection
0
server
cloudflare
batch
api.adnz.co/api/ws-clickstream-collector/submit/
0
817 B
Ping
General
Full URL
https://api.adnz.co/api/ws-clickstream-collector/submit/batch
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type
application/json
Referer
https://www.letemps.ch/

Response headers

ratelimit-remaining
99
cf-cache-status
DYNAMIC
ratelimit-reset
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZsjQ6bVunitqaEODlUIPSFJP9JGOf3iKAcYDZVGlisBgbGMwNGMjLhCQpdTC80r0qfoUT%2FdfLwRSDAYxc69wZuWokPiOdXmCtOs0PFWVb15b6aayj%2BfPgPaQyl4o"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36247&sent=362&recv=91&lost=0&retrans=0&sent_bytes=406205&recv_bytes=10123&delivery_rate=280321&cwnd=156000&unsent_bytes=0&cid=db1cbd8766e2fdbe&ts=2824&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:49 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
priority
u=4,i
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
8e48e9929ebbbbc1-FRA
access-control-allow-origin
https://www.letemps.ch
x-xss-protection
0
server
cloudflare
data.json
api.adnz.co/api/ws-yaleo/v2/
12 KB
4 KB
Fetch
General
Full URL
https://api.adnz.co/api/ws-yaleo/v2/data.json?id=51cf0595-9ff2-4a36-9985-de1e70a38009&url=https%253A%252F%252Fwww.letemps.ch%252Fcyber%252Fubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes&visitorUuid=8959199125297044&mock=false&mobile=true
Requested by
Host: cdn.adnz.co
URL: https://cdn.adnz.co/yaleo/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12a2b82437bea719a4967ce9aef5c8beb35d91fb63dc1f7e2bf6ec0995edf03b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Accept
application/json
Referer
https://www.letemps.ch/

Response headers

ratelimit-remaining
98
content-encoding
br
cf-cache-status
DYNAMIC
ratelimit-reset
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQGDH5Jw%2FG%2BbmVf3kHmHMC5W5rayb9faHrIsf16JrGGEQRGW%2F9ryx%2FZiSJEJPzYHNdc45UfIOQ%2BIzUbafwM67lJhkMW%2B8wi1gb3%2Fch4Zuc%2Bq9rMnz3eFIHUAaFQd"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44846&sent=27&recv=22&lost=0&retrans=0&sent_bytes=18337&recv_bytes=6972&delivery_rate=70066&cwnd=12000&unsent_bytes=0&cid=55d2fddb02395c5f&ts=1175&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:49 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
priority
u=1,i
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
8e48e9929879dc91-FRA
access-control-allow-origin
https://www.letemps.ch
x-xss-protection
0
server
cloudflare
batch
api.adnz.co/api/ws-clickstream-collector/submit/ Frame
0
0
Preflight
General
Full URL
https://api.adnz.co/api/ws-clickstream-collector/submit/batch
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.letemps.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization, cache-control, content-type, if-modified-since, keep-alive, user-agent, requested-status, access-control-request-headers, access-control-request-method, access-control-allow-credentials, origin, referer, sec-fetch-mode, accept-ranges, allow, vary, x-selected-company, sentry-trace
access-control-allow-methods
GET, HEAD, PUT, PATCH, DELETE, POST, OPTIONS
access-control-allow-origin
https://www.letemps.ch
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e48e9925fd8dc91-FRA
content-length
0
date
Mon, 18 Nov 2024 15:14:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=4,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQtfyfc2iwH7MuzifgF%2FyxzMyEEwQCDCz8%2BHf%2B3SljJgd8FZD2Lj1qFvHl1fSZkCXWLh1TqDPArT00ejp6tUSfvibgIKOXa3IB5YfU1WxUZ%2BkKDgPeGumC2Z42m%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=44846&sent=25&recv=21&lost=0&retrans=0&sent_bytes=17417&recv_bytes=6458&delivery_rate=70066&cwnd=12000&unsent_bytes=0&cid=55d2fddb02395c5f&ts=1129&x=1" cfExtPri cfHdrFlush;dur=0
https%3A%2F%2Fletemps-17455.kxcdn.com%2Fphotos%2F253d0e55-267a-4e12-a9bb-1c326137bf20%2Fmedium
img.adnz.co/5s8kNIoJAm-on9CeZ5q685jxK_o=/800x450/smart/filters:no_upscale():strip_icc():strip_exif():autojpg():quality(80):max_bytes(100000)/
59 KB
60 KB
Image
General
Full URL
https://img.adnz.co/5s8kNIoJAm-on9CeZ5q685jxK_o=/800x450/smart/filters:no_upscale():strip_icc():strip_exif():autojpg():quality(80):max_bytes(100000)/https%3A%2F%2Fletemps-17455.kxcdn.com%2Fphotos%2F253d0e55-267a-4e12-a9bb-1c326137bf20%2Fmedium
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a38cf7a807e41c9d0c005e9817d18711eb31247ebf124a4cf83132d9b38c3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

