www.clubic.com Open in urlscan Pro
5.135.119.242 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-...
Submission: On February 02 via manual (February 2nd 2021, 2:19:16 am UTC) from HK

Summary HTTP 123 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 29 domains to perform 123 HTTP transactions. The main IP is 5.135.119.242, located in France and belongs to OVH, FR. The main domain is www.clubic.com.
TLS certificate: Issued by R3 on January 22nd 2021. Valid for: 3 months.

This is the only time www.clubic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	5.135.119.242 5.135.119.242	16276 (OVH) (OVH)
7	212.129.3.112 212.129.3.112	12876 (Online SAS) (Online SAS)
1	2606:4700:20:... 2606:4700:20::ac43:4a27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 21	5.135.119.243 5.135.119.243	16276 (OVH) (OVH)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
7	2600:9000:215... 2600:9000:2156:7600:4:c961:9640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	15.237.22.192 15.237.22.192	16509 (AMAZON-02) (AMAZON-02)
1	65.9.58.129 65.9.58.129	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	52.55.225.227 52.55.225.227	14618 (AMAZON-AES) (AMAZON-AES)
1	52.211.25.193 52.211.25.193	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
3	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
3	13.224.192.34 13.224.192.34	16509 (AMAZON-02) (AMAZON-02)
1	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:20e... 2600:9000:20eb:d200:19:2cf2:a900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.195.221.58 18.195.221.58	16509 (AMAZON-02) (AMAZON-02)
1	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	51.15.145.116 51.15.145.116	12876 (Online SAS) (Online SAS)
1	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1 2	52.95.124.165 52.95.124.165	16509 (AMAZON-02) (AMAZON-02)
1	143.204.93.120 143.204.93.120	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	185.64.189.216 185.64.189.216	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	18.159.63.118 18.159.63.118	16509 (AMAZON-02) (AMAZON-02)
1	99.80.71.186 99.80.71.186	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
123	43

20 5.135.119.242 (France)

ASN16276 (OVH, FR)
PTR: ip242.ip-5-135-119.eu

www.clubic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 212.129.3.112 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-112.rev.poneytelecom.eu

choices.consentframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a27 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.static-od.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 5.135.119.243 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip243.ip-5-135-119.eu

pic.clubic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forum.clubic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2156:7600:4:c961:9640:93a1 (United States)

ASN16509 (AMAZON-02, US)

a.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.237.22.192 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-22-192.eu-west-3.compute.amazonaws.com

w.estat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)

script.ownpage.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.225.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-225-227.compute-1.amazonaws.com

forms.mailmunch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.25.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-25-193.eu-west-1.compute.amazonaws.com

api.ownpage.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.34 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-34.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.212.16 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d200:19:2cf2:a900:93a1 (United States)

ASN16509 (AMAZON-02, US)

currency.prebid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.221.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-221-58.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.14 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.15.145.116 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 51-15-145-116.rev.poneytelecom.eu

js.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ct.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.124.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-120.fra50.r.cloudfront.net

assets.ownpage.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.216 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.63.118 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.71.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-71-186.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	clubic.com 2 redirects www.clubic.com pic.clubic.com forum.clubic.com	558 KB
11	googlesyndication.com pagead2.googlesyndication.com 214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com tpc.googlesyndication.com	146 KB
8	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	155 KB
8	google-analytics.com www.google-analytics.com	19 KB
8	mailmunch.co a.mailmunch.co forms.mailmunch.co	65 KB
7	consentframework.com choices.consentframework.com	174 KB
5	sddan.com 1 redirects js.sddan.com ct.sddan.com	6 KB
5	pubmatic.com 3 redirects hbopenbid.pubmatic.com image8.pubmatic.com image2.pubmatic.com	2 KB
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	34 KB
4	twitter.com platform.twitter.com	31 KB
3	google.de www.google.de adservice.google.de	1 KB
3	google.com www.google.com adservice.google.com	1 KB
3	ownpage.fr script.ownpage.fr api.ownpage.fr assets.ownpage.fr	8 KB
2	criteo.net static.criteo.net	51 KB
2	criteo.com bidder.criteo.com gum.criteo.com	144 B
2	3lift.com 1 redirects tlx.3lift.com eb2.3lift.com	745 B
2	rubiconproject.com secure-assets.rubiconproject.com fastlane.rubiconproject.com	7 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
1	adsrvr.org match.adsrvr.org	264 B
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	638 B
1	smartadserver.com prg.smartadserver.com	329 B
1	teads.tv a.teads.tv	297 B
1	adnxs.com ib.adnxs.com	714 B
1	prebid.org currency.prebid.org	2 KB
1	estat.com w.estat.com	515 B
1	gstatic.com fonts.gstatic.com	140 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
1	static-od.com scripts.static-od.com	106 KB
123	29

	Domain	Requested by
20	www.clubic.com	www.clubic.com
12	pic.clubic.com	www.clubic.com
9	forum.clubic.com	2 redirects www.clubic.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.clubic.com
7	a.mailmunch.co	www.clubic.com a.mailmunch.co ajax.googleapis.com
7	choices.consentframework.com	www.clubic.com choices.consentframework.com
5	pagead2.googlesyndication.com	www.clubic.com pagead2.googlesyndication.com
4	platform.twitter.com	www.clubic.com platform.twitter.com
3	image8.pubmatic.com	2 redirects www.clubic.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
3	214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ct.sddan.com	js.sddan.com
3	c.amazon-adsystem.com	scripts.static-od.com c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	scripts.static-od.com securepubads.g.doubleclick.net
2	static.criteo.net	scripts.static-od.com static.criteo.net
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	js.sddan.com	1 redirects www.clubic.com
2	www.google.de	www.clubic.com
2	www.google.com	www.clubic.com
2	stats.g.doubleclick.net	www.google-analytics.com
1	gum.criteo.com	static.criteo.net
1	match.adsrvr.org	www.clubic.com
1	eb2.3lift.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	fonts.googleapis.com	a.mailmunch.co
1	assets.ownpage.fr	a.mailmunch.co
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	bidder.criteo.com	scripts.static-od.com
1	prg.smartadserver.com	scripts.static-od.com
1	fastlane.rubiconproject.com	scripts.static-od.com
1	a.teads.tv	scripts.static-od.com
1	hbopenbid.pubmatic.com	scripts.static-od.com
1	ib.adnxs.com	scripts.static-od.com
1	tlx.3lift.com	scripts.static-od.com
1	currency.prebid.org	scripts.static-od.com
1	secure-assets.rubiconproject.com	scripts.static-od.com
1	api.ownpage.fr	www.clubic.com
1	forms.mailmunch.co	a.mailmunch.co
1	ajax.googleapis.com	a.mailmunch.co
1	script.ownpage.fr	www.clubic.com
1	w.estat.com	www.clubic.com
1	fonts.gstatic.com	www.clubic.com
1	www.googletagmanager.com	www.clubic.com
1	scripts.static-od.com	www.clubic.com
123	49

