URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Submission: On December 22 via api from US — Scanned from CA

Summary

This website contacted 30 IPs in 2 countries across 17 domains to perform 106 HTTP transactions. The main IP is 2606:4700:20::681a:2b8, located in United States and belongs to CLOUDFLARENET, US. The main domain is today.lorientlejour.com.
TLS certificate: Issued by WE1 on October 30th 2024. Valid for: 3 months.
This is the only time today.lorientlejour.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
7 2600:1408:c40... 20940 (AKAMAI-AS...)
14 172.67.75.16 13335 (CLOUDFLAR...)
1 11 142.251.167.157 15169 (GOOGLE)
3 67.43.6.132 32244 (LIQUIDWEB)
4 157.240.229.1 32934 (FACEBOOK)
3 172.253.115.106 15169 (GOOGLE)
2 142.250.31.156 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 142.251.163.94 15169 (GOOGLE)
3 31.13.66.35 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.167.156 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3.167.69.97 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 162.19.138.83 16276 (OVH OVH SAS)
1 52.54.3.156 14618 (AMAZON-AES)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 142.251.163.132 15169 (GOOGLE)
8 142.251.163.155 15169 (GOOGLE)
1 142.251.16.156 15169 (GOOGLE)
9 142.250.31.100 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
1 172.253.115.105 15169 (GOOGLE)
106 30
Apex Domain
Subdomains
Transfer
20 lorientlejour.com
today.lorientlejour.com
s.lorientlejour.com
356 KB
18 googlesyndication.com
fd73923d42482a3d0dec7b5221f2ed3c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
323 KB
16 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
td.doubleclick.net — Cisco Umbrella Rank: 182
239 KB
15 google.com
www.google.com — Cisco Umbrella Rank: 3
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
76 KB
7 typekit.net
use.typekit.net — Cisco Umbrella Rank: 460
160 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
418 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
151 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
209 B
3 whitebeard.me
analytics-cms.whitebeard.me — Cisco Umbrella Rank: 997437
37 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1010
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
13 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1004
id5-sync.com — Cisco Umbrella Rank: 533
30 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
2 google.ca
www.google.ca — Cisco Umbrella Rank: 11557
128 B
1 gstatic.com
csi.gstatic.com
532 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
33 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 4220
4 KB
106 17
Domain Requested by
15 s.lorientlejour.com today.lorientlejour.com
s.lorientlejour.com
12 securepubads.g.doubleclick.net 1 redirects today.lorientlejour.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
11 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
ajax.googleapis.com
today.lorientlejour.com
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
7 use.typekit.net today.lorientlejour.com
5 www.googletagmanager.com today.lorientlejour.com
www.googletagmanager.com
5 today.lorientlejour.com today.lorientlejour.com
s.lorientlejour.com
4 www.google.com www.googletagmanager.com
today.lorientlejour.com
securepubads.g.doubleclick.net
ep2.adtrafficquality.google
4 connect.facebook.net today.lorientlejour.com
connect.facebook.net
3 www.facebook.com connect.facebook.net
today.lorientlejour.com
3 analytics-cms.whitebeard.me today.lorientlejour.com
analytics-cms.whitebeard.me
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
2 www.google-analytics.com www.googletagmanager.com
2 www.google.ca today.lorientlejour.com
2 td.doubleclick.net www.googletagmanager.com
2 googleads.g.doubleclick.net www.googletagmanager.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 fd73923d42482a3d0dec7b5221f2ed3c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
106 26
Subject Issuer Validity Valid
lorientlejour.com
WE1
2024-10-30 -
2025-01-28
3 months crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-12-10 -
2026-01-10
a year crt.sh
*.g.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
analytics-cms.whitebeard.me
R11
2024-11-20 -
2025-02-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-30 -
2024-12-29
3 months crt.sh
*.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.google.ca
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
id5-sync.com
WE1
2024-11-28 -
2025-02-26
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2024-09-07 -
2025-10-07
a year crt.sh
cdn.prod.uidapi.com
Amazon RSA 2048 M03
2024-11-20 -
2025-12-20
a year crt.sh
tpc.googlesyndication.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
adtrafficquality.google
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh

This page contains 12 frames:

Primary Page: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Frame ID: A69FDFC9AC7048DB44BAC71FBAD54573
Requests: 77 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11396534268?random=1734833476158&cv=11&fst=1734833476158&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170774070za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&hn=www.googleadservices.com&frm=0&tiba=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&npa=0&pscdl=noapi&auid=965319092.1734833476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 6A165F760384B97CD037475885440E5F
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Ftoday.lorientlejour.com
Frame ID: E1225B7F9F598906981A971C4F874B99
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/AW-871009748?random=1734833476362&cv=11&fst=1734833476362&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8893484611za201zb893484611&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&hn=www.googleadservices.com&frm=0&tiba=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&npa=0&pscdl=noapi&auid=965319092.1734833476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: D8633AB0FC892D8D4FB199E60E9B6413
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: B5E67273EF372E24A640BEBFC60B0AC0
Requests: 1 HTTP requests in this frame

Frame: https://fd73923d42482a3d0dec7b5221f2ed3c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AC7B114DAA3CB7F103902FF80584779E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite_fy2021.js
Frame ID: 4277FC3693019DB497E89F9065A281C0
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/15107697551333490108
Frame ID: 8FC39016FEAFE9ED8DC77F0A652C7352
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2_2rAuL5ynn4F_N8neJwbsMLtKjwPrGMBf3b1Zwm9qdy2a96DVQBC-zJ9JSH-JOdpqiEl78iercUL7nZj5YhcrOWan1LJN2J_R8zul8gKaI0MDvEIFwEJZw8M4lNI4xSFzR6FUL2f2d-OLH1QfLTn2XQpj7xWNGefkr8nX_XaLh5ghyzaj-40zvsaZ7RtcLVuMwkCKBVqOFnfCsjnau2jEsiucRiuJ7bq_JniXsvzYxpA6FViis4GZhJ8h8udAOCQQ6ZBrm3BPddSC1mUvEvTAyeXqqz8xia4P4WM1z1fthYDEw55uzhVNPDIUIj3whE9LlGp6nfGzgbG3u-fDba6JV_C3T14bPToZHMB7PkNh6oi-1ro7tcyj3x6oqZ0N8zEeSMIHFiGQBic80QE_bbGCTZVWhZRdhnP9PWtSGE&sai=AMfl-YTAuEPIegGtbHX7hlaffULxoE8HC6JKbKxJKVFcoW9iUKoBTfbj2oGrMfwo350xvUi2C3ouE40_LLF0_J4CCtbLwsTmCZujJez7RslIixtHxsl0eHULvKE_NYY&sig=Cg0ArKJSzGMxcl0wQlmcEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D6BF149142A6A751318155B5EBBA8EF2
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM24x7WpCz7RtO4a0BrZ7DOp7Q1m5CWBODn3GFzECLqMiJ-FkEFZVfpq2y-5v6zAhSZru5xZpBfx2MBDN38cL7nAfhEeAzTzUIBp2f_ODWfkOdbDbxujwT_mO4lVKFffiDQR-lkncZNi4aTB1uO4zyBTGD86WU_JXcdsW5NNUrRxNl6apRnA71BE9aGVfA_FPqBG5vHWdTJB1VN7gNf6aY2B5xAzTiSsh8SE-BuDYXoCaJIOWkVY8fEuYtUHDacqr9S9M_igThzJU3iHezojRniQVH6iYIKW9dPLj8D-JSvOwXZG16c5mqEJ08uNB5jwWl6RmS10AG68CEO-6TZVokWXCYR2lY4Dr7coLDKLcVYPe7gTVuGoQ1jkezVAm-6kqX0DhiYkyDenwtYjdW&sai=AMfl-YSd1SFDyo9LJMoKgw_3kLoQCjxWfWVAvZrWVNbGZlrIu_ox1MIpW4ydn2T6NXKY-hvnFYmX3qDwiHn1ow_vUlS7hzBYIzyH1b_mga9IfZ34yRsWsVERAkjwBzf0&sig=Cg0ArKJSzFKgYuLaagaNEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: C364DCD5C9ABEC52A57F379A4378FBB4
Requests: 10 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 7F7DD8ADE0CF1AFF33F6ED7765503346
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE35AF9658BAC1D8721AAED6BFF67534
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Financing Hamas: The Central Bank seeks to reassure the US Treasury - L'Orient Today

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

106
Requests

97 %
HTTPS

41 %
IPv6

17
Domains

26
Subdomains

30
IPs

2
Countries

1862 kB
Transfer

5438 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBz6x6BLhhMkspEhz0PTbujaQMerIHE3mlHqxU57w5Tb9gvkzKSYCqW7eHyuRNwWmSE50ruIRn7tpIG0GaaXUfbj4qC95gzBgpJ0NPzh2f--33T55w03dUTVn1mgFC83VeAVI89hDeKepOClV25UUWKJMsF45TH_OjwJjF882l5ocSEhVxsc3fgJXmKeLEQKvvdBFSs4IOSqqpaWukNc5jgVC6fITkPkBDY8XWj3fSRbCjE7Bqub8omdnaV1RPmr7f-ETO-2j_JXDwx-JNBEArRYtZtXIBh6GQFMXQi2zbsHwA92JW6-qGOe9Z3F0PPAzCDO34FPveB5upSLwSxObsI0NrKntfhVY6HCFHV8YTZ8oLUF2QPqH63s_X8tDrVpGLBHTYMiRNBgrDh6yRhkByb_RdVJdiXXS1TMd4s2juycddX1E-q3szQTStiQ&sai=AMfl-YRMOZvFQlx55M8n6OK-_tnX-pFD4wE4EU5gvKzjHxhiXBCjHOsPxyFTRwuE8hwm9UWHD41k9NoJgW5du6Kl9TUjNPtbHwxurH7iL2BeRpYR8TvwX5UmAv4ujHAn&sig=Cg0ArKJSzD0g5z0FPUu1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/1917181021151450070? HTTP 302
  • https://tpc.googlesyndication.com/simgad/1917181021151450070

106 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
today.lorientlejour.com/article/1371183/
65 KB
14 KB
Document
General
Full URL
https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92cdfb56ad533931ac52dfacc292fc775073071ceec4d52feccdb8f1fb3d7762
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f5c9486682aa302-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 22 Dec 2024 02:11:15 GMT
expires
Mon, 20 Dec 1998 01:00:00 GMT
last-modified
Sun, 22 Dec 2024 02:11:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jwXzVlWJaPd1ujFp83VOIGH9vvj%2FzZG6xkDvd%2FA8XEAK0A6RXn6nQBCHgK16I774zH6B2e2d0mOrsmLY8AgKXA3E%2B77ljwtMZ8BtdDMewRceJcXvvrMdzNtbI0yutkMX%2F79j%2B5wcLaUx%2BgrHrkzNRirrr4hE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=18136&min_rtt=18098&rtt_var=2891&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4005&recv_bytes=2458&delivery_rate=214226&cwnd=253&unsent_bytes=0&cid=3136594724cdb17c&ts=385&x=0"
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/
257 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11396534268
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4af8ceabdad8c1dccf98a6a33c3d9a1135255bcf318fb91fbb507c4915134679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 22 Dec 2024 02:11:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:15 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 22 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
93685
x-xss-protection
0
server
Google Tag Manager
l
use.typekit.net/af/9db33c/00000000000000003b9ae88c/27/
25 KB
25 KB
Font
General
Full URL
https://use.typekit.net/af/9db33c/00000000000000003b9ae88c/27/l?primer=51e46510a8bcdb92fa139186fdd3d43fc0ac4348ee92477ba51cd46504e98815&fvd=n6&v=3
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
805456b402f91c0e88103fd2b7e6d4ffc94af54f17ab0447dbdf52e09086cc63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://today.lorientlejour.com
Referer
https://today.lorientlejour.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"228195066ba9c4cedb1ebde7ca8877941b803c00"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
25688
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/affdf5/00000000000000003b9b0328/27/
25 KB
25 KB
Font
General
Full URL
https://use.typekit.net/af/affdf5/00000000000000003b9b0328/27/l?primer=51e46510a8bcdb92fa139186fdd3d43fc0ac4348ee92477ba51cd46504e98815&fvd=n4&v=3
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
93e47eeadf8624071da56650de743c8cdc5254c6e088e5cd5692d07f0270f86c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://today.lorientlejour.com
Referer
https://today.lorientlejour.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"98a0ad2e4da068cf8fd44de9c9a2b8aad7bde0bb"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
25844
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/67187a/00000000000000003b9b032a/27/
26 KB
26 KB
Font
General
Full URL
https://use.typekit.net/af/67187a/00000000000000003b9b032a/27/l?primer=51e46510a8bcdb92fa139186fdd3d43fc0ac4348ee92477ba51cd46504e98815&fvd=n5&v=3
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
f907d2eaa76dd74e2c280d8bb75bdf7d11158beb71ed8c49b4ddbe5ce33e9188