access-control-max-age
1728000
cf-bgj
h2pri
etag
"d556471de703979e7f6eac2aecdd804fb30d1692"
age
6940
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehP5UwlHpAt841SHqC1BgzF4IUPLwgP3G%2Blw8%2FG%2Fk7aIRXLCbr6usmr57T2mzIZ%2BENtZswuoywtzxLKDCiJDryVAXWMHv3Qnao98DyMsk3GqpQs2fScUwOq96ge2"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
expires
Tue, 19 Nov 2024 13:19:10 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35921&sent=364&recv=95&lost=0&retrans=0&sent_bytes=407070&recv_bytes=11716&delivery_rate=10331&cwnd=156000&unsent_bytes=0&cid=db1cbd8766e2fdbe&ts=4156&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:50 GMT
content-type
image/jpeg
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8e48e99b180bbbc1-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
60690
server
cloudflare
https%3A%2F%2Fletemps-17455.kxcdn.com%2Fphotos%2F4e760327-dd34-4bc1-ba22-0f1233a1fed5%2Fmedium
img.adnz.co/KNscrV0envi4PxfVlYrCJNMK4u4=/800x450/smart/filters:no_upscale():strip_icc():strip_exif():autojpg():quality(80):max_bytes(100000)/
69 KB
70 KB
Image
General
Full URL
https://img.adnz.co/KNscrV0envi4PxfVlYrCJNMK4u4=/800x450/smart/filters:no_upscale():strip_icc():strip_exif():autojpg():quality(80):max_bytes(100000)/https%3A%2F%2Fletemps-17455.kxcdn.com%2Fphotos%2F4e760327-dd34-4bc1-ba22-0f1233a1fed5%2Fmedium
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9efc2548f52f0edcbed6ea10ac5a419cb54390247a8a5d84a738479804c060e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

access-control-max-age
1728000
cf-bgj
h2pri
etag
"761476729d2f306a5e057d7de1222ac1ac03cb28"
age
6997
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9RA6qKhtO%2FzDf1N7urk7AXAkwNqclo3WNR7Why4XSHQypnRkqZ1Ol3Xbk7BNznO3eFDu49XZpiKMXM1FD0Y1vn%2B08D%2Frgwi2zRZwygZAPxzjNn5n2tR11M%2BWsnX"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
expires
Tue, 19 Nov 2024 13:18:13 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35921&sent=417&recv=95&lost=0&retrans=0&sent_bytes=469987&recv_bytes=11716&delivery_rate=10331&cwnd=156000&unsent_bytes=0&cid=db1cbd8766e2fdbe&ts=4158&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:50 GMT
content-type
image/jpeg
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8e48e99b1813bbc1-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
70411
server
cloudflare
https%3A%2F%2Fletemps-17455.kxcdn.com%2Fphotos%2F1ce53df9-f66a-496f-a1f5-c752cf295140%2Fmedium
img.adnz.co/dcVG4bDYd2ms2QuiVMM67Lh6sMM=/800x450/smart/filters:no_upscale():strip_icc():strip_exif():autojpg():quality(80):max_bytes(100000)/
50 KB
51 KB
Image
General
Full URL
https://img.adnz.co/dcVG4bDYd2ms2QuiVMM67Lh6sMM=/800x450/smart/filters:no_upscale():strip_icc():strip_exif():autojpg():quality(80):max_bytes(100000)/https%3A%2F%2Fletemps-17455.kxcdn.com%2Fphotos%2F1ce53df9-f66a-496f-a1f5-c752cf295140%2Fmedium
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b18f864a106a82398b0950cf357a548f6275447a1d5907c5f2b449d13c3f2dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

access-control-max-age
1728000
cf-bgj
h2pri
etag
"f9cde6d7280433a6fc074e03e42703d9a4e61a16"
age
1989
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m5cd5Fkk34BrtMYFCbbdXyan2uugF6o5EcYqiXHa3vx6D6LBZDEaPcS6ahNYI2ajqxcy54peZhi%2F157nX%2FpxEoJjGexPtndhVbIHuaKZriNdBFXlk6qb9fq6O5JO"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
expires
Tue, 19 Nov 2024 14:41:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35921&sent=478&recv=95&lost=0&retrans=0&sent_bytes=542837&recv_bytes=11716&delivery_rate=10331&cwnd=156000&unsent_bytes=0&cid=db1cbd8766e2fdbe&ts=4160&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:50 GMT
content-type
image/jpeg
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8e48e99b180fbbc1-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
51676
server
cloudflare
page-keywords
api.adnz.co/api/ws-semantiq/
381 B
1015 B
Fetch
General
Full URL
https://api.adnz.co/api/ws-semantiq/page-keywords?url=https%3A%2F%2Fwww.letemps.ch%2Fcyber%2Fubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes&tenantIds=1
Requested by
Host: cdn.adnz.co
URL: https://cdn.adnz.co/app-bta-feed/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df67639f4395f6dc070d01e7031c7d355ddaea54da00a10fdc4f50dade273709
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

ratelimit-remaining
99
content-encoding
br
cf-cache-status
DYNAMIC
ratelimit-reset
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O5EXie07Q%2BOe77IKNholootfDzqnXFNFkJYeH2ZLZXiOJQUDFKbqt5uj7jpznWUnsB5zWcs0luhx7TGTUSY%2BvziF83NFTcyaH4S7vIkaAcG4%2BbtdpNb31V5vL8jz"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=46114&sent=33&recv=27&lost=0&retrans=0&sent_bytes=22764&recv_bytes=7585&delivery_rate=79185&cwnd=12000&unsent_bytes=0&cid=55d2fddb02395c5f&ts=2535&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:50 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
priority
u=1,i
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
8e48e99b1f21dc91-FRA
access-control-allow-origin
https://www.letemps.ch
x-xss-protection
0
server
cloudflare
FinancierDisplay-Medium-c5118f73fa82bb2ad1271a399c4baa2ab92d80a21bc692ebc44cbe7afb994679.woff2
letemps-17455.kxcdn.com/assets/letemps/
23 KB
24 KB
Font
General
Full URL
https://letemps-17455.kxcdn.com/assets/letemps/FinancierDisplay-Medium-c5118f73fa82bb2ad1271a399c4baa2ab92d80a21bc692ebc44cbe7afb994679.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
2a0bbf5558d25d8eeb31d49b538d9500fac712afd50eca99208ff17b4423142d