This site contains links to these domains. Also see Links.

Domain
forum.clubic.com
fr-fr.facebook.com
twitter.com
www.twitch.tv
www.youtube.com
www.linkedin.com
pic.clubic.com
www.engadget.com
blog.google
clubi.cc
www.tkqlhce.com
www.awin1.com
prf.hn
a8719.boutique-eset.com
191.media
www.welcometothejungle.com

Subject Issuer	Validity	Valid
clubic.com R3	`2021-01-22` - `2021-04-22`	3 months	crt.sh
choices.consentframework.com R3	`2020-12-02` - `2021-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-06` - `2021-07-06`	a year	crt.sh
pic.clubic.com R3	`2020-12-06` - `2021-03-06`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.mailmunch.co Amazon	`2020-03-25` - `2021-04-25`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.estat.com Gandi Standard SSL CA 2	`2019-12-04` - `2022-02-09`	2 years	crt.sh
*.ownpage.fr Amazon	`2020-12-11` - `2022-01-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
forum.clubic.com R3	`2021-01-14` - `2021-04-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
forms.mailmunch.co R3	`2020-12-28` - `2021-03-28`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.prebid.org Amazon	`2020-09-25` - `2021-10-26`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-11-19` - `2021-02-17`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.sddan.com RapidSSL RSA CA 2018	`2020-02-17` - `2022-05-18`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh

This page contains 14 frames:

Primary Page: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Frame ID: 56EE447421D641B2E099EEB3881760D3
Requests: 108 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.clubic.com
Frame ID: 3A1176A54D94790EA4E3D73D77E9A985
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/index.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1353856344655204352&lang=fr&origin=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&siteScreenName=Clubic&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Frame ID: E15AA41874FA34416C1B58E9C4AD524A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html
Frame ID: 8C069B0A48D74AA164EFC90DFFDDB8F3
Requests: 1 HTTP requests in this frame

Frame: https://ct.sddan.com/CT.d?iframeUrl=https%3A%2F%2Fmap.sddan.com%2FSC.d%3Fmapnames%3Dnexus%2Ctaboola%2Cfreewheel%2Cweborama%2Csquadata%2Cttd%2Cadobe%2Cgroupm%2Caudiencerate%2Cgoogle%2Cyahoo%2Cexelate%2Crubicon%2Csmart
Frame ID: EE755FFE4062463BDD572F24E3C18459
Requests: 1 HTTP requests in this frame

Frame: https://ct.sddan.com/CT.d?imgUrl=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fsync-uid.leadplace.fr%2Fsync-uid.php%3Fpart%3Dsirapp%26id%3D%2524UID%26gdpr%3D0
Frame ID: A0E70D98AD6C7FD64ACB4ED27513A834
Requests: 1 HTTP requests in this frame

Frame: https://ct.sddan.com/CT.d?imgUrl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtemelio_dmp%26google_sc%26google_cm%26gdpr%3D0
Frame ID: BA3404932CA4DFE91C94B951EB03B980
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=0&client=ca-pub-9540567666833588&output=html&adk=293675617&adf=814277786&lmt=1612232319&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&ea=0&flash=0&pra=5&wgl=1&dt=1612232319418&bpp=12&bdt=726&idt=138&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4871064511777&frm=20&pv=2&ga_vid=1439922371.1612232319&ga_sid=1612232320&ga_hid=1903383014&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C44735932%2C21068769%2C21068893&oid=3&pvsid=1736375433190984&pem=809&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=159
Frame ID: 89D3946685B3617E39059FC04D0DBC9B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-index_pm-db5_rbd_cnv_3lift&dcc=t
Frame ID: 978B4FB51B9A714015861C0DDAB7DD55
Requests: 1 HTTP requests in this frame

Frame: https://a.mailmunch.co/v2/themes/mailmunch/falcon/popover/index.css
Frame ID: 8F0E8363ECC40467FB043A456CBB64ED
Requests: 5 HTTP requests in this frame

Frame: https://214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 2FDD3044572522DAF9EE741758B965CB
Requests: 1 HTTP requests in this frame

Frame: https://214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 425608646C11D18A50DB987C07A5D0E8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.clubic.com
Frame ID: A902794EAAFBA86ABDBB761F0B2608A9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 84FAE66E24059735036910CDC91004B5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

123
Requests

100 %
HTTPS

43 %
IPv6

29
Domains

49
Subdomains

43
IPs

8
Countries

1602 kB
Transfer

4097 kB
Size

3
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://forum.clubic.com//signup
Title: Créer un compte

Search URL Search Domain Scan URL

URL: https://forum.clubic.com//password-reset
Title: J'ai oublié mon mot de passe

Search URL Search Domain Scan URL

URL: https://forum.clubic.com/
Title: Communauté

Search URL Search Domain Scan URL

URL: https://fr-fr.facebook.com/Clubic/
Title: Facebook Clubic

Search URL Search Domain Scan URL

URL: https://twitter.com/Clubic
Title: Twitter Clubic

Search URL Search Domain Scan URL

URL: https://twitter.com/ClubicBonsPlans
Title: Twitter Clubic Bons Plans

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/clubic_gaming
Title: Twitch Clubic