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://today.lorientlejour.com
Referer
https://today.lorientlejour.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"2e54fbec33a08fc13224b84a6ea732ee4f57596a"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
26296
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/b5ce2a/00000000000000003b9b032d/27/
25 KB
26 KB
Font
General
Full URL
https://use.typekit.net/af/b5ce2a/00000000000000003b9b032d/27/l?primer=51e46510a8bcdb92fa139186fdd3d43fc0ac4348ee92477ba51cd46504e98815&fvd=n7&v=3
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
1480de584a99981871f8c7fdf53d69a62966e8d8800bc7f71473f38918406b4c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://today.lorientlejour.com
Referer
https://today.lorientlejour.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"220c6e7524a032c89a38b9f521ba6a80fa3a50ac"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
26016
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/5a2c6f/00000000000000003b9ad13c/27/
19 KB
20 KB
Font
General
Full URL
https://use.typekit.net/af/5a2c6f/00000000000000003b9ad13c/27/l?primer=51e46510a8bcdb92fa139186fdd3d43fc0ac4348ee92477ba51cd46504e98815&fvd=n5&v=3
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
2e482a7d6469fb8b67d0a44364612a723729cac2a461fb4bc71ac9c05e55cd35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://today.lorientlejour.com
Referer
https://today.lorientlejour.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"e2d01b1ae19426688821a65ebb943631bd03dcb4"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
19856
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/3f03c1/00000000000000003b9ad13e/27/
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/3f03c1/00000000000000003b9ad13e/27/l?primer=51e46510a8bcdb92fa139186fdd3d43fc0ac4348ee92477ba51cd46504e98815&fvd=n7&v=3
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
020af8803a7f1fa525b22c646905ca2ff2a9c4fd6ef369644641a84f53e0458c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://today.lorientlejour.com
Referer
https://today.lorientlejour.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"8214e770e4f9c591d453c9caf1c344c235059c65"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
19568
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/e10446/00000000000000003b9ad13a/27/
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/e10446/00000000000000003b9ad13a/27/l?primer=51e46510a8bcdb92fa139186fdd3d43fc0ac4348ee92477ba51cd46504e98815&fvd=n4&v=3
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
99997424c8c9530d4e4422498fdcbbc21043ef4a10bb9bae8cfdd277f75a11cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://today.lorientlejour.com
Referer
https://today.lorientlejour.com/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"2dc4e1120648157c3e4eba4c3b091f8057e3edd6"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
19268
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/font-woff2
server
nginx
fontawesome-webfont.woff2
s.lorientlejour.com/assets/css/fonts/
75 KB
76 KB
Font
General
Full URL
https://s.lorientlejour.com/assets/css/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://today.lorientlejour.com
Referer
https://today.lorientlejour.com/

Response headers

cf-cache-status
HIT
etag
"65f07406-12d68"
age
20430981
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Pyw48xrMsbxjaN2ceHmUoLjqDQaJ0bqJZ545LloiO0gAsAZ9sf2XY3mjYNYtZMyUFcpmvJc5ytAgPHWnMveGaxSeBg9%2FKC5rw3AY3LhHGQUjVIxB7v8ePGLPXzh8UFUUgntfRo%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 12 Apr 2025 12:23:52 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24470&min_rtt=24452&rtt_var=9206&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4263&recv_bytes=5566&delivery_rate=123409&cwnd=12000&unsent_bytes=0&cid=e189e8c389dcf872&ts=63&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 02:11:15 GMT
content-type
font/woff2
last-modified
Tue, 12 Mar 2024 15:25:58 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c9488dd09ac78-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
server
cloudflare
jquery-1.11.2.min.js
s.lorientlejour.com/assets/js/
94 KB
34 KB
Script
General
Full URL
https://s.lorientlejour.com/assets/js/jquery-1.11.2.min.js
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"65f07407-176bb"
age
51059
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C4KC7kIp%2B4nqX%2F2SFLvTkubLl4Y2rT%2BTbwtbRnXw76N3piNdfNMZJ8fuuK%2FI9nv0sAvhbA%2BPJXTQcB6Vdsr%2F59joknC0gbz%2F4b8MMz3M98WttgFy6TWO76l4twRcZZxKY1un%2F7HlIAbXb%2Fg4%2FUCJSTI%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 29 Nov 2025 06:07:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=20240&min_rtt=18098&rtt_var=3738&sent=59&recv=35&lost=0&retrans=0&sent_bytes=53099&recv_bytes=3390&delivery_rate=629883&cwnd=257&unsent_bytes=0&cid=3136594724cdb17c&ts=492&x=0"
date
Sun, 22 Dec 2024 02:11:15 GMT
content-type
application/javascript
last-modified
Tue, 12 Mar 2024 15:25:59 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c94888b34a302-YUL
server
cloudflare
english.js
s.lorientlejour.com/assets/js/
128 KB
24 KB
Script
General
Full URL
https://s.lorientlejour.com/assets/js/english.js?326
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e34abfde20bc175c538ca66480a6ff5091dba3edbf93555951ff06bc331b109d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"674f0367-20026"
age
1601843
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tdMZQo3TouLjaJae0sARByEHc8b26ebL8g1LzP1xH1aCwKuJnL1rmCuqzsatfbE6jtjrQPfDchSX99y90u7Ii8uCcEtpoOZVfoBALDjbdzQvpKI0%2FC9Qkp6W7o%2F6gqVeai25FVxcBAeOKf41vpiR7v8%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 03 Dec 2025 13:11:13 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=20240&min_rtt=18098&rtt_var=3738&sent=36&recv=35&lost=0&retrans=0&sent_bytes=28330&recv_bytes=3390&delivery_rate=629883&cwnd=257&unsent_bytes=0&cid=3136594724cdb17c&ts=489&x=0"
date
Sun, 22 Dec 2024 02:11:15 GMT
content-type
application/javascript
last-modified
Tue, 03 Dec 2024 13:11:03 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c94888b31a302-YUL
server
cloudflare
main.css
s.lorientlejour.com/assets/css/
630 KB
83 KB
Stylesheet
General
Full URL
https://s.lorientlejour.com/assets/css/main.css?1061
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efe486ab763ebe7206f11ad2a22dc927fc62cc5032ca4bbd82403ee0e3c04f66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"675833f5-9d972"
age
999755
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bN%2FPGynF4hpNaB21l%2FFT1iCrnJx7M72Hl5wL8mx00qYOs2%2Bi8BEoYB6ZFMX7q6O5PSwDdPMb5d6lZk36r4Jtb3hdOT3MBhHhC3u0MBQ2iBl8GdXlvdbalhj31WL0O%2FaeittHTAWIeozPxIH4sLhXnYU%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 10 Dec 2025 12:28:40 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=20240&min_rtt=18098&rtt_var=3738&sent=90&recv=35&lost=0&retrans=0&sent_bytes=88296&recv_bytes=3390&delivery_rate=629883&cwnd=257&unsent_bytes=0&cid=3136594724cdb17c&ts=502&x=0"
date
Sun, 22 Dec 2024 02:11:15 GMT
content-type
text/css
last-modified
Tue, 10 Dec 2024 12:28:37 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c94888b2ea302-YUL
server
cloudflare
special_syrie_en.png
today.lorientlejour.com/assets/images/
9 KB
9 KB
Image
General
Full URL
https://today.lorientlejour.com/assets/images/special_syrie_en.png
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a3273cdf57ec7f176f24e8e178a113411fcb5a2478d941125daf5cf5aa0ed31
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html

Response headers

cf-bgj
imgq:85,h2pri
etag
"5329-628e97f3124d7"
age
1000112
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1j%2BJVgUpx5OXNfZ6IqZvJigIqBeUXJ7TbHJ%2BX37MNxh5c5hm2gxjbqlilWwQnO9seH%2FXH7%2BZzC3idWLHm9rV6L2Mno1MFDsfjtUAaifw0kHeZTL8M3tZz%2BDFaueGuY7uiHXSCDihWggs1xZu44P%2BKqKrmCc"}],"group":"cf-nel","max_age":604800}
expires
Thu, 10 Dec 2026 12:19:50 GMT
cf-polished
origFmt=png, origSize=21289
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18382&min_rtt=18098&rtt_var=126&sent=25&recv=26&lost=0&retrans=0&sent_bytes=18606&recv_bytes=2983&delivery_rate=589576&cwnd=257&unsent_bytes=0&cid=3136594724cdb17c&ts=434&x=0"
date
Sun, 22 Dec 2024 02:11:15 GMT
content-type
image/webp
content-disposition
inline; filename="special_syrie_en.webp"
vary
Accept
last-modified
Tue, 10 Dec 2024 12:19:46 GMT
x-frame-options
SAMEORIGIN
cache-control
max-age=63072000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c94883a94a302-YUL
accept-ranges
bytes
content-length
8878
server
cloudflare
Mansouricopy_112892.jpg
s.lorientlejour.com/storage/attachments/1372/Mansouricopy_112892.jpg/r/1200/
32 KB
33 KB
Image
General
Full URL
https://s.lorientlejour.com/storage/attachments/1372/Mansouricopy_112892.jpg/r/1200/Mansouricopy_112892.jpg
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aefdeef5b7b962fb7f98b6c6c5005b78541c99070ed3aa6b12a519629ddafc0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cf-bgj
imgq:85,h2pri
etag
"65f03fce-8bbc"
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3eE0WZz02qM%2F3CslGzdGwWu58I50Hmh%2BVXivu8vm%2B66UwJCFaalqE9HSqF86BVclcyw2MFuNKIwfY70yYN2AxwWtJXJ4T7qNuahEL69O%2BJeitLbHHpcAUkY7NoqtHxwP0SNoVyceNg4nQ1Y6QLqDhZs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 21 Dec 2025 07:10:46 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=35772
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18570&min_rtt=18019&rtt_var=170&sent=158&recv=60&lost=0&retrans=0&sent_bytes=173944&recv_bytes=3390&delivery_rate=3260159&cwnd=257&unsent_bytes=0&cid=3136594724cdb17c&ts=514&x=0"
date
Sun, 22 Dec 2024 02:11:15 GMT
content-type
image/webp
content-disposition
inline; filename="Mansouricopy_112892.webp"
vary
Accept
last-modified
Tue, 12 Mar 2024 11:43:10 GMT
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c94888b35a302-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
32526
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/
104 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
1e0acb9522810df9c871be9222afb132553d87c868c5266f3ef119d85ac56a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
etag
29 / 20079 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 02:11:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33678
x-xss-protection
0
server
cafe
container_32fy1n2K.js
analytics-cms.whitebeard.me/js/
152 KB
37 KB
Script
General
Full URL
https://analytics-cms.whitebeard.me/js/container_32fy1n2K.js
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.43.6.132 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1289f5765c9e21f74deabc370dae5df831639287dda20035ca05ab320071e582