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Origin
https://www.letemps.ch
Referer
https://www.letemps.ch/

Response headers

link
<https://next.letemps.ch/assets/letemps/FinancierDisplay-Medium-c5118f73fa82bb2ad1271a399c4baa2ab92d80a21bc692ebc44cbe7afb994679.woff2>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
etag
"652ced13-5d6c"
expires
Mon, 25 Nov 2024 15:14:50 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
23916
date
Mon, 18 Nov 2024 15:14:50 GMT
content-type
application/octet-stream
last-modified
Mon, 16 Oct 2023 07:58:11 GMT
server
keycdn
page-keywords
api.adnz.co/api/ws-semantiq/
381 B
1 KB
Fetch
General
Full URL
https://api.adnz.co/api/ws-semantiq/page-keywords?url=https%3A%2F%2Fwww.letemps.ch%2Fcyber%2Fubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes&tenantIds=1
Requested by
Host: cdn.adnz.co
URL: https://cdn.adnz.co/yaleo/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df67639f4395f6dc070d01e7031c7d355ddaea54da00a10fdc4f50dade273709
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

ratelimit-remaining
98
content-encoding
br
cf-cache-status
DYNAMIC
ratelimit-reset
1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LaL%2BVzD5xGR8CVBNxuGgxM6FijUSz%2FmYpg%2Feaa1bDvN6ZDipL0TiB6o%2BjFLCrGpBoNTc%2F8mVH%2B%2BJfMsx2eCu%2F2aEQDDlrJ9O7GC8H9irk9IE1s9yqhPWQQzFd7tE"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=49835&sent=35&recv=29&lost=0&retrans=0&sent_bytes=23826&recv_bytes=8068&delivery_rate=10289&cwnd=12000&unsent_bytes=0&cid=55d2fddb02395c5f&ts=2729&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:50 GMT
content-type
application/json
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
priority
u=1,i
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains
cache-control
no-cache, no-store, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
8e48e99c4abedc91-FRA
access-control-allow-origin
https://www.letemps.ch
x-xss-protection
0
server
cloudflare
favicon-32x32-e402c020650cc20144605c212c92e6710eac2f1b691aa82e13c0744caa729a53.png
letemps-17455.kxcdn.com/assets/letemps/
978 B
1 KB
Other
General
Full URL
https://letemps-17455.kxcdn.com/assets/letemps/favicon-32x32-e402c020650cc20144605c212c92e6710eac2f1b691aa82e13c0744caa729a53.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
959117bd16010dca5da3c687785db8ddab137ff55c8cbdf4c45884844341d7a7

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Referer
https://www.letemps.ch/

Response headers

link
<https://next.letemps.ch/assets/letemps/favicon-32x32-e402c020650cc20144605c212c92e6710eac2f1b691aa82e13c0744caa729a53.png>; rel="canonical"
cache-control
max-age=604800
x-edge-location
defr
etag
"652ced13-3d2"
expires
Mon, 25 Nov 2024 15:14:51 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
978
date
Mon, 18 Nov 2024 15:14:51 GMT
content-type
image/png
last-modified
Mon, 16 Oct 2023 07:58:11 GMT
server
keycdn
prebid
ib.adnxs.com/ut/v3/
442 B
1001 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adnz.co
URL: https://cdn.adnz.co/app-bta-feed/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
6b297aca98653f8aa454e7d5360ba41cf7d829606a5aa0e9d33f9b6dc668ceb4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

cache-control
no-cache
Referer
https://www.letemps.ch/
X-Is-Test
0
pragma
no-cache
Content-Type
application/json
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
80.255.7.77; 80.255.7.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.letemps.ch
an-x-request-uuid
55e39652-49e3-4d0e-9a7f-6528b1aa38a0
content-length
442
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 18 Nov 2024 15:14:51 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
prebid
ib.adnxs.com/ut/v3/
855 B
931 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adnz.co
URL: https://cdn.adnz.co/yaleo/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f85ab58fe021d2673786cd4c00d110a6abb88d03b9cb2e67b3ea13af22ff8d6a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