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Clubic
Title: Youtube Clubic

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/clubic/
Title: Linkedin Clubic

Search URL Search Domain Scan URL

URL: https://twitter.com/BruelBen
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/benjamin-bruel-cv/
Title:

Search URL Search Domain Scan URL

URL: https://pic.clubic.com/v1/images/1851937/raw
Title:

Search URL Search Domain Scan URL

URL: https://www.engadget.com/google-north-korean-campaign-security-researchers-060603985.html
Title: Engadget

Search URL Search Domain Scan URL

URL: https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/
Title: Google

Search URL Search Domain Scan URL

URL: https://clubi.cc/77540696
Title: Voir l'offre

Search URL Search Domain Scan URL

URL: http://www.tkqlhce.com/click-8730572-13644324
Title: Voir l'offre

Search URL Search Domain Scan URL

URL: https://www.awin1.com/awclick.php?gid=394062&mid=19485&awinaffid=483061&linkid=2685644&clickref=
Title: Voir l'offre

Search URL Search Domain Scan URL

URL: https://prf.hn/click/camref:1100l9LZC
Title: Voir l'offre

Search URL Search Domain Scan URL

URL: https://a8719.boutique-eset.com/45-eset-smart-security-premium?utm_source=clubic.com&utm_medium=referral&utm_campaign=logitheque&utm_content=essp%20target=_blank%20rel=
Title: Voir l'offre

Search URL Search Domain Scan URL

URL: https://191.media/
Title: Publicité

Search URL Search Domain Scan URL

URL: https://www.welcometothejungle.com/fr/companies/clubic
Title: Recrutement

Search URL Search Domain Scan URL

URL: https://forum.clubic.com/t/charte-de-la-communaute-clubic/415167
Title: Charte de contribution

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://js.sddan.com/GS.d?si=4&subcat_name=Malware&cat_name=Logiciel&hd_m=&hd_s256=&postal_code=&product_brand=&product_name=&uf_bday=&uf_gender=&pa=22690&c=IKVR3&cmp=0&u=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&r=&rand=1612232319358&gdpr=0&gdpr_consent=&globalscope=false&tbp=true HTTP 307
https://js.sddan.com/GS.d?si=4&subcat_name=Malware&cat_name=Logiciel&hd_m=&hd_s256=&postal_code=&product_brand=&product_name=&uf_bday=&uf_gender=&pa=22690&c=IKVR3&cmp=0&u=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&r=&rand=1612232319358&gdpr=0&gdpr_consent=&globalscope=false&tbp=true&bounce=1

Request Chain 97

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-index_pm-db5_rbd_cnv_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-index_pm-db5_rbd_cnv_3lift&dcc=t

Request Chain 104

https://forum.clubic.com/user_avatar/forum.clubic.com/nicgrover/43/27911_2.png HTTP 302
https://forum.clubic.com/user_avatar/forum.clubic.com/nicgrover/45/27911_2.png

Request Chain 107

https://forum.clubic.com/user_avatar/forum.clubic.com/maspriborintorg/43/51832_2.png HTTP 302
https://forum.clubic.com/user_avatar/forum.clubic.com/maspriborintorg/45/51832_2.png

Request Chain 114

https://image8.pubmatic.com/AdServer/ImgSync?p=158939&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=158939&gdpr=0&gdpr_consent=&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkNEMUY4RjYtNTVFQy00ODhFLUIzODQtNTE4QjNENTRFMDlF&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 115

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

123 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html Show response
www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/ 181 KB
37 KB 126ms
52ms Document
text/html 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: f8aae5aa6a5c208b3ff58438fd87bd86ae5f374864107697d2dde8ab474bc4fe

Request headers

:method: GET
:authority: www.clubic.com
:scheme: https
:path: /antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=3600, public
date: Tue, 02 Feb 2021 01:30:56 GMT
etag: W/"408fde2d1490ff13e88bbaba64a582da"
x-via-popn: front01
content-encoding: gzip
x-cacheable: yes
x-varnish: 177418083 177319061
age: 2861
x-via-popv: front03
x-cache: HIT
accept-ranges: bytes
content-length: 37799
x-via-poph: front03

GET
H2 200 inter-regular.woff2
www.clubic.com/assets/fonts/ 12 KB
12 KB 40ms
39ms Font
font/woff2 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubic.com/assets/fonts/inter-regular.woff2

Requested by

Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.135.119.242 , France, ASN16276 (OVH, FR),

Reverse DNS

ip242.ip-5-135-119.eu

Software

Resource Hash

2671ad9f93451b8f86097c6e19e6a3e81b35ec81769e39f916c0547bbe7cdbe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.clubic.com
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 15:04:38 GMT
x-via-popv: front03
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 10:26:10 GMT
age: 1854839
etag: "5ffc27c2-2e0c"
x-cacheable: yes
x-cache: HIT
content-type: font/woff2
cache-control: max-age=2592000, public
x-varnish: 177418084 62101319
accept-ranges: bytes
content-length: 11788
x-via-poph: front03
expires: Wed, 10 Feb 2021 15:04:38 GMT

GET
H2 200 inter-bold.woff2
www.clubic.com/assets/fonts/ 12 KB
12 KB 40ms
40ms Font
font/woff2 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clubic.com/assets/fonts/inter-bold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.135.119.242 , France, ASN16276 (OVH, FR),

Reverse DNS

ip242.ip-5-135-119.eu

Software

Resource Hash

40ea68936786a5e8d8bb1006335b3fc6da1969d8c0d5974d6096dc7e028bf993

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.clubic.com
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 11 Jan 2021 15:04:38 GMT
x-via-popv: front03
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 10:26:10 GMT
age: 1854839
etag: "5ffc27c2-2f38"
x-cacheable: yes
x-cache: HIT
content-type: font/woff2
cache-control: max-age=2592000, public
x-varnish: 176710468 61815405
accept-ranges: bytes
content-length: 12088
x-via-poph: front03
expires: Wed, 10 Feb 2021 15:04:38 GMT