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000, public
Content-Encoding
gzip
ETag
W/"67473b66-261bf"
Pragma
public
Connection
keep-alive
Expires
Tue, 21 Jan 2025 02:11:16 GMT
Access-Control-Allow-Origin
*
Date
Sun, 22 Dec 2024 02:11:16 GMT
Content-Type
application/javascript
Last-Modified
Wed, 27 Nov 2024 15:31:50 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
gtm.js
www.googletagmanager.com/
352 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TPWR8DB
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4592d6459d1a18604e9e647f1cc975601fb6c9f073a36d8f66d1cc7fd50c177
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 22 Dec 2024 02:11:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 22 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107327
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-1tY7fhmu' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-1tY7fhmu' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=6578, tp=12, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
/8EJs3btc50HMO89vItP93dzctgqeqZjPgO8PS4RAu1aKbt+If6jkQVjErLpH1YshaKmZaAvnv8cqV2z2Gm2HQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
all.js
connect.facebook.net/fr_FR/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/fr_FR/all.js
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
360a5a8f3054f512e98eeaf7c8aa534bef3038f403ce495850179a45466eab36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-md5
hSilMiv1VTWHPKRhjcrQbg==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"47b2c7d29553c57baf06682d35e3f88d"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 02:27:01 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
681496c66530e78ab8ec7f3786c1dba7
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4530, tp=10, tpl=0, uplat=1, ullat=-1
x-fb-debug
SlKzNX2rqpQO1wXharEc14Fks12k2gGnbTgEl6YabCIrR8dPS+g6gCCoLTW8LFq3rESVDg13PQeBl+R+076uQg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1686
origin-agent-cluster
?1
icons-sprite.png
s.lorientlejour.com/assets/images/
3 KB
4 KB
Image
General
Full URL
https://s.lorientlejour.com/assets/images/icons-sprite.png?1
Requested by
Host: s.lorientlejour.com
URL: https://s.lorientlejour.com/assets/css/main.css?1061
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f5e96e6261892f12de1e546a16c9340928bfe52a3e5d77c220a7889678d48b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s.lorientlejour.com/assets/css/main.css?1061

Response headers

cf-bgj
imgq:85,h2pri
etag
"65f07407-1ed4"
age
1884662
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8RELRC2oj8HRkzFKqG23zejomMUc1nXWHIT%2B74A5gxUqiocbsoun19W3uSjARX%2BvKML9aETmd880Tl38j5I9Tgh4OJjzKOk5zdxA%2FHz6SOTfmdUnns366BsQjGVBEdgp7wxZF9g%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 29 Nov 2025 02:45:19 GMT
cf-polished
origFmt=png, origSize=7892
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24573&min_rtt=24371&rtt_var=4182&sent=23&recv=12&lost=0&retrans=0&sent_bytes=16313&recv_bytes=6148&delivery_rate=554&cwnd=12000&unsent_bytes=0&cid=5c6f17a4981f3435&ts=144&x=1", cfExtPri, cfHdrFlush;dur=24
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
image/webp
content-disposition
inline; filename="icons-sprite.webp"
vary
Accept
last-modified
Tue, 12 Mar 2024 15:25:59 GMT
priority
u=3,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c9489590d54af-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2904
server
cloudflare
today-logo.png
s.lorientlejour.com/assets/images/
23 KB
24 KB
Image
General
Full URL
https://s.lorientlejour.com/assets/images/today-logo.png?1
Requested by
Host: s.lorientlejour.com
URL: https://s.lorientlejour.com/assets/css/main.css?1061
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bc85979a0b8a074a3bd2b3bc1a28c14692265385f966aff2c97d38d1bb6136f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://s.lorientlejour.com/assets/css/main.css?1061

Response headers

cf-bgj
imgq:85,h2pri
etag
"65f07407-c850"
age
21396187
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=86697UPr98TzTBKW%2BVyU2TmkzNkex8NQsc3je1EKK%2F195nuxBQholcpQHeGtvUlv1qtaguowWzQZgsscUIAp6Q5246afzmUkcJQxfQ6%2FfmIv%2Beah0xpglDGxS32boDz0tsXu9Nc%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 17 Apr 2025 21:43:51 GMT
cf-polished
origFmt=png, origSize=51280
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24573&min_rtt=24371&rtt_var=4182&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4313&recv_bytes=6148&delivery_rate=554&cwnd=12000&unsent_bytes=0&cid=5c6f17a4981f3435&ts=143&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
image/webp
content-disposition
inline; filename="today-logo.webp"
vary
Accept
last-modified
Tue, 12 Mar 2024 15:25:59 GMT
priority
u=3,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c9489590e54af-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
23514
server
cloudflare
donation_banner_ot
today.lorientlejour.com/api/
35 B
1 KB
XHR
General
Full URL
https://today.lorientlejour.com/api/donation_banner_ot
Requested by
Host: s.lorientlejour.com
URL: https://s.lorientlejour.com/assets/js/jquery-1.11.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a19417eca76b300ff0a852b0199ee1c440a92c2e09ddc8fb01b517c77e51e68
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dygrj9dgBLwlo361O9FKHNdajapCEQ%2FBGRO48Tak7q9ZIgfoo05R09wWRXHhf66dqjRjbIf6z20oCNPLPbn2wQha4NqQlaHZ%2Fy6lO02Ox46UReMt2P%2FTPzjTbaeaIczmK6x0eknxRcEq"}],"group":"cf-nel","max_age":604800}
expires
Mon, 20 Dec 1998 01:00:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24701&min_rtt=24506&rtt_var=3084&sent=15&recv=13&lost=0&retrans=0&sent_bytes=6550&recv_bytes=6388&delivery_rate=7783&cwnd=12000&unsent_bytes=0&cid=ab60411f78b26e76&ts=467&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
text/html; charset=UTF-8
last-modified
Sun, 22 Dec 2024 02:11:16 GMT
priority
u=1,i
x-frame-options
SAMEORIGIN
cache-control
no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8f5c9489bde236cf-YYZ
server
cloudflare
article.php
today.lorientlejour.com/
55 B
1 KB
XHR
General
Full URL
https://today.lorientlejour.com/article.php?action=paywall&id=1371183
Requested by
Host: s.lorientlejour.com
URL: https://s.lorientlejour.com/assets/js/jquery-1.11.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d0c4ed1924cb1c1e05184cc6c3faf225cbe18983630ece2db8809e90d4e051c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RHOwFhTBKUeI44BKwRwWXxUpeejFQ1Y%2FyxD1X9KmmTO5PniCumHTiUbVcpxcKHpMsuKXNMGHPdyG3DtZvZdRnYmzNTif6i8PygxtEvNPamoGYoXYUR6NuJB%2BqaQ3rO6W2JwBy8dBt2tl"}],"group":"cf-nel","max_age":604800}
expires
Mon, 20 Dec 1998 01:00:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24661&min_rtt=24506&rtt_var=4005&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4314&recv_bytes=6344&delivery_rate=562&cwnd=12000&unsent_bytes=0&cid=ab60411f78b26e76&ts=338&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
text/html; charset=UTF-8
last-modified
Sun, 22 Dec 2024 02:11:16 GMT
priority
u=1,i
x-frame-options
SAMEORIGIN
cache-control
no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8f5c9489bde436cf-YYZ
server
cloudflare
can_upgrade
today.lorientlejour.com/api/
31 B
1 KB
XHR
General
Full URL
https://today.lorientlejour.com/api/can_upgrade
Requested by
Host: s.lorientlejour.com
URL: https://s.lorientlejour.com/assets/js/jquery-1.11.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c1e87c07c6e59ff44e3c69c500676b7cf22dfdd094e6ecf7fb9fd6c57c3c4ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yTZ8TARRs9rUTEKfk1465xXODnyYYTsdGdo1mCy1dXBsvGpyOcWrTPh19%2FIB0NZpAu%2FuFx8QJy%2BTnI9n8iDTFAzE7QNLLrConLCwnUhNgtjBZYaJIBBKzNT9ZNXMgiPdcLfSNjTFk1NU"}],"group":"cf-nel","max_age":604800}
expires
Mon, 20 Dec 1998 01:00:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24701&min_rtt=24506&rtt_var=3084&sent=14&recv=13&lost=0&retrans=0&sent_bytes=5459&recv_bytes=6388&delivery_rate=7783&cwnd=12000&unsent_bytes=0&cid=ab60411f78b26e76&ts=466&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
text/html; charset=UTF-8
last-modified
Sun, 22 Dec 2024 02:11:16 GMT
priority
u=1,i
x-frame-options
SAMEORIGIN
cache-control
no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8f5c9489cde736cf-YYZ
server
cloudflare
mat_846881.jpg
s.lorientlejour.com/storage/attachments/1371/mat_846881.jpg/r/400/
18 KB
19 KB
Image
General
Full URL
https://s.lorientlejour.com/storage/attachments/1371/mat_846881.jpg/r/400/mat_846881.jpg
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c530ead30ba3d009a0b0c64a405e0eaca3f7141a03a751683b783f14cf67a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cf-bgj
imgq:85,h2pri
etag
W/"65e5f612-30dea"
age
65230
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h3AUvmyRpywLkrITGlhC2%2FB4SrZKC2eOT3moetEKtqOcBYurzqQoxszwzLf3uNnC8pNv0jRdysl1KRbqouJYhQb0xTA%2B3er039tTXuUo%2BKhSR2olDqU3d%2B7qCFdYJ9YHx1PZcyQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 21 Dec 2025 07:10:47 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=20936
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27141&min_rtt=24371&rtt_var=4237&sent=40&recv=29&lost=0&retrans=0&sent_bytes=33014&recv_bytes=7588&delivery_rate=677954&cwnd=24000&unsent_bytes=0&cid=5c6f17a4981f3435&ts=218&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
image/webp
content-disposition
inline; filename="mat_846881.webp"
vary
Accept
last-modified
Mon, 04 Mar 2024 16:25:54 GMT
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
priority
u=3,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c9489d95154af-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
18088
server
cloudflare
arrow-down-icon.png
s.lorientlejour.com/assets/images/
2 KB
3 KB
Image
General
Full URL
https://s.lorientlejour.com/assets/images/arrow-down-icon.png
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ddb496b8952195d0485cfe5a52b175ed1ad4220b72cbbe0fdd4c2ec7821e38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"65f07407-274b"
age
3216900
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OQHAv0SCLFn1wBcQm4%2Bt88pFVeO7a6OAyygkMaDCtYSQv295%2F4PoqPvSshBK2Q4UnaITAyCzyLvZPvYVdEUc%2BWfJdxBI5gbSkeCZ4jNrSFwNlhhNZ5brAjjRQJgCvtm3X9fK1ow%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 14 Nov 2025 20:07:33 GMT
cf-polished
origFmt=png, origSize=10059
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27141&min_rtt=24371&rtt_var=4237&sent=58&recv=32&lost=0&retrans=0&sent_bytes=52451&recv_bytes=8633&delivery_rate=677954&cwnd=24000&unsent_bytes=0&cid=5c6f17a4981f3435&ts=226&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
image/webp
content-disposition
inline; filename="arrow-down-icon.webp"
vary
Accept
last-modified
Tue, 12 Mar 2024 15:25:59 GMT
priority
u=3,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c9489e95654af-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2232
server
cloudflare
all.js
connect.facebook.net/fr_FR/
256 KB
75 KB
Script
General
Full URL
https://connect.facebook.net/fr_FR/all.js?hash=2c351bd9b3b1156b9e179c8aa2d307dd
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
6c8c568fc8edcf8424cb1f42c6093dc40cc35d59d10d2d3127ec614e16d6e728
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://today.lorientlejour.com
Referer
https://today.lorientlejour.com/

Response headers

content-md5
LQ6igwRVwv6gmQOKWx+suw==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"2edd688cfca831a11ef4038e96d0e377"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Mon, 22 Dec 2025 02:07:02 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
65d8f9b0642c9b80f313b535b53a667c
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1888, tp=5, tpl=0, uplat=1, ullat=-1
x-fb-debug
Unrzj6zPPkBoAJowyrkEtBlvxExtCeu9KOfpi3kABsFxLE98Qof6Bkwt9vbwFMMiNT8GVXYLBIFiagjKSJ3wkQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
76331
origin-agent-cluster
?1
print.css
s.lorientlejour.com/assets/css/
445 B
862 B
Stylesheet
General
Full URL
https://s.lorientlejour.com/assets/css/print.css
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
982a34ac654edcfe8875076ee9772157ff4ac7662ecd2dfc34be007aecd4f631