cache-control
no-cache
Referer
https://www.letemps.ch/
X-Is-Test
0
pragma
no-cache
Content-Type
application/json
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
80.255.7.77; 80.255.7.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.letemps.ch
an-x-request-uuid
6d938198-64e4-43cf-bc7a-183c98c0e6da
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 18 Nov 2024 15:14:51 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.23.4
batch
api.adnz.co/api/ws-events-sink/
0
671 B
Ping
General
Full URL
https://api.adnz.co/api/ws-events-sink/batch?visitorId=7105200995047473180&hash=&uid=&events=W3sidHlwZSI6IlBBR0VfSU1QUkVTU0lPTiIsImV2ZW50SWQiOjkzMDYzNjQwMjAwODU2MywicGFnZUltcHJlc3Npb25JZCI6MzA0NTY5ODYyNjgwNDU4MSwidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9jeWJlci91YnMtZXQtZHNtLWZpcm1lbmljaC10b3VjaGVzLXBhci11bi12b2wtZGUtZG9ubmVlcy1jb25jZXJuYW50LWxldXJzLWVtcGxveWVzIiwiYm9keSI6e319LHsidHlwZSI6IlJFQ09NTUVOREFUSU9OX0lNUFJFU1NJT04iLCJldmVudElkIjo2NjEwNzY4NjY0Mzk2MzIxLCJwYWdlSW1wcmVzc2lvbklkIjozMDQ1Njk4NjI2ODA0NTgxLCJ1cmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL2N5YmVyL3Vicy1ldC1kc20tZmlybWVuaWNoLXRvdWNoZXMtcGFyLXVuLXZvbC1kZS1kb25uZWVzLWNvbmNlcm5hbnQtbGV1cnMtZW1wbG95ZXMiLCJib2R5Ijp7InRhcmdldFVybCI6Imh0dHBzOi8vd3d3LmxldGVtcHMuY2gvc3Vpc3NlL2EtYmVybmUtdW5lLWFsbGlhbmNlLWluaGFiaXR1ZWxsZS1wb3VyLXNhdXZlci1sLWluZHVzdHJpZS1zdWlzc2UtZGUtbC1hY2llci1xdWktcy1lbmZvbmNlLWRhbnMtbGEtY3Jpc2UiLCJwbGFjZW1lbnRJZCI6IjY5ZTQ3NGE2LTRmNzMtNDFiNC05NTU4LTZjNTdhYjcyMTI1MCIsImJ0YUZlZWRJZCI6ImRmM2ZhMmNjLWVlMDUtNDJkNC04YjRmLTkxMWFhODUzMThiYSIsIm1vYmlsZSI6dHJ1ZSwiYWxnb3JpdGhtIjoidHJlbmRpbmctYWxnb3JpdGhtcy12MiJ9fSx7InR5cGUiOiJSRUNPTU1FTkRBVElPTl9JTVBSRVNTSU9OIiwiZXZlbnRJZCI6MjQ5MzUwMDAxMjg0NDkwMSwicGFnZUltcHJlc3Npb25JZCI6MzA0NTY5ODYyNjgwNDU4MSwidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9jeWJlci91YnMtZXQtZHNtLWZpcm1lbmljaC10b3VjaGVzLXBhci11bi12b2wtZGUtZG9ubmVlcy1jb25jZXJuYW50LWxldXJzLWVtcGxveWVzIiwiYm9keSI6eyJ0YXJnZXRVcmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL3NvY2lldGUvb24tbmUtZGV2cmFpdC1wYXMtZGV2b2lyLWNob2lzaXItZW50cmUtY2FycmllcmUtZXQtZmFtaWxsZS1ldHJlLWFydGlzdGUtZXQtcGFyZW50LXVuZS1jb25jaWxpYXRpb24tcXVpLW5lLXZhLXBhcy1kZS1zb2kiLCJwbGFjZW1lbnRJZCI6IjY5ZTQ3NGE2LTRmNzMtNDFiNC05NTU4LTZjNTdhYjcyMTI1MCIsImJ0YUZlZWRJZCI6ImRmM2ZhMmNjLWVlMDUtNDJkNC04YjRmLTkxMWFhODUzMThiYSIsIm1vYmlsZSI6dHJ1ZSwiYWxnb3JpdGhtIjoidHJlbmRpbmctYWxnb3JpdGhtcy12MiJ9fSx7InR5cGUiOiJSRUNPTU1FTkRBVElPTl9JTVBSRVNTSU9OIiwiZXZlbnRJZCI6MTUzNzU1MTA1MzU1MDAwOSwicGFnZUltcHJlc3Npb25JZCI6MzA0NTY5ODYyNjgwNDU4MSwidXJsIjoiaHR0cHM6Ly93d3cubGV0ZW1wcy5jaC9jeWJlci91YnMtZXQtZHNtLWZpcm1lbmljaC10b3VjaGVzLXBhci11bi12b2wtZGUtZG9ubmVlcy1jb25jZXJuYW50LWxldXJzLWVtcGxveWVzIiwiYm9keSI6eyJ0YXJnZXRVcmwiOiJodHRwczovL3d3dy5sZXRlbXBzLmNoL3NvY2lldGUvc3R5bGVzL21hcmlhLWdyYXppYS1jaGl1cmktZGlyZWN0cmljZS1hcnRpc3RpcXVlLWRlLWRpb3ItcG9ydGVyaWV6LXZvdXMtdW5lLXZlc3RlLXF1aS12b3VzLWVtcGVjaGUtZGUtbGV2ZXItbGVzLWJyYXMiLCJwbGFjZW1lbnRJZCI6IjY5ZTQ3NGE2LTRmNzMtNDFiNC05NTU4LTZjNTdhYjcyMTI1MCIsImJ0YUZlZWRJZCI6ImRmM2ZhMmNjLWVlMDUtNDJkNC04YjRmLTkxMWFhODUzMThiYSIsIm1vYmlsZSI6dHJ1ZSwiYWxnb3JpdGhtIjoidHJlbmRpbmctYWxnb3JpdGhtcy12MiJ9fV0%3D
Requested by
Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8
Referer
https://www.letemps.ch/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-remaining
99
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
0
ratelimit-reset
1
ratelimit-limit
100
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xmdl3US%2B7VOiJj6g9kgw%2B4pXwXKx%2Fu34h4COb1Mu7NtAJKEsxNxrFpMCaZGwpfuBauwMpHd33US3GS6umk9LWhpSMI8oB4u2CI5Iiuny4a7PcnCkXABleiTSbrxE"}],"group":"cf-nel","max_age":604800}
cf-ray
8e48e99f5cc6bbc1-FRA
access-control-allow-origin
https://www.letemps.ch
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44917&sent=525&recv=114&lost=0&retrans=0&sent_bytes=596582&recv_bytes=14909&delivery_rate=533951&cwnd=207300&unsent_bytes=0&cid=db1cbd8766e2fdbe&ts=4841&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 15:14:51 GMT
server
cloudflare
priority
u=4,i
prebid
ib.adnxs.com/ut/v3/ Frame
0
0
Preflight
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,pragma,x-is-test
Access-Control-Request-Method
POST
Origin
https://www.letemps.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
cache-control,content-type,pragma,x-is-test
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.letemps.ch
access-control-max-age
86400
an-x-request-uuid
936983eb-b957-4a47-8946-6437e1070499
cache-control
no-store, no-cache, private
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 18 Nov 2024 15:14:51 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
80.255.7.77; 80.255.7.77; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
prebid
mp.4dex.io/
66 B
422 B
Fetch
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e9a593b2e053503a82ef0205edd928d632bbc1dc35c449e4e65d2d011b6482b0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
text/plain
Referer
https://www.letemps.ch/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
expires
0
date
Mon, 18 Nov 2024 15:14:57 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-version
3.0.0-gcp-ams
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-err
Calling bidders. no bid responses
access-control-allow-credentials
true
via
1.1 google
cf-ray
8e48e9c649589765-FRA
access-control-allow-origin
https://www.letemps.ch
server
cloudflare
x-warn
Parsing the Prebid Request. int_scc_asi
fastlane.json
fastlane.rubiconproject.com/a/api/
609 B
817 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13552&site_id=554152&zone_id=3471294&size_id=2&alt_size_ids=55%2C57%2C125&gdpr=1&gdpr_consent=CQISSMAQISSMAAHABBENBPFgAAAAAAAAAAAAAAAAAADEoAMAAQVGKQAYAAgqMOgAwABBUYhABgACCowSADAAEFRi0AGAAIKjAAAA.YAAAAAAAAAAA&rp_schain=1.0,1!audienzz.ch,3454,1,,,&rf=https%3A%2F%2Fwww.letemps.ch%2Farticles%2Fubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes%2Fgifts%2FUuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP&tg_i.domain=letemps.ch&tg_i.page=https%3A%2F%2Fwww.letemps.ch%2Farticles%2Fubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes%2Fgifts%2FUuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP&tg_i.divId=adnz_wideboard_1&tg_i.placement=adnz_wideboard_1&tg_i.pbadslot=%2F96628199%2C22864112785%2Ffr_letemps.ch_v2%2Ffr_letemps.ch_1024_adnz_wideboard_1&tk_flint=pbjs_lite_v9.19.0&x_source.tid=9640e986-f0f6-4ab8-bb71-5c016320c438&l_pb_bid_id=104a41d7ee2469c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=cc1e5bf5-c002-4aa4-97d6-c43bd1b0d642&rp_hard_floor=4.5036&rp_maxbids=1&p_gpid=%2F96628199%2C22864112785%2Ffr_letemps.ch_v2%2Ffr_letemps.ch_1024_adnz_wideboard_1&m_ch_mobile=%3F0&slots=1&rand=0.7926715727012585
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 -, , ASN (),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
db0db02b3b347cabf1aa43ffc97b83e7272e8df17d35f27174c07acd10f1ad5e