GET
H2 200 a432d2e.css
www.clubic.com/assets/css/ 37 KB
7 KB 45ms
44ms Stylesheet
text/css 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/assets/css/a432d2e.css?1.16.2
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: ae83305eec65c2cda8df97afbe9e0ad2422a4094fd14b3c667d11e026b915948

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:57:38 GMT
content-encoding: gzip
x-cacheable: yes
age: 33660
x-via-popv: front01
x-cache: HIT
content-length: 7343
x-via-poph: front03
last-modified: Mon, 01 Feb 2021 16:57:30 GMT
etag: W/"601832fa-92ad"
vary: Accept-Encoding
x-varnish: 51050655 49176935
cache-control: max-age=604800, public
accept-ranges: bytes
content-type: text/css
expires: Mon, 08 Feb 2021 16:57:38 GMT

GET
H2 200 c29e256.css
www.clubic.com/assets/css/ 94 KB
18 KB 49ms
48ms Stylesheet
text/css 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/assets/css/c29e256.css?1.16.2
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: a1d73fb0b4366a22678e4eb7b9079a461e3d8317a1bdef008743a80aabaf3791

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:57:38 GMT
content-encoding: gzip
x-cacheable: yes
age: 33660
x-via-popv: front03
x-cache: HIT
content-length: 18448
x-via-poph: front03
last-modified: Mon, 01 Feb 2021 16:57:16 GMT
etag: W/"601832ec-1791c"
vary: Accept-Encoding
x-varnish: 176710469 174112472
cache-control: max-age=604800, public
accept-ranges: bytes
content-type: text/css
expires: Mon, 08 Feb 2021 16:57:38 GMT

GET
H2 200 62562ae.css
www.clubic.com/assets/css/ 12 KB
2 KB 50ms
49ms Stylesheet
text/css 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/assets/css/62562ae.css?1.16.2
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: 266f7d99ab5955fafa20741bcb525b30864f106652948f8dc4a7b28dc2bcb77a

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:57:38 GMT
content-encoding: gzip
x-cacheable: yes
age: 33660
x-via-popv: front02
x-cache: HIT
content-length: 1867
x-via-poph: front03
last-modified: Mon, 01 Feb 2021 16:57:13 GMT
etag: W/"601832e9-3117"
vary: Accept-Encoding
x-varnish: 492028692 490264959
cache-control: max-age=604800, public
accept-ranges: bytes
content-type: text/css
expires: Mon, 08 Feb 2021 16:57:38 GMT

GET
H2 200 f1d8b8a.css
www.clubic.com/assets/css/ 12 KB
2 KB 51ms
50ms Stylesheet
text/css 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/assets/css/f1d8b8a.css?1.16.2
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: d788f14393617c09961a71a374bd75a107bc726ab0384586879ed68fcc0c4f1a

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:57:38 GMT
content-encoding: gzip
x-cacheable: yes
age: 33660
x-via-popv: front01
x-cache: HIT
content-length: 1849
x-via-poph: front03
last-modified: Mon, 01 Feb 2021 16:57:17 GMT
etag: W/"601832ed-31d6"
vary: Accept-Encoding
x-varnish: 51050656 49176939
cache-control: max-age=604800, public
accept-ranges: bytes
content-type: text/css
expires: Mon, 08 Feb 2021 16:57:38 GMT

GET
H2 200 8441de5.css
www.clubic.com/assets/css/ 69 KB
11 KB 54ms
54ms Stylesheet
text/css 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/assets/css/8441de5.css?1.16.2
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: a029f568a352f24c8ea91b673757e9ceda5553c448c8153697df6bf44a13b2a2

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:57:38 GMT
content-encoding: gzip
x-cacheable: yes
age: 33660
x-via-popv: front02
x-cache: HIT
content-length: 11229
x-via-poph: front03
last-modified: Mon, 01 Feb 2021 16:57:10 GMT
etag: W/"601832e6-1143d"
vary: Accept-Encoding
x-varnish: 492002213 490036550
cache-control: max-age=604800, public
accept-ranges: bytes
content-type: text/css
expires: Mon, 08 Feb 2021 16:57:38 GMT

GET
H2 200 stub Show response
choices.consentframework.com/js/pa/22690/c/IKVR3/ 3 KB
2 KB 105ms
35ms Script
text/javascript 212.129.3.112
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/js/pa/22690/c/IKVR3/stub

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.112 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

212-129-3-112.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

c679280313c63c9cc14fbccb6f86d9f51bff04783cec4c96cdc09850a395a837

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:38 GMT
cache-control: max-age=3600
server: nginx/1.11.3
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8

GET
H2 200 cmp Show response
choices.consentframework.com/js/pa/22690/c/IKVR3/ 622 KB
171 KB 51ms
39ms Script
text/javascript 212.129.3.112
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/js/pa/22690/c/IKVR3/cmp

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.112 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

212-129-3-112.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

e0e9ba7c66db6fdc4a62126a0df7843cd605bc304097315ce9ee9f58476b86dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:38 GMT
cache-control: private, max-age=3600
server: nginx/1.11.3
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8

GET
H2 200 / Show response
scripts.static-od.com/setup/ 400 KB
106 KB 54ms
27ms Script
text/javascript 2606:4700:20::ac43:4a27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.static-od.com/setup/?site=clubic
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7a84f3a76ca806208a152a7180cbaa119c459a3f77b5c45cd93ad49e2d58fc

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3029
cf-polished: origSize=444170
cf-request-id: 080221f73e00002be9e2ab3000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qi1wDAR8eiYNdJHTN3XcvihphD9xSMv2W%2BYszaO4%2Fkzoot8r4%2B%2BYuG2FfC67awQ3tPdeJYokvzcXWQABxU0Aa7RqtiQ66kLXpTfHczBgNjmZN%2BOd1zzFvPtG79rTLJ2M3WI%3D"}],"group":"cf-nel"}
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=7200
cf-ray: 61b06c386ae62be9-FRA
expires: Tue, 02 Feb 2021 03:28:09 GMT