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"664f46c9-1bd"
age
4031228
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02%2FuZ21rdqauqFA8wSA20dqiqWRvSIgkabCpYfdfgMp1a4F7iGX9O9%2BMlVTTRZe1d1BeE7MWHDuqso%2F9iChaxtuX33bW5jLfzw6889v1Jlj8RibiIyOMN3fk6S4T%2FtshyuGhkKA%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 02 Nov 2025 06:23:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27141&min_rtt=24371&rtt_var=4237&sent=61&recv=32&lost=0&retrans=0&sent_bytes=55551&recv_bytes=8633&delivery_rate=677954&cwnd=24000&unsent_bytes=0&cid=5c6f17a4981f3435&ts=238&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
text/css
last-modified
Thu, 23 May 2024 13:38:17 GMT
vary
Accept-Encoding
priority
u=4,i=?0
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c9489f95e54af-YYZ
server
cloudflare
combined.min.css
s.lorientlejour.com/assets/css/
32 KB
8 KB
Stylesheet
General
Full URL
https://s.lorientlejour.com/assets/css/combined.min.css
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ccdecd146786c69b5ee8d0e57ca9f4794caa00773eff0fd011202f471536d58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"65f07406-8035"
age
2233985
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYAKuHDKGZ5beX45%2BexYULx5Jb9oe6znj0hlgLX3My45f5VzRXoNkbp0BXSUlwsB2mTx6SXFwiuWjMnnNGLGy2KSOYYf4G0oAZPAkasZLZQhMfSaY78RGcxzbIFxsj9BUguWGss%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 08 Nov 2025 06:07:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27141&min_rtt=24371&rtt_var=4237&sent=62&recv=32&lost=0&retrans=0&sent_bytes=56436&recv_bytes=8633&delivery_rate=677954&cwnd=24000&unsent_bytes=0&cid=5c6f17a4981f3435&ts=240&x=1", cfExtPri, cfHdrFlush;dur=4
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
text/css
last-modified
Tue, 12 Mar 2024 15:25:58 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c9489f95f54af-YYZ
server
cloudflare
font-awesome.min.css
s.lorientlejour.com/assets/css/
30 KB
8 KB
Stylesheet
General
Full URL
https://s.lorientlejour.com/assets/css/font-awesome.min.css
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bad3bce28cbd668b37a7db483393c94ff44018be0ffb8ebc6ef4cced50d1d65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"5ea6ef8b-7918"
age
20430915
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbIaDmWHN0m2s3q%2FH8TTmjx%2Fh7wyUI%2FAkJ3yX6cQ5WXD2IQTZhb5VZhOzMS3y71IjY8bihKtF7D0cQ7o8iXWRB6wvgBzVB7kvyIXcohPegeIpdtnz61dEIRIw8IccnZNNuoMSbA%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 12 Apr 2025 11:49:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27141&min_rtt=24371&rtt_var=4237&sent=62&recv=32&lost=0&retrans=0&sent_bytes=56436&recv_bytes=8633&delivery_rate=677954&cwnd=24000&unsent_bytes=0&cid=5c6f17a4981f3435&ts=242&x=1", cfExtPri, cfHdrFlush;dur=2
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
text/css
last-modified
Mon, 27 Apr 2020 14:43:23 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c9489f96054af-YYZ
server
cloudflare
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&scrsrc=www.googletagmanager.com&frm=0&rnd=403648246.1734833476&dt=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&auid=965319092.1734833476&navt=n&npa=0&gtm=45be4cc1v9170774070za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734833476167&tfd=747&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11396534268
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11396534268/
6 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11396534268/?random=1734833476158&cv=11&fst=1734833476158&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170774070za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&hn=www.googleadservices.com&frm=0&tiba=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&npa=0&pscdl=noapi&auid=965319092.1734833476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11396534268
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
4ad804ea1eafc50ba5c6e371a7a1ca7568a9eb06ae91d716282a0879cdb8a18a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2362
date
Sun, 22 Dec 2024 02:11:16 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
11396534268
td.doubleclick.net/td/rul/ Frame 6A16
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/11396534268?random=1734833476158&cv=11&fst=1734833476158&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170774070za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&hn=www.googleadservices.com&frm=0&tiba=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&npa=0&pscdl=noapi&auid=965319092.1734833476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11396534268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://today.lorientlejour.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Dec 2024 02:11:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame E122
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Ftoday.lorientlejour.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11396534268
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
46293
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Dec 2024 13:19:43 GMT
expires
Sun, 21 Dec 2025 13:19:43 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
405 KB
131 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5D8ZCYVDWQ&l=dataLayer&cx=c&gtm=45He4cc1v893484611za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPWR8DB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d3c6a836bdd9875d33477b5b865f2aba51b3d1ff72667b58cbdb96611898cf45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 22 Dec 2024 02:11:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134008
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/
250 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-AW-871009748&l=dataLayer&cx=c&gtm=45He4cc1v893484611za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPWR8DB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
904d6652428debf616e8c4f538c2a239b06668a6feda51017b9302431263d139
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Sun, 22 Dec 2024 02:11:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 22 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91587
x-xss-protection
0
server
Google Tag Manager
355941738321791
connect.facebook.net/signals/config/
69 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/355941738321791?v=2.9.179&r=stable&domain=today.lorientlejour.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
96f8fe3f00daadf2fc386d2b631bae2d88a1526c84a5350377939d96a1359c3a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-ioYE0MAg' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-ioYE0MAg' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=1, c=78, mss=1232, tbw=73986, tp=69, tpl=1, uplat=105, ullat=0
pragma
public
x-fb-debug
AiKPpvegQnrANQ/DSJxv+9VJRD2zSiGsXBk+ue4gHil94tgJGgGKP0FBkK6ZCi+zZ9zl5rjZjRbfvqcrXyJ/4g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/
492 KB
153 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
etag
5395541545685299795
age
38184
x-content-type-options
nosniff
expires
Sun, 21 Dec 2025 15:34:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 21 Dec 2024 15:34:52 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
156760
x-xss-protection
0
server
cafe
/
www.google.com/pagead/1p-user-list/11396534268/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/11396534268/?random=1734833476158&cv=11&fst=1734832800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170774070za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&hn=www.googleadservices.com&frm=0&tiba=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&npa=0&pscdl=noapi&auid=965319092.1734833476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7daFzQyrkT7iZDSg3gb0WMYKooxM26JA&random=924002422&rmt_tld=0&ipr=y
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 22 Dec 2024 02:11:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/11396534268/
42 B
64 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/11396534268/?random=1734833476158&cv=11&fst=1734832800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9170774070za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&hn=www.googleadservices.com&frm=0&tiba=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&npa=0&pscdl=noapi&auid=965319092.1734833476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7daFzQyrkT7iZDSg3gb0WMYKooxM26JA&random=924002422&rmt_tld=1&ipr=y
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 22 Dec 2024 02:11:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=363688000397677&input_token&origin=1&redirect_uri=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/all.js?hash=2c351bd9b3b1156b9e179c8aa2d307dd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

access-control-expose-headers
fb-s
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451053043522209760"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
text/plain; charset=UTF-8
x-fb-debug
YTr4XCEqnlS+0SDA1Cx21jd4e71IURzD1fBZ1fcaEMYHOXU0Oe86vf1RxqyCU1Ci4tk9jHWtKHQgxZypDtenkA==
priority
u=1,i
strict-transport-security
max-age=15552000; preload
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451053043522209760", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
cache-control
private, no-cache, no-store, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4479, tp=9, tpl=0, uplat=35, ullat=0
pragma
no-cache
fb-s
unknown
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
https://today.lorientlejour.com
content-length
0
origin-agent-cluster
?1
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-871009748/
6 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-871009748/?random=1734833476362&cv=11&fst=1734833476362&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8893484611za201zb893484611&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&hn=www.googleadservices.com&frm=0&tiba=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&npa=0&pscdl=noapi&auid=965319092.1734833476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-871009748&l=dataLayer&cx=c&gtm=45He4cc1v893484611za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
cafe /
Resource Hash
8491fd24b44cd1575a558851201c0c36122ccf16fa56963c9d70dfc0afb55256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2369
date
Sun, 22 Dec 2024 02:11:16 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
AW-871009748
td.doubleclick.net/td/rul/ Frame D863
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/AW-871009748?random=1734833476362&cv=11&fst=1734833476362&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8893484611za201zb893484611&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&hn=www.googleadservices.com&frm=0&tiba=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&npa=0&pscdl=noapi&auid=965319092.1734833476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-871009748&l=dataLayer&cx=c&gtm=45He4cc1v893484611za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://today.lorientlejour.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 22 Dec 2024 02:11:16 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-5D8ZCYVDWQ&gtm=45je4cc1v893491342z8893484611za200zb893484611&_p=1734833475881&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=261241081.1734833476&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734833476&sct=1&seg=0&dl=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&dt=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&en=page_view&_fv=1&_nsi=1&_ss=2&ep.articleid=1371183&tfd=1026
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D8ZCYVDWQ&l=dataLayer&cx=c&gtm=45He4cc1v893484611za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://today.lorientlejour.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
text/plain
server
Golfe2
115569083
fundingchoicesmessages.google.com/i/
197 KB
65 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/115569083?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66558ea233b4106a98c1f8bd1a0b12f2a39f5d86af516b73bec18954d7fbcf18
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-HTsElo5R5FYBQAaTE-QYXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcBx5NXc3m8COX1cuMClpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAApnxGKg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-HTsElo5R5FYBQAaTE-QYXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
/
www.google.com/pagead/1p-user-list/AW-871009748/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/AW-871009748/?random=1734833476362&cv=11&fst=1734832800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8893484611za201zb893484611&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&hn=www.googleadservices.com&frm=0&tiba=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&npa=0&pscdl=noapi&auid=965319092.1734833476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d6Iigz9YGW1SmmjQPiqQybbzpaMYpa3GIdzrfuM-vCJ0JasOv&random=1648971701&rmt_tld=0&ipr=y
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 22 Dec 2024 02:11:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/AW-871009748/
42 B
64 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/AW-871009748/?random=1734833476362&cv=11&fst=1734832800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1z8893484611za201zb893484611&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&hn=www.googleadservices.com&frm=0&tiba=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&npa=0&pscdl=noapi&auid=965319092.1734833476&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7d6Iigz9YGW1SmmjQPiqQybbzpaMYpa3GIdzrfuM-vCJ0JasOv&random=1648971701&rmt_tld=1&ipr=y
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 22 Dec 2024 02:11:16 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=355941738321791&ev=PageView&dl=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&rl=&if=false&ts=1734833476537&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734833476536.884445436851630651&ler=empty&cdl=API_unavailable&it=1734833476286&coo=false&rqm=GET
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=25, mss=1232, tbw=6351, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=355941738321791&ev=PageView&dl=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&rl=&if=false&ts=1734833476537&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734833476536.884445436851630651&ler=empty&cdl=API_unavailable&it=1734833476286&coo=false&rqm=FGET
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451053045351659832"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
mLylGdkIFb12o0uf4gl8UkE01+kMbvs+DsGMKtu6BVGCwpoCXtfC4kYKeUojjq874vRYTt0+yWBxd1EJFiUVDA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451053045351659832", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=25, mss=1232, tbw=6623, tp=17, tpl=0, uplat=77, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
piwik.php
analytics-cms.whitebeard.me/
0
296 B
Ping
General
Full URL
https://analytics-cms.whitebeard.me/piwik.php?e_c=Paywall&e_a=popup-1&e_n=&e_v=&ca=1&idsite=2&rec=1&r=728447&h=18&m=11&s=16&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&_id=663d68cb60984c87&_idn=1&send_image=0&_refts=0&dimension1=753&dimension4=11&dimension5=today.lorientlejour.com&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: analytics-cms.whitebeard.me
URL: https://analytics-cms.whitebeard.me/js/container_32fy1n2K.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.43.6.132 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://today.lorientlejour.com/