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
text/plain
Referer
https://www.letemps.ch/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.letemps.ch
content-length
609
date
Mon, 18 Nov 2024 15:14:57 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/
606 B
640 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13552&site_id=554152&zone_id=3471294&size_id=2&alt_size_ids=57%2C125&gdpr=1&gdpr_consent=CQISSMAQISSMAAHABBENBPFgAAAAAAAAAAAAAAAAAADEoAMAAQVGKQAYAAgqMOgAwABBUYhABgACCowSADAAEFRi0AGAAIKjAAAA.YAAAAAAAAAAA&rp_schain=1.0,1!audienzz.ch,3454,1,,,&rf=https%3A%2F%2Fwww.letemps.ch%2Farticles%2Fubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes%2Fgifts%2FUuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP&tg_i.domain=letemps.ch&tg_i.page=https%3A%2F%2Fwww.letemps.ch%2Farticles%2Fubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes%2Fgifts%2FUuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP&tg_i.divId=adnz_wideboard_2&tg_i.placement=adnz_wideboard_2&tg_i.pbadslot=%2F96628199%2C22864112785%2Ffr_letemps.ch_v2%2Ffr_letemps.ch_1024_adnz_wideboard_2&tk_flint=pbjs_lite_v9.19.0&x_source.tid=9640e986-f0f6-4ab8-bb71-5c016320c438&l_pb_bid_id=11f242068e623f3&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=95eccd2e-c707-4e27-9ade-6030e63f22e1&rp_hard_floor=4.5036&rp_maxbids=1&p_gpid=%2F96628199%2C22864112785%2Ffr_letemps.ch_v2%2Ffr_letemps.ch_1024_adnz_wideboard_2&m_ch_mobile=%3F0&slots=1&rand=0.8209805734407676
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 -, , ASN (),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
f4eef3aedafb27ec34aecb476f2d8c3e014a434a0c2806bfd53536b5ff7b9e1f