GET
H2 200 raw.webp
pic.clubic.com/v1/images/1851937/ 286 KB
286 KB 119ms
36ms Image
image/webp 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1851937/raw.webp?fit=max&width=1200&hash=7c5619ad068265cda9821f93f57e468fa234da83
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.243 , France, ASN16276 (OVH, FR),
Reverse DNS: ip243.ip-5-135-119.eu
Software: /
Resource Hash: d0468ace0298e02972192363fef52533ad91febd39a676892eabcf120ad9d5aa

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 16:23:18 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics01
x-cacheable: Yes
age: 294920
x-cache: HIT
x-varnish: 186467794 164310884
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: image/webp
content-length: 292500
x-via-poph: front01

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 60ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9A) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 02:18:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (amb/6B9A)
Age: 392
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28698

GET
H2 200 raw.webp
pic.clubic.com/v1/images/1844883/ 876 B
1 KB 137ms
54ms Image
image/webp 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1844883/raw.webp?fit=smartCrop&width=32&height=32&hash=8096699b5efc186b91c8db1d39fefc0b7e4e591d
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.243 , France, ASN16276 (OVH, FR),
Reverse DNS: ip243.ip-5-135-119.eu
Software: /
Resource Hash: 6d1b9cdabea9fa6bf623db98ebf156ac2855616caddeca73224b8488ea03357a

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 15:47:57 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics01
x-cacheable: Yes
age: 37841
x-cache: HIT
x-varnish: 213963210 210194182
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: image/webp
content-length: 876
x-via-poph: front01

GET
H2 200 raw.webp
pic.clubic.com/v1/images/1491931/ 1 KB
1 KB 160ms
78ms Image
image/webp 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1491931/raw.webp?fit=smartCrop&width=32&height=32&hash=140e24f7ed30c0362304526e4fd08722b8bd3c7b
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.243 , France, ASN16276 (OVH, FR),
Reverse DNS: ip243.ip-5-135-119.eu
Software: /
Resource Hash: 3d2d4e18240e326c8e93c324902207298d5f0a057a3f13218bee68bb43b771f4

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 15:47:57 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics02
x-cacheable: Yes
age: 37841
x-cache: HIT
x-varnish: 186364972 183731600
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: image/webp
content-length: 1032
x-via-poph: front01

GET
H2 200 raw.webp
pic.clubic.com/v1/images/1505022/ 852 B
1 KB 159ms
77ms Image
image/webp 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1505022/raw.webp?fit=smartCrop&width=32&height=32&hash=a621ae00bb1e04df7e233df0656f823583477917
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.243 , France, ASN16276 (OVH, FR),
Reverse DNS: ip243.ip-5-135-119.eu
Software: /
Resource Hash: d088bc7b501be21a723912b9b77a8691d8a438081e1cc3905f56e40251274f68

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 15:47:57 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics02
x-cacheable: Yes
age: 37841
x-cache: HIT
x-varnish: 186399754 182854699
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: image/webp
content-length: 852
x-via-poph: front01

GET
H2 200 raw.webp
pic.clubic.com/v1/images/1836775/ 530 B
775 B 137ms
55ms Image
image/webp 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1836775/raw.webp?fit=smartCrop&width=32&height=32&hash=a509b621c7b3eb07d78f5c0e3f915098b431a11c
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.243 , France, ASN16276 (OVH, FR),
Reverse DNS: ip243.ip-5-135-119.eu
Software: /
Resource Hash: 33d016b36b1bf39bb3026a10c5cec5dba26f66a75527765bb344cd833fe51aa4

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 15:47:57 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics02
x-cacheable: Yes
age: 37841
x-cache: HIT
x-varnish: 214700916 211095990
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: image/webp
content-length: 530
x-via-poph: front01

GET
H2 200 raw.webp
pic.clubic.com/v1/images/1790241/ 1 KB
1 KB 201ms
119ms Image
image/webp 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1790241/raw.webp?fit=smartCrop&width=32&height=32&hash=50277e2fb91ffa50b96222240dc534e563ea3174
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.243 , France, ASN16276 (OVH, FR),
Reverse DNS: ip243.ip-5-135-119.eu
Software: /
Resource Hash: b57fbf414f430030e0602a18c51eb14d1cff5921dd849e70a3ac456e12f85138

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 20:26:13 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics02
x-cacheable: Yes
age: 21144
x-cache: HIT
x-varnish: 185710312 184767506
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: image/webp
content-length: 1116
x-via-poph: front01

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 97 KB
34 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T95PRJD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c363c5b169b007e8c63b7ee0743546f2dba88223be03620b2a554953f660f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35117
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Feb 2021 02:18:38 GMT

GET
H2 200 arrow.svg
www.clubic.com/assets/bundles/m6clubic/img/ 481 B
648 B 38ms
37ms Image
image/svg+xml 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.clubic.com/assets/bundles/m6clubic/img/arrow.svg?1.16.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.135.119.242 , France, ASN16276 (OVH, FR),

Reverse DNS

ip242.ip-5-135-119.eu

Software

Resource Hash

cec95965f263866b3249a8d82040b3a6986ea3ab28727967be92f8d48be0f47c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: yes
age: 33659
x-via-popv: front01
x-cache: HIT
content-length: 297
x-via-poph: front03
last-modified: Mon, 01 Feb 2021 16:56:56 GMT
etag: W/"601832d8-1e1"
vary: Accept-Encoding
x-varnish: 51468319 49299274
cache-control: max-age=604800, public
accept-ranges: bytes
content-type: image/svg+xml
expires: Mon, 08 Feb 2021 16:57:38 GMT

GET
H2 200 jquery.js Show response
www.clubic.com/assets/js/ 125 KB
38 KB 35ms
35ms Script
application/javascript 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/assets/js/jquery.js
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: 681c7a3563e8c71b527cafa9b34d5cd11a3774a1b6cc6b2f131eb5e75671afe2