Response headers

Content-Encoding
none
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://today.lorientlejour.com
Content-Length
0
Date
Sun, 22 Dec 2024 02:11:16 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.16.0
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/
63 KB
22 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
57203
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 10:17:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 21 Dec 2024 10:17:53 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
AGSKWxXvP6DsHZWCjdueDJZXEmcInDo3ts3k02S2LEB5khw3K27tL_AS4MUpITZnK2OQHWG-UPGH1CRBvNvXw3djhuygTMwMu_wD8tQ3jPLBQ1zejirmog9w_sMMDae_CR9NGbRxda3Tvg==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXvP6DsHZWCjdueDJZXEmcInDo3ts3k02S2LEB5khw3K27tL_AS4MUpITZnK2OQHWG-UPGH1CRBvNvXw3djhuygTMwMu_wD8tQ3jPLBQ1zejirmog9w_sMMDae_CR9NGbRxda3Tvg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0ODMzNDc2LDg0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90b2RheS5sb3JpZW50bGVqb3VyLmNvbS9hcnRpY2xlLzEzNzExODMvZmluYW5jaW5nLWhhbWFzLXRoZS1jZW50cmFsLWJhbmstc2Vla3MtdG8tcmVhc3N1cmUtdGhlLXVzLXRyZWFzdXJ5Lmh0bWwiLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e125f98312bd35bd481f546d03589585dea751692aa14ddb68f3869ef5bfd555
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-WORk76JsxXbvdYiTQdgOgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcBx5NXc3m8CLk88WMitpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAm_tGBA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-WORk76JsxXbvdYiTQdgOgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame B5E6
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://today.lorientlejour.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29117
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Dec 2024 01:37:44 GMT
expires
Sun, 22 Dec 2024 02:27:44 GMT
last-modified
Mon, 09 Dec 2024 20:44:42 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp.js
cdn.id5-sync.com/api/1.0/
101 KB
29 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e91b031f9526ff060b6858d2839e93f91b0da5fbd8b8620455837e618e2906
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

x-amz-id-2
A5FKSXMp0zFlwYP6nGmgBxoQ40OByWbMRczlxDPqPXievZ4kLsmEK0c1g6nM4EDw7WH8T677XiHgcIiJYDrc7A==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"5dcd2f7daade69f0b6f0a4fca81bea12"
age
1285
x-amz-request-id
TST2PRXJME543HKT
cf-ray
8f5c948f284d33f5-YUL
date
Sun, 22 Dec 2024 02:11:16 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 04 Dec 2024 13:37:28 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
43 KB
13 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.69.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-69-97.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"7db46e1255a018ecf02f47b2c19c26c4"
age
56761
via
1.1 e38b7148e12c6d147431596b0b7df95c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
EzrAE7sF_N-fwOwPQ4nHNjybcnJzEBWmn-IptrYb5cOqFhiH4ULQYw==
date
Sat, 21 Dec 2024 10:25:15 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:40 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P6
x-amz-server-side-encryption
AES256
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
4 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:2600:a:e047:754:f4a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

x-amz-version-id
suVMGQsV8z1neCwtnAwOA2e_FhSjpoa6
ETag
"e264379414c85b18fe5fb338ed4823f8"
Age
68125
Connection
keep-alive
Via
1.1 f0f1092b2ad1f0e573a4fcbefe4fb620.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
3117
X-Amz-Cf-Id
ZnJxb_2rhFuD_Vmopc54Y1gGy3P-k_LDsviOi0AuJKUYqxNefZBOAg==
Date
Sat, 21 Dec 2024 07:15:52 GMT
Content-Type
text/javascript
Last-Modified
Wed, 11 Dec 2024 19:25:11 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD79-C1
x-amz-server-side-encryption
AES256
ads
securepubads.g.doubleclick.net/gampad/
28 KB
7 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1646919146485532&correlator=862124995750454&eid=31089318%2C31089348&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=115569083%2Ctoday_ros-overlay&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=4024716977&sfv=1-0-40&ists=1&sc=1&lrm=400&cookie_enabled=1&abxe=1&dt=1734833476870&lmt=1734833475&adxs=0&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734833475858&idt=625&cust_params=loggedin%3D0&adks=411813486&frm=20&eoidce=1&td=1&egid=14148&tan=3239fa4a-377b-471c-8e8e-8c874891a4fd&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
24268d317888d8249a8d13f2f54706b940db2395c600b3c056233c320705e89f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
dcb
google-lineitem-id
6869751813
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138501586089
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://today.lorientlejour.com
content-length
7305
x-xss-protection
0
server
cafe
container.html
fd73923d42482a3d0dec7b5221f2ed3c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC7B
0
0
Document
General
Full URL
https://fd73923d42482a3d0dec7b5221f2ed3c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://today.lorientlejour.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Dec 2024 02:11:17 GMT
expires
Sun, 22 Dec 2024 02:11:17 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
70 KB
9 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1646919146485532&correlator=862124995750454&eid=31089318%2C31089348&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=115569083%2Ctoday_ros-mpu&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=2&didk=4024717665&sfv=1-0-40&sc=1&lrm=400&cookie_enabled=1&abxe=1&dt=1734833476881&lmt=1734833475&adxs=989&adys=1033&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&vis=1&psz=330x0&msz=330x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734833475858&idt=625&cust_params=loggedin%3D0&adks=238482322&frm=20&eoidce=1&td=1&egid=14148&tan=3239fa4a-377b-471c-8e8e-8c874891a4ff&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
0344df366eeecd1ea1eff754952ed1c614fbcbd3636beef1baa50ca4f541fea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
dcb
google-lineitem-id
6873433343
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138501598410
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://today.lorientlejour.com
content-length
9581
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/
70 KB
9 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1646919146485532&correlator=862124995750454&eid=31089318%2C31089348&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fif&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=115569083%2Ctoday_ros-lb&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=3&didk=3510284024&sfv=1-0-40&sc=1&lrm=400&cookie_enabled=1&abxe=1&dt=1734833476885&lmt=1734833475&adxs=436&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734833475858&idt=625&cust_params=loggedin%3D0&adks=2956284711&frm=20&eoidce=1&td=1&egid=14148&tan=3239fa4a-377b-471c-8e8e-8c874891a4fe&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
47e50e052e37f7821a31762d0db969e50b90f63602cbb64dec01470f1dad40b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
dcb
google-lineitem-id
6873433343
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138501809465
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://today.lorientlejour.com
content-length
9570
x-xss-protection
0
server
cafe
increment
id5-sync.com/api/esp/
0
239 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://today.lorientlejour.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://today.lorientlejour.com
date
Sun, 22 Dec 2024 02:11:16 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
map
bcp.crwdcntrl.net/6/
156 B
593 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.3.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-3-156.compute-1.amazonaws.com
Software
/
Resource Hash
15e11193fd175fbcd331a1e404c799d347a0b156227c9a6a0fc6fef9ea8eb995

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://today.lorientlejour.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://today.lorientlejour.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
156
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
application/json;charset=utf-8
x-server
10.40.0.158
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame 4277
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
etag
12104404153384301539
age
22264
x-content-type-options
nosniff
expires
Sat, 04 Jan 2025 20:00:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 21 Dec 2024 20:00:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9049
x-xss-protection
0
server
cafe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 4277
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
gzip
age
73892
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sun, 21 Dec 2025 05:39:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:39:45 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
33507
x-xss-protection
0
server
sffe
truncated
/ Frame 4277
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7dfb917cbfd14803aded61f18c7943c41b318cb6e731723568e77033c203c8c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
15107697551333490108
tpc.googlesyndication.com/simgad/ Frame 8FC3
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/simgad/15107697551333490108?
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://today.lorientlejour.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-length
124288
content-type
image/jpeg
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Dec 2024 02:11:17 GMT
expires
Mon, 22 Dec 2025 02:11:17 GMT
last-modified
Wed, 18 Dec 2024 10:16:58 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
1917181021151450070
tpc.googlesyndication.com/simgad/ Frame 4277
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBz6x6BLhhMkspEhz0PTbujaQMerIHE3mlHqxU57w5Tb9gvkzKSYCqW7eHyuRNwWmSE50ruIRn7tpIG0GaaXUfbj4qC95gzBgpJ0NPzh2f--33T55w03dUTVn1mgFC83VeAVI89hDeK...
  • https://tpc.googlesyndication.com/simgad/1917181021151450070?
61 KB
61 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1917181021151450070?
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H2
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b961bd6346afdaf27518f3315d53316b18514e52945e4079eee6e9b1d43b3e1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Mon, 22 Dec 2025 02:11:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
image/gif
last-modified
Wed, 18 Dec 2024 10:16:24 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
62333
x-xss-protection
0
server
sffe

Redirect headers

cache-control
private
timing-allow-origin
*
location
https://tpc.googlesyndication.com/simgad/1917181021151450070?
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sun, 22 Dec 2024 02:11:17 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
piwik.php
analytics-cms.whitebeard.me/
0
296 B
Ping
General
Full URL
https://analytics-cms.whitebeard.me/piwik.php?action_name=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&idsite=2&rec=1&r=783977&h=18&m=11&s=16&url=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&_id=663d68cb60984c87&_idn=0&send_image=0&_refts=0&dimension1=753&dimension4=11&dimension5=today.lorientlejour.com&pv_id=Nj9sD5&pf_net=157&pf_srv=273&pf_tfr=21&pf_dm1=180&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: analytics-cms.whitebeard.me
URL: https://analytics-cms.whitebeard.me/js/container_32fy1n2K.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.43.6.132 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://today.lorientlejour.com/

Response headers

Content-Encoding
none
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://today.lorientlejour.com
Content-Length
0
Date
Sun, 22 Dec 2024 02:11:17 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.16.0
view
securepubads.g.doubleclick.net/pcs/ Frame D6BF
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2_2rAuL5ynn4F_N8neJwbsMLtKjwPrGMBf3b1Zwm9qdy2a96DVQBC-zJ9JSH-JOdpqiEl78iercUL7nZj5YhcrOWan1LJN2J_R8zul8gKaI0MDvEIFwEJZw8M4lNI4xSFzR6FUL2f2d-OLH1QfLTn2XQpj7xWNGefkr8nX_XaLh5ghyzaj-40zvsaZ7RtcLVuMwkCKBVqOFnfCsjnau2jEsiucRiuJ7bq_JniXsvzYxpA6FViis4GZhJ8h8udAOCQQ6ZBrm3BPddSC1mUvEvTAyeXqqz8xia4P4WM1z1fthYDEw55uzhVNPDIUIj3whE9LlGp6nfGzgbG3u-fDba6JV_C3T14bPToZHMB7PkNh6oi-1ro7tcyj3x6oqZ0N8zEeSMIHFiGQBic80QE_bbGCTZVWhZRdhnP9PWtSGE&sai=AMfl-YTAuEPIegGtbHX7hlaffULxoE8HC6JKbKxJKVFcoW9iUKoBTfbj2oGrMfwo350xvUi2C3ouE40_LLF0_J4CCtbLwsTmCZujJez7RslIixtHxsl0eHULvKE_NYY&sig=Cg0ArKJSzGMxcl0wQlmcEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sun, 22 Dec 2024 02:11:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame D6BF
23 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
etag
12104404153384301539
age
22264
x-content-type-options
nosniff
expires
Sat, 04 Jan 2025 20:00:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 21 Dec 2024 20:00:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9049
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/ Frame D6BF
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
22924
x-content-type-options
nosniff
expires
Sat, 04 Jan 2025 19:49:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 21 Dec 2024 19:49:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D6BF
218 KB
67 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
567
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 03:01:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 22 Dec 2024 02:01:50 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
2992418287141423621
tpc.googlesyndication.com/simgad/ Frame D6BF
52 KB
52 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/2992418287141423621
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
sffe /
Resource Hash
3a44b56e45fd3d6ccf55ed0318c70836f6208e403133f204823701593993a345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

age
15814
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sun, 21 Dec 2025 21:47:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Sat, 21 Dec 2024 21:47:43 GMT
last-modified
Wed, 18 Dec 2024 10:13:16 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
52935
x-xss-protection
0
server
sffe
truncated
/ Frame D6BF
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0587b87b42a71fb1671352ae8809df8a4b66d042e93be595d17cc7cf291ca994