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
text/plain
Referer
https://www.letemps.ch/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.letemps.ch
content-length
606
date
Mon, 18 Nov 2024 15:14:57 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/
606 B
640 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13552&site_id=554152&zone_id=3471294&size_id=15&alt_size_ids=9%2C10&gdpr=1&gdpr_consent=CQISSMAQISSMAAHABBENBPFgAAAAAAAAAAAAAAAAAADEoAMAAQVGKQAYAAgqMOgAwABBUYhABgACCowSADAAEFRi0AGAAIKjAAAA.YAAAAAAAAAAA&rp_schain=1.0,1!audienzz.ch,3454,1,,,&rf=https%3A%2F%2Fwww.letemps.ch%2Farticles%2Fubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes%2Fgifts%2FUuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP&tg_i.domain=letemps.ch&tg_i.page=https%3A%2F%2Fwww.letemps.ch%2Farticles%2Fubs-et-dsm-firmenich-touches-par-un-vol-de-donnees-concernant-leurs-employes%2Fgifts%2FUuWCDGiT5wDRVRWWCZAkTRzk4B3bUEmwiSJPDFCP&tg_i.divId=adnz_halfpage_1&tg_i.placement=adnz_halfpage_1&tg_i.pbadslot=%2F96628199%2C22864112785%2Ffr_letemps.ch_v2%2Ffr_letemps.ch_1024_adnz_halfpage_1&tk_flint=pbjs_lite_v9.19.0&x_source.tid=9640e986-f0f6-4ab8-bb71-5c016320c438&l_pb_bid_id=1263b571b76df9d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=dc88abef-6657-4304-aaf6-7b9f62f40a0a&rp_hard_floor=4.5036&rp_maxbids=1&p_gpid=%2F96628199%2C22864112785%2Ffr_letemps.ch_v2%2Ffr_letemps.ch_1024_adnz_halfpage_1&m_ch_mobile=%3F0&slots=1&rand=0.35901358871901246
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 -, , ASN (),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
4cda81c6d178b4f5efca53103e42fb9f27a650dea36f4695e0d608945495bcb6

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
text/plain
Referer
https://www.letemps.ch/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.letemps.ch
content-length
606
date
Mon, 18 Nov 2024 15:14:57 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
v1
prg.smartadserver.com/prebid/
358 B
566 B
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.178.195.208 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9edb89e4c33dcefd6d688506a27945a6e2b2fb860a372f160110e4e7276fbb35

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
text/plain
Referer
https://www.letemps.ch/

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://www.letemps.ch
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 18 Nov 2024 15:14:57 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
v1
prg.smartadserver.com/prebid/
358 B
566 B
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.178.195.208 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9edb89e4c33dcefd6d688506a27945a6e2b2fb860a372f160110e4e7276fbb35

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
text/plain
Referer
https://www.letemps.ch/

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://www.letemps.ch
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 18 Nov 2024 15:14:56 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
v1
prg.smartadserver.com/prebid/
358 B
567 B
Fetch
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.178.195.208 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9edb89e4c33dcefd6d688506a27945a6e2b2fb860a372f160110e4e7276fbb35

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
text/plain
Referer
https://www.letemps.ch/

Response headers

cache-control
no-cache,no-store
content-encoding
br
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://www.letemps.ch
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Mon, 18 Nov 2024 15:14:57 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding, Origin
prebid
ib.adnxs-simple.com/ut/v3/
361 B
926 B
Fetch
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
3c1332c2a1d7666d27267bef3c3ddfbeb33bdf913ee5f92a26bb56bccf4e2ad8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
text/plain
Referer
https://www.letemps.ch/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
80.255.7.77; 80.255.7.77; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs-simple.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.letemps.ch
an-x-request-uuid
0517b198-f83f-4539-b31b-5926aeba307e
content-length
361
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 18 Nov 2024 15:14:57 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
pbjs
htlb.casalemedia.com/openrtb/
37 B
562 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=970795
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2b73420fb46233fd10525e57042ae45ae715fe7d649fe6830031eeacc78d28

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
text/plain
Referer
https://www.letemps.ch/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ET3CG9jaaavC7hwqhBQCfWYF4bqcWH0w67r93r4poTwrDWUmHF4em4rOaLer41efzufp%2BJT3cJQTvkliqmOY6wmlPSf6urjyihO9tWqkzD9Jhktl34Pl1zfMKZTgD0VDv529x4Ce"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Mon, 18 Nov 2024 15:14:57 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8e48e9c67c39be63-ZRH
access-control-allow-origin
https://www.letemps.ch
content-length
37
server
cloudflare
header-bidding-request
mweb-hb.presage.io/api/
0
152 B
Fetch
General
Full URL
https://mweb-hb.presage.io/api/header-bidding-request
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.137.23.186 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
application/json
Referer
https://www.letemps.ch/

Response headers

access-control-allow-origin
https://www.letemps.ch
date
Mon, 18 Nov 2024 15:14:57 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
translator
hbopenbid.pubmatic.com/
0
112 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
text/plain
Referer
https://www.letemps.ch/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://www.letemps.ch
date
Mon, 18 Nov 2024 15:14:56 GMT
access-control-allow-credentials
true
prebid
ib.adnxs-simple.com/ut/v3/
18 KB
8 KB
Fetch
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
c809575ae6cd9a1a3be87f2e8f13aa0e654696e9d580b471b1b8c4de66a85903
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
text/plain
Referer
https://www.letemps.ch/