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 15:04:41 GMT
content-encoding: gzip
x-cacheable: yes
age: 40437
x-via-popv: front03
x-cache: HIT
content-length: 38822
x-via-poph: front03
last-modified: Mon, 01 Feb 2021 14:57:16 GMT
etag: W/"601816cc-1f2ab"
vary: Accept-Encoding
x-varnish: 176710470 173093646
cache-control: max-age=604800, public
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 08 Feb 2021 15:04:41 GMT

GET
H2 200 router.js Show response
www.clubic.com/assets/js/ 4 KB
2 KB 38ms
35ms Script
application/javascript 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/assets/js/router.js
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: 7adbfc83b0d6cb2eac1f5fcaba53539135dbf791b7760632aec95e54e6cdbfe8

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 10:56:53 GMT
content-encoding: gzip
x-cacheable: yes
age: 487305
x-via-popv: front02
x-cache: HIT
content-length: 1842
x-via-poph: front03
last-modified: Wed, 27 Jan 2021 09:42:52 GMT
etag: W/"6011359c-ff8"
vary: Accept-Encoding
x-varnish: 492002214 468739072
cache-control: max-age=604800, public
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 03 Feb 2021 10:56:53 GMT

GET
H2 200 4a7101b.js Show response
www.clubic.com/assets/js/ 43 KB
13 KB 39ms
37ms Script
application/javascript 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/assets/js/4a7101b.js?1.16.2
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: 5a01c8532be4332fd622a0d2e85d94b78731d1d10604cbcaae0fceca3da50f3d

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:57:38 GMT
content-encoding: gzip
x-cacheable: yes
age: 33660
x-via-popv: front02
x-cache: HIT
content-length: 13449
x-via-poph: front03
last-modified: Mon, 01 Feb 2021 16:57:14 GMT
etag: W/"601832ea-ad4a"
vary: Accept-Encoding
x-varnish: 492028693 490201715
cache-control: max-age=604800, public
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 08 Feb 2021 16:57:38 GMT

GET
H2 200 routing Show response
www.clubic.com/js/ 10 KB
2 KB 40ms
37ms Script
application/javascript 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/js/routing?callback=fos.Router.setData&1.16.2
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: 2caf135717a96501eecfec5411c7db8be52223162a806b5abb48d890322f32f1

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:57:40 GMT
content-encoding: gzip
x-via-popn: front02
age: 1258
vary: Accept-Encoding
x-via-popv: front01
x-varnish: 51393074 49859529
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/javascript
content-length: 1509
x-via-poph: front03

GET
H2 200 site.js Show response
a.mailmunch.co/app/v1/ 24 KB
8 KB 27ms
6ms Script
text/javascript 2600:9000:2156:7600:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/site.js
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7600:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8c08382650607d491decf679e338e0a2d79d29241619abd74f3350bfde6fbfb

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 10:56:28 GMT
content-encoding: gzip
age: 55331
x-cache: Hit from cloudfront
content-length: 8160
access-control-allow-origin: *
last-modified: Mon, 01 Feb 2021 09:06:20 GMT
server: AmazonS3
etag: "80a67876507cddc5a3b293bf7da1347d"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: KPrrD_NcbJj6JzXiZOcS8IF82iiEKgxoiHFvwez_UVzaD8QwtAiknw==

GET
H2 200 9b24d27.js Show response
www.clubic.com/assets/js/ 227 KB
70 KB 39ms
38ms Script
application/javascript 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/assets/js/9b24d27.js?1.16.2
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: 71399717305b09c8fb442c33440c2cfc135ebd246d8e9bbbc6dc5a32d29105ca

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:57:38 GMT
content-encoding: gzip
x-cacheable: yes
age: 33660
x-via-popv: front02
x-cache: HIT
content-length: 71695
x-via-poph: front03
last-modified: Mon, 01 Feb 2021 16:57:29 GMT
etag: W/"601832f9-38cd8"
vary: Accept-Encoding
x-varnish: 492258595 490639291
cache-control: max-age=604800, public
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 08 Feb 2021 16:57:38 GMT

GET
H2 200 c1d48f9.js Show response
www.clubic.com/assets/js/ 230 B
502 B 42ms
41ms Script
application/javascript 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/assets/js/c1d48f9.js?1.16.2
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: 38f03e89dc0a74224affb313644ee059d7af75dc18fe32f82677e15c87d455b5

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:57:38 GMT
content-encoding: gzip
x-cacheable: yes
age: 33660
x-via-popv: front02
x-cache: HIT
content-length: 173
x-via-poph: front03
last-modified: Mon, 01 Feb 2021 16:57:31 GMT
etag: W/"601832fb-e6"
vary: Accept-Encoding
x-varnish: 492066826 490513904
cache-control: max-age=604800, public
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 08 Feb 2021 16:57:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T95PRJD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3875
date: Tue, 02 Feb 2021 01:14:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 02 Feb 2021 03:14:03 GMT

GET
H2 200 raw
pic.clubic.com/v1/images/1747133/ 1 KB
1 KB 106ms
106ms Image
image/jpeg 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1747133/raw?width=48&height=48&fit=max&hash=48dacac8fad19675e512dc7169ab031290ebc9fd
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.243 , France, ASN16276 (OVH, FR),
Reverse DNS: ip243.ip-5-135-119.eu
Software: /
Resource Hash: 7976e2068bdfb2fbab4a32a16c3447218090259081d01496b0b41327448bfc82

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 18 Jan 2021 10:44:26 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics02
x-cacheable: Yes
age: 1265651
x-cache: HIT
x-varnish: 186364973 31588416
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: image/jpeg
content-length: 1250
x-via-poph: front01

GET
H2 200 raxhHiqOu8IVPmnRc6SY1KXhnF_Y8XbYCL8.ttf
fonts.gstatic.com/s/bitter/v17/ 140 KB
140 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v17/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8XbYCL8.ttf