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C364
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvM24x7WpCz7RtO4a0BrZ7DOp7Q1m5CWBODn3GFzECLqMiJ-FkEFZVfpq2y-5v6zAhSZru5xZpBfx2MBDN38cL7nAfhEeAzTzUIBp2f_ODWfkOdbDbxujwT_mO4lVKFffiDQR-lkncZNi4aTB1uO4zyBTGD86WU_JXcdsW5NNUrRxNl6apRnA71BE9aGVfA_FPqBG5vHWdTJB1VN7gNf6aY2B5xAzTiSsh8SE-BuDYXoCaJIOWkVY8fEuYtUHDacqr9S9M_igThzJU3iHezojRniQVH6iYIKW9dPLj8D-JSvOwXZG16c5mqEJ08uNB5jwWl6RmS10AG68CEO-6TZVokWXCYR2lY4Dr7coLDKLcVYPe7gTVuGoQ1jkezVAm-6kqX0DhiYkyDenwtYjdW&sai=AMfl-YSd1SFDyo9LJMoKgw_3kLoQCjxWfWVAvZrWVNbGZlrIu_ox1MIpW4ydn2T6NXKY-hvnFYmX3qDwiHn1ow_vUlS7hzBYIzyH1b_mga9IfZ34yRsWsVERAkjwBzf0&sig=Cg0ArKJSzFKgYuLaagaNEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: today.lorientlejour.com
URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sun, 22 Dec 2024 02:11:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame C364
23 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
etag
12104404153384301539
age
22264
x-content-type-options
nosniff
expires
Sat, 04 Jan 2025 20:00:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 21 Dec 2024 20:00:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9049
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/ Frame C364
3 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
22924
x-content-type-options
nosniff
expires
Sat, 04 Jan 2025 19:49:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 21 Dec 2024 19:49:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C364
218 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
567
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 03:01:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 22 Dec 2024 02:01:50 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
6158971931568427500
tpc.googlesyndication.com/simgad/ Frame C364
107 KB
107 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6158971931568427500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f132.1e100.net
Software
sffe /
Resource Hash
63845bba706fc806d033c56430a913c188d11af3b45b034ad5e0bd21a30dbdf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

age
15814
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sun, 21 Dec 2025 21:47:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Sat, 21 Dec 2024 21:47:43 GMT
last-modified
Wed, 18 Dec 2024 10:12:32 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
109408
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame C364
0
0

truncated
/ Frame C364
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa74d4d7fa35d6b878aff1be82554fa59ce8bafbc2b3ffbfdd5963b5237357f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame D6BF
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 22 Dec 2024 02:11:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame D6BF
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstARxhM53LF3jjCpZDuDwOzl9IDeuFbpvPmjsg2snpr0EVDVG_X7jb6jjIzuagbJBwzkdhqIxdPGn7WclmJojXCx99_QnUvaBs1EIHNd4pCQuX2lnR7kqEjPEFnYY3GPN8rjvJNwVndfk4z_S12UilsZFja2zQQXhXEVNEmxs1PJxLf-AAx88oJt0EKY-cfGfdmf4g9RQRf9qD0-YGGlbxH6f1GuYj1UdR9ZBAvZyriDbbM6mtJyj3SE_c_GGE7kzkDhgf3E6EjV309-nVdmGhFE43IJnWlNhe8PQb1sz4uhh-OkUMeiJnUKhiOuQZmpT0w5tgE4xQDHodt8Bdc1ujcpjDrBVPpzckhgAeD728wWHdyNk4Iv53z9e533yBWy685nfRraUC16bvHvfsE6rnsmOSQCkXJcl8MLQgyCQWC0w&sai=AMfl-YTm7W7KlwOi24daHevaz814CGkgdQ_Hl-fZyCDCgQsu9d3aPlIzSO-jhq6H8qiEMvlFFg1tsiZoKFcWV_-t3U1eFv5d4Gw0lA_rSCkWMdGJR6UJKjk61g56Yzo&sig=Cg0ArKJSzHcoFnLDoiptEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 02:11:17 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sun, 22 Dec 2024 02:11:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame C364
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 22 Dec 2024 02:11:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame C364
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumPG9hK2WVSywqtMKYW_0q0ZJEmxSUNEfnwQzJrurZguwrRCchGNhi5vqnzb9s9XRIGQOBMX8SfRh_U8NzKB1zRvOuWrysD8sZFa_YKDy71RKJmlw38Wbvjf8WvxqF2ANFm8Q4A3L3pP8xacIscmR_ES1WGikdDrFPInyQCjw5TDaTv0PC5P5ycLNOKxsy6axOaqSMzsbMG4-TaVekwHmzSEx9MPqn5HA6Bnt5MxpWhzlA1hHhH_Nc2MpH9he4A9m9WWd5cop3rDxDTTHbUQ-mMd-565iKoCNs2zinozlEh5OvD-MsydW8sAsvzrdJhaAVQKDa2FqbZxIesAV7fze-CfwcWGy-M9VYW_znt_8vJGx-PF4xcoiPqPkLc9B9JznBhfIrMEr1YZ3IPz9iXDo&sai=AMfl-YSyAL_gjjSbWCJgjKKSCRGjqmiIy9nIV3IwwpqO36P4k7XfHUBegbLIB8qxf-HNYUeHkIYh0V982kiGB-clZQeuGZGsyNmKFJqbKWilBzplXyY8VI-cP_nBnh7y&sig=Cg0ArKJSzIJ4B09TRo35EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 02:11:17 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sun, 22 Dec 2024 02:11:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
bbcb55199563c973526acb66e3fbfe11e152dac53fbb954fa1d8e0948d20bac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13366
date
Sun, 22 Dec 2024 02:11:17 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame D6BF
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 22 Dec 2024 02:11:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame C364
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sun, 22 Dec 2024 02:11:17 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
468x70-
fundingchoicesmessages.google.com/f/AGSKWxXKDoIJKkvXBH4HRTJsFyRafnyVoK7IVuitS1DjK8y3bCZddPeFjaKB7a6JC9l_Uw5MXCusr1RKKSfLvGCYITucPCjnJTF0piQSAdeogtWObiF3j77-CeY5Bveg8vNc1CEVEoTv3XWV0RBFtsby1Ur2xRSqE...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXKDoIJKkvXBH4HRTJsFyRafnyVoK7IVuitS1DjK8y3bCZddPeFjaKB7a6JC9l_Uw5MXCusr1RKKSfLvGCYITucPCjnJTF0piQSAdeogtWObiF3j77-CeY5Bveg8vNc1CEVEoTv3XWV0RBFtsby1Ur2xRSqEInQkooPv8Xx1LQovAUxErK_cgNWWTT2/_/ads/swfobject.-ads_9_3./ad_image2./sponsorsgif./468x70-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzvURqnN7XWAIROf2f0Q-7GMaIk_w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f100.1e100.net
Software
ESF /
Resource Hash
caf6f60338b6a4eddd7583ee70e416ab321de779a879fe0894dc31e382366c3f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JjXI1rx7gnmT08vRfkvF3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcBx9NXc3m8CBvff2MClpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAmFFF5w"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JjXI1rx7gnmT08vRfkvF3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
rum.js
pagead2.googlesyndication.com/pagead/js/
70 KB
26 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzvURqnN7XWAIROf2f0Q-7GMaIk_w/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
cf93db5f15fb6b90864ea934827bca87f92e75ad6a3aab83881b1f6777ee8929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
br
etag
82456162888936996
age
1777
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 02:41:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 22 Dec 2024 01:41:40 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
26167
x-xss-protection
0
server
cafe
AGSKWxXiSLOuCaSfuIvPJIneP8TISD3M_FZdwlQma5gxEN90tsQq9oF0UtGCPMoQ6AGc1R8i-4YInPwzYX6BWicM3tjjKiSpbafT0IwtpJ-ZTMpphMF8uruonYuHFEgRyxplKDsxj9HhcQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXiSLOuCaSfuIvPJIneP8TISD3M_FZdwlQma5gxEN90tsQq9oF0UtGCPMoQ6AGc1R8i-4YInPwzYX6BWicM3tjjKiSpbafT0IwtpJ-ZTMpphMF8uruonYuHFEgRyxplKDsxj9HhcQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NX4Ovjm0jBdtRneeTF3BNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://today.lorientlejour.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj6Ku5u9kEGs7sO8Ok5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAA5eKxo"
content-security-policy
script-src 'report-sample' 'nonce-NX4Ovjm0jBdtRneeTF3BNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://today.lorientlejour.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXiSLOuCaSfuIvPJIneP8TISD3M_FZdwlQma5gxEN90tsQq9oF0UtGCPMoQ6AGc1R8i-4YInPwzYX6BWicM3tjjKiSpbafT0IwtpJ-ZTMpphMF8uruonYuHFEgRyxplKDsxj9HhcQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXiSLOuCaSfuIvPJIneP8TISD3M_FZdwlQma5gxEN90tsQq9oF0UtGCPMoQ6AGc1R8i-4YInPwzYX6BWicM3tjjKiSpbafT0IwtpJ-ZTMpphMF8uruonYuHFEgRyxplKDsxj9HhcQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R618lCtOghd7DZKedzez1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://today.lorientlejour.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj6Ku5u9kEOq7dfMSk5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMABmdK0s"
content-security-policy
script-src 'report-sample' 'nonce-R618lCtOghd7DZKedzez1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://today.lorientlejour.com
content-length
0
x-xss-protection
0
server
ESF
favicon.png
s.lorientlejour.com/assets/images/
12 KB
12 KB
Other
General
Full URL
https://s.lorientlejour.com/assets/images/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d0402539061fce0cfc18e85bb03c513f3b67fdfaa477a4a205d04bf0c06e4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"65f07407-6475"
age
627829
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZ%2Bc4R2WYBla5AkLTBWAkXp7N50k6jajPcOVgPJa3mP9YM6tZEbqI%2Fzty3jgo264TV%2BQHuqxLl1l7KTKKkVn2E73%2FVNAFCKf6efBB%2FeGr9aN5LWBSfI5R2ZYeQ0AcIEStRPkp7g%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 26 Nov 2025 07:34:46 GMT
cf-polished
origFmt=png, origSize=25717
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28353&min_rtt=24371&rtt_var=2374&sent=80&recv=59&lost=1&retrans=1&sent_bytes=74391&recv_bytes=10589&delivery_rate=337377&cwnd=25200&unsent_bytes=0&cid=5c6f17a4981f3435&ts=1822&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
image/webp
content-disposition
inline; filename="favicon.webp"
vary
Accept
last-modified
Tue, 12 Mar 2024 15:25:59 GMT
priority
u=1,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c9493de4254af-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
11954
server
cloudflare
AGSKWxXiSLOuCaSfuIvPJIneP8TISD3M_FZdwlQma5gxEN90tsQq9oF0UtGCPMoQ6AGc1R8i-4YInPwzYX6BWicM3tjjKiSpbafT0IwtpJ-ZTMpphMF8uruonYuHFEgRyxplKDsxj9HhcQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXiSLOuCaSfuIvPJIneP8TISD3M_FZdwlQma5gxEN90tsQq9oF0UtGCPMoQ6AGc1R8i-4YInPwzYX6BWicM3tjjKiSpbafT0IwtpJ-ZTMpphMF8uruonYuHFEgRyxplKDsxj9HhcQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lyrwROGHmoN1MumTNkJLDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://today.lorientlejour.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj6Ku5u9kETtzc_oxJySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAAm2St1"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lyrwROGHmoN1MumTNkJLDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://today.lorientlejour.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXiSLOuCaSfuIvPJIneP8TISD3M_FZdwlQma5gxEN90tsQq9oF0UtGCPMoQ6AGc1R8i-4YInPwzYX6BWicM3tjjKiSpbafT0IwtpJ-ZTMpphMF8uruonYuHFEgRyxplKDsxj9HhcQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXiSLOuCaSfuIvPJIneP8TISD3M_FZdwlQma5gxEN90tsQq9oF0UtGCPMoQ6AGc1R8i-4YInPwzYX6BWicM3tjjKiSpbafT0IwtpJ-ZTMpphMF8uruonYuHFEgRyxplKDsxj9HhcQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ez-EfllsJFmQ4IMMfLeFag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://today.lorientlejour.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj6Ku5u9kEJmyc8JxJySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAAByirz"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ez-EfllsJFmQ4IMMfLeFag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://today.lorientlejour.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVqnNyR2YX4LIr0fS_Zs2M-PZjQiW7l2rjQ2EIJkXJBplREZmirRTZc5igfkcRFwpFKmGB36RWgfuEFKfTdnHSxekbMAvOtu0-ZTmFLHtTkjDXtFtjVy0bo2adhiJqildyEbCJ6lw==
fundingchoicesmessages.google.com/f/
6 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVqnNyR2YX4LIr0fS_Zs2M-PZjQiW7l2rjQ2EIJkXJBplREZmirRTZc5igfkcRFwpFKmGB36RWgfuEFKfTdnHSxekbMAvOtu0-ZTmFLHtTkjDXtFtjVy0bo2adhiJqildyEbCJ6lw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0ODMzNDc3LDcyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdG9kYXkubG9yaWVudGxlam91ci5jb20vYXJ0aWNsZS8xMzcxMTgzL2ZpbmFuY2luZy1oYW1hcy10aGUtY2VudHJhbC1iYW5rLXNlZWtzLXRvLXJlYXNzdXJlLXRoZS11cy10cmVhc3VyeS5odG1sIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f100.1e100.net
Software
ESF /
Resource Hash
c6c03e7e0285fdb70fbfcd035df95dc448a40214109ecc90b5a26f6d6333794f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-1_U1ZCx_JIrqqM4wbt82Xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw15BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcBx9NXc3m8CBFTdeMSlpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAnAlF-w"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-1_U1ZCx_JIrqqM4wbt82Xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
csi
csi.gstatic.com/
0
532 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m4yz26hn&ctx=0&met.9=1.op~2.tj
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:403::78 Sewanee, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
favicon.png
s.lorientlejour.com/assets/images/
12 KB
0
Other
General
Full URL
https://s.lorientlejour.com/assets/images/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d0402539061fce0cfc18e85bb03c513f3b67fdfaa477a4a205d04bf0c06e4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"65f07407-6475"
age
627829
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZ%2Bc4R2WYBla5AkLTBWAkXp7N50k6jajPcOVgPJa3mP9YM6tZEbqI%2Fzty3jgo264TV%2BQHuqxLl1l7KTKKkVn2E73%2FVNAFCKf6efBB%2FeGr9aN5LWBSfI5R2ZYeQ0AcIEStRPkp7g%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 26 Nov 2025 07:34:46 GMT
cf-polished
origFmt=png, origSize=25717
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28353&min_rtt=24371&rtt_var=2374&sent=80&recv=59&lost=1&retrans=1&sent_bytes=74391&recv_bytes=10589&delivery_rate=337377&cwnd=25200&unsent_bytes=0&cid=5c6f17a4981f3435&ts=1822&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
image/webp
content-disposition
inline; filename="favicon.webp"
vary
Accept
last-modified
Tue, 12 Mar 2024 15:25:59 GMT
priority
u=1,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c9493de4254af-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
11954
server
cloudflare
apple-icon-57x57.png
s.lorientlejour.com/assets/images/
974 B
2 KB
Other
General
Full URL
https://s.lorientlejour.com/assets/images/apple-icon-57x57.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.75.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e9e5401b559769e79057caf93d429762372b024f70a36813286c790e45fc0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"65f07407-703"
age
352209
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PemHHpvT6H7gURMWn8YZ4hZa4jve9Q2oTyk5G%2BLWnRGiQO2Ymm3diQa1pzFnS0kg1s2jegkIf%2FrbVimY7aplXtt1YB1cY9JjMkxj9wFhZLo4TQ1M5lGBwvIbxhgXSt8JpCDK%2BwE%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 10 Dec 2025 22:38:03 GMT
cf-polished
origFmt=png, origSize=1795
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26335&min_rtt=24371&rtt_var=2347&sent=92&recv=67&lost=1&retrans=1&sent_bytes=87426&recv_bytes=11721&delivery_rate=330190&cwnd=25200&unsent_bytes=0&cid=5c6f17a4981f3435&ts=1868&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
image/webp
content-disposition
inline; filename="apple-icon-57x57.webp"
vary
Accept
last-modified
Tue, 12 Mar 2024 15:25:59 GMT
priority
u=1,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5c94942e6854af-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
974
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 02:11:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
AGSKWxX2VR84FdSAj2z599mdR8TNUjGn05F7UVpPWdKehctvnHeuDRgZ-nwy2-fKL8j6Tnpn3IfOKX--gD2TpXxTphPbg_65gtVqn6LI0hzl7alnITsRdn258f2O0VRBnIHA3sr_jd3tqw==
fundingchoicesmessages.google.com/f/
3 KB
1 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX2VR84FdSAj2z599mdR8TNUjGn05F7UVpPWdKehctvnHeuDRgZ-nwy2-fKL8j6Tnpn3IfOKX--gD2TpXxTphPbg_65gtVqn6LI0hzl7alnITsRdn258f2O0VRBnIHA3sr_jd3tqw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0ODMzNDc3LDc5MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdG9kYXkubG9yaWVudGxlam91ci5jb20vYXJ0aWNsZS8xMzcxMTgzL2ZpbmFuY2luZy1oYW1hcy10aGUtY2VudHJhbC1iYW5rLXNlZWtzLXRvLXJlYXNzdXJlLXRoZS11cy10cmVhc3VyeS5odG1sIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f100.1e100.net
Software
ESF /
Resource Hash
700b426b123cba760b7df2b13a270f23ff1c1c4a605282b8838bf8b29fd82458
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yZkgxZThSzqnqZZb-1W4Vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw1pBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxAL8XAcfTV3N5vAj0tHu5iVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAyNDI30DAzjCwwA6xpK_w"
content-security-policy
script-src 'report-sample' 'nonce-yZkgxZThSzqnqZZb-1W4Vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxUe8tnDYIYww4PVWEhvjYgdvR1WTOgE8EHL9DToL9PXzBWNQN8trBBbKWhr0zc8TBgOmXOVfc_YZUeiHX7lUs3KOS9fZf5cIFEuzbYaXzGhXIdFIh0gTE71labZc4wBE0n8JR3vnw==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUe8tnDYIYww4PVWEhvjYgdvR1WTOgE8EHL9DToL9PXzBWNQN8trBBbKWhr0zc8TBgOmXOVfc_YZUeiHX7lUs3KOS9fZf5cIFEuzbYaXzGhXIdFIh0gTE71labZc4wBE0n8JR3vnw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0ODMzNDc3LDg1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90b2RheS5sb3JpZW50bGVqb3VyLmNvbS9hcnRpY2xlLzEzNzExODMvZmluYW5jaW5nLWhhbWFzLXRoZS1jZW50cmFsLWJhbmstc2Vla3MtdG8tcmVhc3N1cmUtdGhlLXVzLXRyZWFzdXJ5Lmh0bWwiLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f100.1e100.net
Software
ESF /
Resource Hash
df35e83203b4b2d36b8539498199ba9fbc45ed98507306e39be7e0d82066ea93
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kndaWuIv9D3U42qwY10RhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcBx9NXc3m8CBJbvWMCtpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoZGukZGMYXGAAAjXpFnw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kndaWuIv9D3U42qwY10RhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxVW4wuHWpg0-buXAcWsUNq2ahinMtW_J4HgoMcMrL1Jc61CA_rmBYZIU5QUU1iMMa_qZ-LuuDbojNjAn6y_lLphu22qHmE6xE_Hid5z7TWyYlhfO4_pk2gsaZnPh8YngQqD3jQvLw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVW4wuHWpg0-buXAcWsUNq2ahinMtW_J4HgoMcMrL1Jc61CA_rmBYZIU5QUU1iMMa_qZ-LuuDbojNjAn6y_lLphu22qHmE6xE_Hid5z7TWyYlhfO4_pk2gsaZnPh8YngQqD3jQvLw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O4_YpyE-jmvRdg7BtMBYpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://today.lorientlejour.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:17 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw15BicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj6Ku5u9kETlzdeZxZySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYGhka6RmYxRcYAAAesitX"
content-security-policy
script-src 'report-sample' 'nonce-O4_YpyE-jmvRdg7BtMBYpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://today.lorientlejour.com
content-length
0
x-xss-protection
0
server
ESF
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 7F7D
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://today.lorientlejour.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Dec 2024 01:40:06 GMT
expires
Sun, 22 Dec 2024 02:30:06 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AE35
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f105.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R5yfTV9AkNUO_6MlnVA4LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://today.lorientlejour.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-R5yfTV9AkNUO_6MlnVA4LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 22 Dec 2024 02:11:18 GMT
expires
Sun, 22 Dec 2024 02:11:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D6BF
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlkk4o6ORWTG2jRMtJwd6mAE1G_P7HN9ONuPOT_rp2sRz3NvfErDf2AxGpowA7JzYDiMIdcd3hTaK9v5eml2jNQoE30MbaAxRbNs0_hpc24ntyAPDzn4WUKiBaCEaJo2ksB8BQvjQXQA_UMzJPXIel4wmH5KVCLtfJTQGvIwRZ-fiZFsR_BJLjKZvzX3WfpEKvKw&sig=Cg0ArKJSzIFCKfagA-8UEAE&id=lidar2&mcvt=1000&p=0,315,90,1285&tm=1035.2999992370605&tu=35.79999923706055&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2956284711&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3076627700&rst=1734833477379&rpt=206&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 22 Dec 2024 02:11:18 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar
ep1.adtrafficquality.google/pagead/
0
0

collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-5D8ZCYVDWQ&gtm=45je4cc1v893491342z8893484611za200zb893484611&_p=1734833475881&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=261241081.1734833476&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1734833476&sct=1&seg=0&dl=https%3A%2F%2Ftoday.lorientlejour.com%2Farticle%2F1371183%2Ffinancing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html&dt=Financing%20Hamas%3A%20The%20Central%20Bank%20seeks%20to%20reassure%20the%20US%20Treasury%20-%20L%27Orient%20Today&en=paywall_display_1&ep.articleid=1371183&_et=4&tfd=6033
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D8ZCYVDWQ&l=dataLayer&cx=c&gtm=45He4cc1v893484611za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://today.lorientlejour.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://today.lorientlejour.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 02:11:21 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwnMazx67NMcumCTnbRPSpM3pCL71IGyU7pUVaQWg8Dk5fvbBVrKig8MFaviakXEnqvx8WhnfXv2enCCViAp69AMnDMw
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=1646919146485532&bg=!EhGlEV7NAAbtGp3CzRo7ADQBe5WfON33JE0wcCjoj0aC481io4i2mYbKlp57G_K5iTo2hHRvkt2T-o2hioP7j6XdpEhaAgAAAEFSAAAAA2gBB34ANpks8v2xokq17yEdgb08zEiaZwWoxlEjejaYFYoPUo-Bn-Ek0HHQdevxy9o3cJCFtg738RLbUAoAC0eOwmVV-UmdlFgDmQKdrlUK0Jd6cnfusmHFi8MyRK8-kh5dAaBAfbebbf-r-3GiMWD9GoJAlRpoZH-MkUUy1hmyYrkVGHf0dLIeDL1995_3Sn_HZq1Xpu7UPRJntJOYQ8RfMly_E6JoAiO451jLlEQKg5EsfZf8x8hEDObddxAR9HoFHCDBM-dMp-iJivWfo_LSSnZP9SG6wBX_tkSk-Zzph724CZzbzEmY7yun3yDMRUAxGmz3ua-QGNYSP-RYZ6cWgmiO10g8jYAN19vfj5VXHPHIp3vDc0SLi2sEZVc1FgfZvnLifnox1hUOtUok8GWxJzT6oJhxnU1jEFduwfkNP20hctnfWHweuKO0K4I0MdK-uhlXuuR_qlXDsmqNqXb7qxhDB1hTxZghxeUT_APMisUmiKRvBGkZXexxscxBUlhqNJ2PwcUunpE07-JTWwoJ6fKlemQOpqFkToZIzQ21JSDbLaknHJSK24CLJlfjqjE3vkMQg6mfT78UnfR3R6pv_iErt5sWU_vkAzN4FGiI_6rnD_u5-Vem4x-mIfp836gPav89oaWtqG76Swn7wTvCeiuV8AAmfVDm95ELzpebSeLuD3PYGJMmeGE3HfhILqaqyWrAGcyKMoTQnOv-VTyTlVLMMyKmI2TV1MLCzEclAPR6EU5tAVmplw6ddN4Pp-0cn4UfAuCP6AokoCHuzF2CoXiQPoUVeDUiQLxHzcSEes6urhuad1UozhUA0OKDipHKJaa3U7Nif1ybcX3zqMNG9xZ102De1i6k7ZAwjj_XBqOoguJ6L8k96UVZFnE4VPOwWNsJMRkq9vv1uw6gA4RthLrf3nHsl4Dq-gaVk490-5pceIEdAzBAXPrCgnx3Pkj33q4ZaMggRFwY5q0IHy7CYUneokYkbjFa