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
80.255.7.77; 80.255.7.77; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs-simple.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.letemps.ch
an-x-request-uuid
d3973529-e41d-4423-a28b-0524ea06e529
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 18 Nov 2024 15:14:57 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.23.4
openrtb
adx.adform.net/adx/
0
531 B
Fetch
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: pbjs.adnz.co
URL: https://pbjs.adnz.co/prebid.js?id=628
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
content-type
text/plain
Referer
https://www.letemps.ch/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
expires
-1
access-control-allow-origin
https://www.letemps.ch
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date
Mon, 18 Nov 2024 15:14:57 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
header-bidding-request
mweb-hb.presage.io/api/ Frame
0
0
Preflight
General
Full URL
https://mweb-hb.presage.io/api/header-bidding-request
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.137.23.186 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.letemps.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.letemps.ch
content-length
4
content-type
application/json
date
Mon, 18 Nov 2024 15:14:57 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| dataLayer string| site object| _pac object| _paq object| initialDataLayer function| _extends function| _typeof function| CopyToClipboard function| attachFlashClosing function| createInputValidator function| attachMenuToggling function| attachProfilMenuToggling object| FlashMessages object| ContractsSwitch object| Countdown object| Donations object| FormValidation object| webinaire object| Rails boolean| _rails_loaded function| UnobstrusiveLinks function| LazyLoad object| MicroModal function| flatpickr object| fr object| Ariato function| Hashcash function| AddressForm function| AddressFields function| DatePicker object| Account object| Article object| Collapses object| Definitions function| FollowButton function| Heidi object| Payment function| Piano function| Popin object| PopinsManager function| RegistrationPassword object| Tooltip function| TrackableElement function| Wall object| didomiConfig object| didomiOnReady boolean| gdprAppliesGlobally function| __tcfapi function| pianoStart function| GLightbox object| __forecast object| __twttrll object| twttr object| __twttr object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| htag number| audienzzCheck object| __adnz__ object| audienzz object| controller object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| __tcfapiBuffer object| assertive object| webpackChunkDidomi object| Didomi object| didomiEventListeners object| htagFloors object| DidomiSanitizing object| didomiState function| onYouTubeIframeAPIReady function| setupYaleo object| htagpbjs object| assertiveQueue boolean| _assertiveInitialized object| googletag object| ntv object| adsbygoogle object| _taboola object| OBREvents function| setupBtaFeed object| infeedLiveStyles object| adnzStyles object| grumi object| adsmtag object| win object| doc object| ggeac object| google_js_reporting_queue object| yaleo object| htagpbjsChunk object| _pbjsGlobals object| prebidEvents object| ADAGIO object| adsm object| google_reactive_ads_global_state