Requested by

Host: www.clubic.com
URL: https://www.clubic.com/assets/css/c29e256.css?1.16.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72c5e40ac49f5e971441e5539d15d2bb93b5a90e42cdb4054e21cbca0793f1a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.clubic.com
Referer: https://www.clubic.com/assets/css/c29e256.css?1.16.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 10:45:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 21:04:46 GMT
server: sffe
age: 228803
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143288
x-xss-protection: 0
expires: Sun, 30 Jan 2022 10:45:15 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK whap.js Show response
w.estat.com/js/ 0
515 B 126ms
42ms Script
application/javascript 15.237.22.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.estat.com/js/whap.js
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 15.237.22.192 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-237-22-192.eu-west-3.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 02:18:39 GMT
Last-Modified: Thu, 27 Oct 2011 05:06:33 GMT
Server: Apache
p3p: policyref="/w3c/p3p.xml",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA", policyref="/w3c/p3p.xml",CP="NOI DSP COR CURa DEVa PSAa STP UNI COM NAV OUR INT"
Cache-Control: max-age=3600, public
Content-Type: application/javascript
Content-Length: 0
Expires: Tue, 02 Feb 2021 03:18:39 GMT

GET
H2 200 base-url Show response
www.clubic.com/commentaires/ 41 B
292 B 35ms
35ms XHR
application/json 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/commentaires/base-url
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: 66712ae98b2f7c08f41f858e9f533aa5941249cad0147c94da7dc431f590f784

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:57:50 GMT
content-encoding: gzip
x-via-popn: front02
age: 1248
vary: Accept-Encoding
x-via-popv: front03
x-varnish: 176710471 177447039
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/json
content-length: 61
x-via-poph: front03

GET
DATA 200
OK truncated
/ 38 B
38 B Other
image/webp

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 base-url Show response
www.clubic.com/commentaires/ 41 B
292 B 35ms
35ms XHR
application/json 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/commentaires/base-url
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/assets/js/4a7101b.js?1.16.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: 66712ae98b2f7c08f41f858e9f533aa5941249cad0147c94da7dc431f590f784

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:57:50 GMT
content-encoding: gzip
x-via-popn: front02
age: 1248
vary: Accept-Encoding
x-via-popv: front03
x-varnish: 176710472 177447039
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/json
content-length: 61
x-via-poph: front03

GET
H2 200 base-url Show response
www.clubic.com/commentaires/ 41 B
292 B 36ms
35ms XHR
application/json 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/commentaires/base-url
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/assets/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: 66712ae98b2f7c08f41f858e9f533aa5941249cad0147c94da7dc431f590f784

Request headers

Accept: */*
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:57:50 GMT
content-encoding: gzip
x-via-popn: front02
age: 1248
vary: Accept-Encoding
x-via-popv: front03
x-varnish: 176710473 177447039
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/json
content-length: 61
x-via-poph: front03

GET
H2 200 443582 Show response
www.clubic.com/commentaires/ 20 KB
3 KB 918ms
918ms XHR
text/html 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/commentaires/443582
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/assets/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: 0a258c75df11cd189b2b1ba01ae647cc01bee6ed3a191a24aa167109b5a4b8b6

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
x-via-popn: front02
age: 0
vary: Accept-Encoding
x-via-popv: front02
x-varnish: 492002215
cache-control: no-cache
x-cache: MISS
accept-ranges: bytes
content-type: text/html; charset=UTF-8
x-via-poph: front03

GET
H/1.1 200
OK ownpage.js Show response
script.ownpage.fr/v1/ 2 KB
1 KB 101ms
26ms Script
application/javascript 65.9.58.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.ownpage.fr/v1/ownpage.js
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/assets/js/9b24d27.js?1.16.2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47dcc5ccddda02ae4a968f0d40073bcd4c1fff886815b0ea5064c6f2d96b535a

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Feb 2021 20:13:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Mar 2020 14:26:58 GMT
Server: AmazonS3
Age: 21886
ETag: "d8294557b39e581c7b73d8741f78cf18"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 1034
X-Amz-Cf-Id: TtDus3gcPxcg-TJbVD0nEdaT2fD8tlwkYg03t2xg5ayPS-vajDVZvw==

GET
H2 200 raw.webp
pic.clubic.com/v1/images/1858264/ 4 KB
4 KB 37ms
35ms Image
image/webp 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1858264/raw.webp?fit=smartCrop&width=75&height=75&hash=be74cf2c4eea92a990d879a63dea008ae68de9a4
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.243 , France, ASN16276 (OVH, FR),
Reverse DNS: ip243.ip-5-135-119.eu
Software: /
Resource Hash: 4c06021095f6f8717e6bac9413d0c5197c23425ed15c8c7383600b406ee8d646

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:07:07 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics01
x-cacheable: Yes
age: 33091
x-cache: HIT
x-varnish: 186364974 184128920
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: image/webp
content-length: 4226
x-via-poph: front01

GET
H2 200 raw.webp
pic.clubic.com/v1/images/1858300/ 3 KB
3 KB 36ms
35ms Image
image/webp 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1858300/raw.webp?fit=smartCrop&width=75&height=75&hash=98745c5e6924550315ee28977679d8d0caf43bf1
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.243 , France, ASN16276 (OVH, FR),
Reverse DNS: ip243.ip-5-135-119.eu
Software: /
Resource Hash: 43619edb893c75de7882492d9e8e60e10fb3f71fc790887f4cf4fcd18922acb0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 11:01:00 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics01
x-cacheable: Yes
age: 55058
x-cache: HIT
x-varnish: 186467795 180822839
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: image/webp
content-length: 3056
x-via-poph: front01

GET
H2 200 raw.webp
pic.clubic.com/v1/images/1856467/ 4 KB
4 KB 36ms
35ms Image
image/webp 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1856467/raw.webp?fit=smartCrop&width=75&height=75&hash=bc3a4ce9ce66ccbf8f2637e4728b9ef6547e01dd
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.243 , France, ASN16276 (OVH, FR),
Reverse DNS: ip243.ip-5-135-119.eu
Software: /
Resource Hash: 16b5bbfdf6786d78042d4da83f13d7d01316284dfe14312491ac665534b2fddc