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 function| gtag object| dataLayer object| _mtm object| d object| g object| s function| fbq function| _fbq function| loadDeferredStyles function| raf function| $ function| jQuery function| cookieNotice function| isMobile function| validEmail function| inlineComponent function| updateRtlDirection function| supports_html5_storage function| setCookie function| readCookie function| eraseCookie function| stripsPriorities object| googletag boolean| initResponsiveAdsDone function| initResponsiveAds function| reloadAds function| runfixedMPU function| sendMatomoPaywallEvent function| navigateGallery object| lazyImageObserver object| jQuery111202078796761715409 object| FB object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| ggeac object| google_js_reporting_queue object| __buffer function| onYouTubeIframeAPIReady object| gaGlobal object| google_reactive_ads_global_state object| MatomoTagManager object| _paq object| matomoPluginAsyncInit object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MzRmOGJmMDg4NDhhMTg1OGxvYWRlcl9qcw== string| MzRmOGJmMDg4NDhhMTg1OGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_tag_topics_state number| google_unique_id object| __uid2SecureSignalProvider object| __uid2 object| __id5_finalization_registry function| lotameIsCompatible function| sync16589_aa function| sync16589_c function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ia object| sync16589_ja object| sync16589_s object| sync16589_wa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_ga function| sync16589_ha function| sync16589_t function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_ka function| sync16589_la function| sync16589_y function| sync16589_ma function| sync16589_z function| sync16589_A function| sync16589_u function| sync16589_C function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_qa function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_M function| sync16589_L function| sync16589_N function| sync16589_O function| sync16589_J function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_P function| sync16589_Q function| sync16589_xa function| sync16589_R function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_S function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea function| sync16589_T function| sync16589_Fa function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Ga function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_Ha function| sync16589_3 function| sync16589_Ja function| sync16589_Ia function| sync16589_4 function| sync16589_La function| sync16589_Ma function| sync16589_Ka function| sync16589_Na function| sync16589_Qa function| sync16589_Pa function| sync16589_Oa function| sync16589_Sa function| sync16589_Ua function| sync16589_Ra function| sync16589_6 function| sync16589_Ta function| sync16589_Xa function| sync16589_Wa function| sync16589_Va function| sync16589_7 function| sync16589_5 function| sync16589_8 function| sync16589_Ya function| sync16589_Za function| sync16589__a function| sync16589_0a function| sync16589_9 function| sync16589_1a function| sync16589_$ function| sync16589_2a function| sync16589_3a function| sync16589_4a object| lotame_sync_16589 boolean| a15ff61e-a7ae-4054-a4d9-62de5bf2984b number| google_srt object| _google_rum_ns_ object| GoogleGcLKhOms object| google_image_requests

21 Cookies

Domain/Path Name / Value
.lorientlejour.com/ Name: WBSESS
Value: rgmhn0q4kjj4tu34mh1mljn7qa
today.lorientlejour.com/ Name: wb_pdenglish
Value: %5B84780590%2C%22sjmtkr7dq0%22%5D
.lorientlejour.com/ Name: _gcl_au
Value: 1.1.965319092.1734833476
today.lorientlejour.com/ Name: AWSALB
Value: P3FWOJABPTuM9Et0ozXaYw+pGgeV5VSp+tV6MwAdDiT3+lyPkzvQp5/XLGA+BBU3sm3oxB/xpvPX/x2X1AWrv8cutGp8Tx3Mh99PWGP5aemf7pxLaNklgg7OkQxg
today.lorientlejour.com/ Name: AWSALBCORS
Value: P3FWOJABPTuM9Et0ozXaYw+pGgeV5VSp+tV6MwAdDiT3+lyPkzvQp5/XLGA+BBU3sm3oxB/xpvPX/x2X1AWrv8cutGp8Tx3Mh99PWGP5aemf7pxLaNklgg7OkQxg
.lorientlejour.com/ Name: _ga
Value: GA1.1.261241081.1734833476
.lorientlejour.com/ Name: _ga_5D8ZCYVDWQ
Value: GS1.1.1734833476.1.0.1734833476.0.0.0
today.lorientlejour.com/ Name: upgrade-subscription
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnhVXjj_iZlqCj3-uvij4dfaQQ8JSD8L5NRdkruIh96-u1SNL7OM641Vljt
.lorientlejour.com/ Name: _fbp
Value: fb.1.1734833476536.884445436851630651
today.lorientlejour.com/ Name: _pk_id.2.7371
Value: 663d68cb60984c87.1734833477.
today.lorientlejour.com/ Name: _pk_ses.2.7371
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 2c116001c516bd4412f47633d06f42ae
.lorientlejour.com/ Name: lotame_domain_check
Value: lorientlejour.com
.lorientlejour.com/ Name: _cc_id
Value: 2c116001c516bd4412f47633d06f42ae
.lorientlejour.com/ Name: panoramaId_expiry
Value: 1734919877143
.lorientlejour.com/ Name: __gads
Value: ID=aa79d2d790ecfa6b:T=1734833476:RT=1734833476:S=ALNI_MYNHliIT5IVW7Py6-4XNyVDm26gdg
.lorientlejour.com/ Name: __gpi
Value: UID=00000fbe8d536ca6:T=1734833476:RT=1734833476:S=ALNI_Mb_agAcxfQunw4JT2z0CddqGb9Q8A
.lorientlejour.com/ Name: __eoi
Value: ID=ed66d7d29f975167:T=1734833476:RT=1734833476:S=AA-AfjaYER1FIkUh4FT9DJNC-_QD
.lorientlejour.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9g9iqzB7YZIktFpS18TSwIMie5c-7SWZdiPlyMoGi0s4a8IEaR1z2Dgkt_3HBdobKqWGJo5KcXTE_HGOuymPb3ags9Pa31nu_xjFjI_uObaGqGdc12-EFytbBBWw8J9zA7iPNiWdCuoHlqO8hll5a3grNnww%3D%3D%22%5D%5D

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://today.lorientlejour.com/article/1371183/financing-hamas-the-central-bank-seeks-to-reassure-the-us-treasury.html
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics-cms.whitebeard.me
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.prod.uidapi.com
connect.facebook.net
csi.gstatic.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fd73923d42482a3d0dec7b5221f2ed3c.safeframe.googlesyndication.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
id5-sync.com
pagead2.googlesyndication.com
s.lorientlejour.com
securepubads.g.doubleclick.net
tags.crwdcntrl.net
td.doubleclick.net
today.lorientlejour.com
tpc.googlesyndication.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
www.google.com
142.250.31.100
142.250.31.156
142.251.16.156
142.251.163.132
142.251.163.155
142.251.163.94
142.251.167.156
142.251.167.157
157.240.229.1
162.19.138.83
172.253.115.105
172.253.115.106
172.67.75.16
2600:1408:c400:29::17da:da49
2600:9000:2199:2600:a:e047:754:f4a1
2606:4700:10::6816:3556
2606:4700:20::681a:2b8
2607:f8b0:4004:c06::84
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c08::84
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c0b::66
2607:f8b0:4004:c17::65
2607:f8b0:4004:c21::61
2607:f8b0:4023:403::78
3.167.69.97
31.13.66.35
52.54.3.156
67.43.6.132
020af8803a7f1fa525b22c646905ca2ff2a9c4fd6ef369644641a84f53e0458c
0344df366eeecd1ea1eff754952ed1c614fbcbd3636beef1baa50ca4f541fea0
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
04e91b031f9526ff060b6858d2839e93f91b0da5fbd8b8620455837e618e2906
0587b87b42a71fb1671352ae8809df8a4b66d042e93be595d17cc7cf291ca994
1289f5765c9e21f74deabc370dae5df831639287dda20035ca05ab320071e582
1480de584a99981871f8c7fdf53d69a62966e8d8800bc7f71473f38918406b4c
15e11193fd175fbcd331a1e404c799d347a0b156227c9a6a0fc6fef9ea8eb995
1a19417eca76b300ff0a852b0199ee1c440a92c2e09ddc8fb01b517c77e51e68
1bad3bce28cbd668b37a7db483393c94ff44018be0ffb8ebc6ef4cced50d1d65
1e0acb9522810df9c871be9222afb132553d87c868c5266f3ef119d85ac56a94
20c530ead30ba3d009a0b0c64a405e0eaca3f7141a03a751683b783f14cf67a5
24268d317888d8249a8d13f2f54706b940db2395c600b3c056233c320705e89f
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e482a7d6469fb8b67d0a44364612a723729cac2a461fb4bc71ac9c05e55cd35
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
360a5a8f3054f512e98eeaf7c8aa534bef3038f403ce495850179a45466eab36
39f5e96e6261892f12de1e546a16c9340928bfe52a3e5d77c220a7889678d48b
3a44b56e45fd3d6ccf55ed0318c70836f6208e403133f204823701593993a345
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3d0c4ed1924cb1c1e05184cc6c3faf225cbe18983630ece2db8809e90d4e051c
47e50e052e37f7821a31762d0db969e50b90f63602cbb64dec01470f1dad40b5
4ad804ea1eafc50ba5c6e371a7a1ca7568a9eb06ae91d716282a0879cdb8a18a
4af8ceabdad8c1dccf98a6a33c3d9a1135255bcf318fb91fbb507c4915134679
5aefdeef5b7b962fb7f98b6c6c5005b78541c99070ed3aa6b12a519629ddafc0
63845bba706fc806d033c56430a913c188d11af3b45b034ad5e0bd21a30dbdf3
66558ea233b4106a98c1f8bd1a0b12f2a39f5d86af516b73bec18954d7fbcf18
6c8c568fc8edcf8424cb1f42c6093dc40cc35d59d10d2d3127ec614e16d6e728
700b426b123cba760b7df2b13a270f23ff1c1c4a605282b8838bf8b29fd82458
7c1e87c07c6e59ff44e3c69c500676b7cf22dfdd094e6ecf7fb9fd6c57c3c4ae
7dfb917cbfd14803aded61f18c7943c41b318cb6e731723568e77033c203c8c4
805456b402f91c0e88103fd2b7e6d4ffc94af54f17ab0447dbdf52e09086cc63
8491fd24b44cd1575a558851201c0c36122ccf16fa56963c9d70dfc0afb55256
8bc85979a0b8a074a3bd2b3bc1a28c14692265385f966aff2c97d38d1bb6136f
8ccdecd146786c69b5ee8d0e57ca9f4794caa00773eff0fd011202f471536d58
904d6652428debf616e8c4f538c2a239b06668a6feda51017b9302431263d139
92cdfb56ad533931ac52dfacc292fc775073071ceec4d52feccdb8f1fb3d7762
93e47eeadf8624071da56650de743c8cdc5254c6e088e5cd5692d07f0270f86c
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
96f8fe3f00daadf2fc386d2b631bae2d88a1526c84a5350377939d96a1359c3a
982a34ac654edcfe8875076ee9772157ff4ac7662ecd2dfc34be007aecd4f631
99997424c8c9530d4e4422498fdcbbc21043ef4a10bb9bae8cfdd277f75a11cd
9a3273cdf57ec7f176f24e8e178a113411fcb5a2478d941125daf5cf5aa0ed31
a0e9e5401b559769e79057caf93d429762372b024f70a36813286c790e45fc0b
a4592d6459d1a18604e9e647f1cc975601fb6c9f073a36d8f66d1cc7fd50c177
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
b4ddb496b8952195d0485cfe5a52b175ed1ad4220b72cbbe0fdd4c2ec7821e38
b8d0402539061fce0cfc18e85bb03c513f3b67fdfaa477a4a205d04bf0c06e4e
b961bd6346afdaf27518f3315d53316b18514e52945e4079eee6e9b1d43b3e1a
bbcb55199563c973526acb66e3fbfe11e152dac53fbb954fa1d8e0948d20bac9
c6c03e7e0285fdb70fbfcd035df95dc448a40214109ecc90b5a26f6d6333794f
caf6f60338b6a4eddd7583ee70e416ab321de779a879fe0894dc31e382366c3f
cf93db5f15fb6b90864ea934827bca87f92e75ad6a3aab83881b1f6777ee8929
d3c6a836bdd9875d33477b5b865f2aba51b3d1ff72667b58cbdb96611898cf45
df35e83203b4b2d36b8539498199ba9fbc45ed98507306e39be7e0d82066ea93
e125f98312bd35bd481f546d03589585dea751692aa14ddb68f3869ef5bfd555
e34abfde20bc175c538ca66480a6ff5091dba3edbf93555951ff06bc331b109d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe486ab763ebe7206f11ad2a22dc927fc62cc5032ca4bbd82403ee0e3c04f66
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e
f907d2eaa76dd74e2c280d8bb75bdf7d11158beb71ed8c49b4ddbe5ce33e9188
fa74d4d7fa35d6b878aff1be82554fa59ce8bafbc2b3ffbfdd5963b5237357f0
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99