7 Cookies

Domain/Path Name / Value
www.letemps.ch/ Name: anonymous_id
Value: IjAxOTMzZmQ3LTI5ODItNzg0ZS1hZTQyLTdlNzVmNmVkOWE5OSI%3D--ac0cbbb986bb163f55232717d79008f89a04f74c
www.letemps.ch/ Name: SRVGROUP
Value: common
www.letemps.ch/ Name: anonymous_visit_count
Value: 1
.api.adnz.co/ Name: adnzVisitorId
Value: 7105200995047473180
.letemps.ch/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTkzM2ZkNzMtMDg2My02YTJhLWExNjUtZmMwYTc2OWUzY2Y2IiwiY3JlYXRlZCI6IjIwMjQtMTEtMThUMTU6MTQ6NDcuNTU4WiIsInVwZGF0ZWQiOiIyMDI0LTExLTE4VDE1OjE0OjQ3LjU1OFoiLCJ2ZXJzaW9uIjpudWxsfQ==
www.letemps.ch/ Name: bclk
Value: 8959199125297044
www.letemps.ch/ Name: _heidi_session
Value: V03JLDZiVpbqWgXSvqipSn3KTKMBPcI43eLAiZNJYgGZI2tzVWqLezUgF644KuQ%2FMd9XeWvNqaiEYYU69L0cU6xeejEfUpdO%2BrDd1xQu1L%2BjLo5Y9HKF2S7ZrCULGSqpp3kmdgTAzZ4x%2BEWgCYe6nYxXnwkae71l64XdfitPboYJrA%3D%3D--Zpx74Au3C7ji2WoC--FkREZ867WtcA5HBQqOFRkQ%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adnz.co
adx.adform.net
api.adnz.co
api.assertcom.de
cdn.adnz.co
fastlane.rubiconproject.com
functions.adnami.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs-simple.com
ib.adnxs.com
img.adnz.co
letemps-17455.kxcdn.com
macro.adnami.io
mp.4dex.io
mweb-hb.presage.io
pbjs.adnz.co
platform.twitter.com
pmtae6gdwwnlfghxs.ay.delivery
prg.smartadserver.com
privacy.letemps.ch
rumcdn.geoedge.be
securepubads.g.doubleclick.net
www.googletagmanager.com
www.letemps.ch
104.18.26.193
146.75.120.157
172.67.149.20
172.67.68.225
18.245.46.128
185.64.189.112
185.89.210.153
188.40.160.1
216.58.212.130
2600:9000:2491:a600:4:b37b:9440:93a1
2602:803:c003:200::21
2606:4700:4400::6812:22b2
2a00:1450:4001:811::2008
2a02:26f0:3500:3::b818:4d4e
2a02:26f0:780::5f65:3691
2a0b:4d07:102::1
37.157.4.29
37.252.171.52
46.137.23.186
51.178.195.208
65.108.134.244
91.200.144.88
01268994eb86023c835bcf17f7f968e21a150c0db3c9c7f93e21fc23e49299a1
0bca7bc4e2f529258dbb2c532ce60e753db0a5072045f8115c8509f8c2a3532c
0f3321c48bc696edcdf6815fb040528039a537710970793bc1a135ad1355b4b9
1061f1ba1712b0ff081edb16c1c202e8c2638a1e2171225cacc002dcb42a418f
122ea4f8eeb62f1b6eb28e376a3746c38711f31201c6868921f47c4f9a4bfb75
12a2b82437bea719a4967ce9aef5c8beb35d91fb63dc1f7e2bf6ec0995edf03b
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
2a0bbf5558d25d8eeb31d49b538d9500fac712afd50eca99208ff17b4423142d
2af8b2aa93e899c21ce0f18d34732061a53955d231ee2bd3bdf3cc766b0d5102
2ca3f9a76d15953dfc66576fd8b38ee4a4776559f58789af99bc751bfb1f9c5d
2d1c0ffca41cde94cd16b495d1e0e3488ee1596f2966b739371e897057f014e1
2e6d5b1bec6ea4d4b654c21934a5f3eea1b973e1031142c64de286d1d1d89553
30378b25017db4018bfd3c144a033298ea435eb628bba1476e65c1fc3f8d3c78
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
339d73e06494ad1e92cd5d416fcfdff12d34eda11197b97e7e43e46dbdc8b235
3b18f864a106a82398b0950cf357a548f6275447a1d5907c5f2b449d13c3f2dd
3c1332c2a1d7666d27267bef3c3ddfbeb33bdf913ee5f92a26bb56bccf4e2ad8
482cfbf2be29fbc8f710aefacdb6197d9a64e71937181ab7396778c950cefc27
48bae514478cd87f735c9356dd06003f56adee48f59c572ca5bd3ba6350b7501
4cda81c6d178b4f5efca53103e42fb9f27a650dea36f4695e0d608945495bcb6
4da2e7913f2cb8aacc630b50230e40eb166845bd4efd8e83e869072b05d32027
53a38cf7a807e41c9d0c005e9817d18711eb31247ebf124a4cf83132d9b38c3f
5d7be6f59fe99ff493b48c1ff9bb7cad6d8d13b5abf62a009e8f08fb07ad45d2
68fb57f8c30d7a1eef477b414ea43c1f2931d8abccd3589910418265f562e35c
6b297aca98653f8aa454e7d5360ba41cf7d829606a5aa0e9d33f9b6dc668ceb4
6d57602f3f3ae2fbf700388d47329b837c26867fadb4c3322d3f9ce3acf3c6e3
7360deafcad06168f3e21ff91c06f0b1139d2ff980f2002ce056cc1ea63b114f
7aac709df210dc768bf29682d46aac397de0c697affbf8c73f922876b667cf5d
7d4df6c28c7fac526bd1a00438e01b73b463fd4b96928f33676e7e68878c4296
7f06e689aa1d08bdc9a50b185c3fc221ca08cd72080c36e728d2d5299720eb80
921357c4c0ba2f3af0eee732036ea1fcf85b4f2aca2807f127d0544765a9f7f8
959117bd16010dca5da3c687785db8ddab137ff55c8cbdf4c45884844341d7a7
964f0c8b0425307b2c6d88c8858555a1954ae40cd08736421ff1a23857cfeb86
9d4e9229bfbef9e2e33a3b5843dbd86849c9d5e6d75d4922a6b6cb08ec6d4619
9e9558fe12b61a71d65a039cd3348fe2572cb55fbe72eaa19e1ac34b51d35054
9e9e4d41fa7c52b403a8c6372e34a5d5cd314fd19c20852789dba698382e5a09
9edb89e4c33dcefd6d688506a27945a6e2b2fb860a372f160110e4e7276fbb35
9efc2548f52f0edcbed6ea10ac5a419cb54390247a8a5d84a738479804c060e1
a4fe5366cb385500ae891df4051cf3355b56f27bb9c2d18150a5a89c6a701aa1
aa628d0d24e4945134dba6edfeb80695f9b852e80f57300b112d801570f5b6a3
aa992020eee169aa2446e65b03f28daa375ce901efb19021a38a8b0140b52752
ab861dc170dc2e43224e45278d3d31a675b9ebc34c9b0f48c066ca1eeaed8ee6
bd2b73420fb46233fd10525e57042ae45ae715fe7d649fe6830031eeacc78d28
c809575ae6cd9a1a3be87f2e8f13aa0e654696e9d580b471b1b8c4de66a85903
cca689d63f6cc503de5e9197857805839e2c4a01d5cf4d5e67ee5c7e81f539fa
d140cb3c2874f8c61827b8948165c46b9e74c1e146c62da60283b8dba23f332c
d42f6624dc19e1dfeee7e18a156d6eb639f8c8c0558cf2683654650c1f82d508
d49812d3523e9d003c540b4f2db78536c268a801ce28814658edde0b976ea70b
d60521972d02eadbbb437f2e130f253090be665aef5e9aebe2baa79bfeae65c9
db0db02b3b347cabf1aa43ffc97b83e7272e8df17d35f27174c07acd10f1ad5e
df4d4a655954ce0076908056c07e93f2ef7141a140c7a67cda0f9d021d775314
df67639f4395f6dc070d01e7031c7d355ddaea54da00a10fdc4f50dade273709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e0127e8e63c20def799bd1d26ddbbd68542b6b61e24f4d9c2e260c1de730ba
e89bb9961d6387c6f4801d5f37cb29d4777d91cc4bfb8fe02891206f8dac5bba
e8c7efc72d2be48f34dae8f69cb38154e8c15f3b317f1848f4f8e10a92c594e9
e9a593b2e053503a82ef0205edd928d632bbc1dc35c449e4e65d2d011b6482b0
f4db051fbdbba14411f013be0026c050855caa68b46d46871a1a5f0d31069d4c
f4eef3aedafb27ec34aecb476f2d8c3e014a434a0c2806bfd53536b5ff7b9e1f
f72109916a218c3c447c06dd1c02ad97523a4a1ea79c804607044763afaf5dea
f85ab58fe021d2673786cd4c00d110a6abb88d03b9cb2e67b3ea13af22ff8d6a
fcaa7675aa085c5db7619b17b17293ca0decf68e01d08ec2b8006b5f9f5c61af