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 17:36:01 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics02
x-cacheable: Yes
age: 117757
x-cache: HIT
x-varnish: 214700919 204120516
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: image/webp
content-length: 3732
x-via-poph: front01

GET
H2 200 raw.webp
pic.clubic.com/v1/images/1856253/ 2 KB
2 KB 36ms
36ms Image
image/webp 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1856253/raw.webp?fit=smartCrop&width=75&height=75&hash=61540954ca1d3e9ebda8d1d10f5fba5c958a7178
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.243 , France, ASN16276 (OVH, FR),
Reverse DNS: ip243.ip-5-135-119.eu
Software: /
Resource Hash: b071b4a09e0ddd14d373a4d13fa05c3534e6dcd70ecb09800d3712b8c8a7141b

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 11:24:03 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics01
x-cacheable: Yes
age: 140075
x-cache: HIT
x-varnish: 186137449 175247766
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: image/webp
content-length: 1708
x-via-poph: front01

GET
H2 200 raw.webp
pic.clubic.com/v1/images/1856651/ 3 KB
3 KB 37ms
36ms Image
image/webp 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.clubic.com/v1/images/1856651/raw.webp?fit=smartCrop&width=75&height=75&hash=90af4791141389ca2f585654062fa2b18eca52df
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.243 , France, ASN16276 (OVH, FR),
Reverse DNS: ip243.ip-5-135-119.eu
Software: /
Resource Hash: 4a10218b74f3f010a103ab25753f51e9d4cd398dc8473e19852202f888dc1c8e

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 17:18:04 GMT
via: 1.1 varnish (Varnish/6.1)
x-via-popn: pics01
x-cacheable: Yes
age: 205234
x-cache: HIT
x-varnish: 186006659 170854957
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-type: image/webp
content-length: 2618
x-via-poph: front01

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 18:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28406
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Feb 2022 18:25:13 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
65 B 13ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1903383014&t=pageview&_s=1&dl=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&ul=en-us&de=UTF-8&dt=Une%20campagne%20nord-cor%C3%A9enne%20de%20piratage%20ciblant%20les%20chercheurs%20en%20s%C3%A9curit%C3%A9%20identifi%C3%A9e%20par%20Google&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2034212795&gjid=1617143504&cid=1439922371.1612232319&tid=UA-8847036-1&_gid=1475070460.1612232319&_r=1&gtm=2wg1k0T95PRJD&cd1=Malware%2CPiratage%20informatique%2CR%C3%A9seaux&cd2=&cd3=Actu&cd4=&cd5=&cd6=antivirus-securite-informatique%2Fvirus-hacker-piratage%2Fmalware-logiciel-malveillant&cd7=425&cd8=Benjamin%20Bruel&cd9=&cd10=29%2F01%2F2021&cd11=17%3A48&cd12=N&cd13=&cd14=4&cd15=&cm1=425&cm2=4&z=1629790813

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:18:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clubic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 3A11 0
0 15ms
14ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.clubic.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B81) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 358295
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 02 Feb 2021 02:18:39 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B81)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H2 200 check Show response
choices.consentframework.com/api/v1/public/profile/ 17 B
400 B 34ms
34ms Fetch
application/json 212.129.3.112
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/api/v1/public/profile/check?origin=https://www.clubic.com

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/22690/c/IKVR3/cmp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.112 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

212-129-3-112.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

ab140244cd2fd2892fec183c503c0f9522f9935f5e6c5ace01e92924a7e2e90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.clubic.com
cache-control: private, max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
content-length: 17
x-xss-protection: 0

GET
H2 404 current.json Show response
forum.clubic.com/session/ 0
774 B 118ms
44ms XHR
text/plain 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.clubic.com/session/current.json

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.135.119.243 , France, ASN16276 (OVH, FR),

Reverse DNS

ip243.ip-5-135-119.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-discourse-route: session/current
server: nginx
x-xss-protection: 1; mode=block
x-via-poph: front01
x-runtime: 0.008048
referrer-policy: strict-origin-when-cross-origin
x-request-id: 9897c5c9-6d14-40ab-bcb4-cbbab411e85e
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.clubic.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization

GET
H2 404 current.json Show response
forum.clubic.com/session/ 0
774 B 115ms
42ms XHR
text/plain 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.clubic.com/session/current.json

Requested by

Host: www.clubic.com
URL: https://www.clubic.com/assets/js/4a7101b.js?1.16.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.135.119.243 , France, ASN16276 (OVH, FR),

Reverse DNS

ip243.ip-5-135-119.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-discourse-route: session/current
server: nginx
x-xss-protection: 1; mode=block
x-via-poph: front01
x-runtime: 0.005500
referrer-policy: strict-origin-when-cross-origin
x-request-id: c6c01414-8e28-4ed1-a1cb-5de7d013167f
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.clubic.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 43ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-8847036-1&cid=1439922371.1612232319&jid=2034212795&gjid=1617143504&_gid=1475070460.1612232319&_u=YEBAAEAAAAAAAC~&z=356752664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 02 Feb 2021 02:18:39 GMT
content-type: text/plain
access-control-allow-origin: https://www.clubic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK horizon_tweet.716ef7f4c155526f8ec8e60dbd2fbf56.js Show response
platform.twitter.com/js/ 6 KB
3 KB 14ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_tweet.716ef7f4c155526f8ec8e60dbd2fbf56.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB4) /
Resource Hash: b8e8fe9b8ca280dc3c982691064e62ba97c8f2c192a17dfe74430c7cf73cb4de

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 02:18:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 21:49:51 GMT
Server: ECS (amb/6BB4)
Age: 358296
Etag: "15d6bf68a8d65b293e52ddc833724ed4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2195

GET
H2 200 styles.css
a.mailmunch.co/app/v1/ 21 KB
3 KB 8ms
6ms Stylesheet
text/css 2600:9000:2156:7600:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/styles.css
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7600:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 21:08:42 GMT
content-encoding: gzip
age: 18598
x-cache: Hit from cloudfront
content-length: 2274
access-control-allow-origin: *
last-modified: Mon, 01 Feb 2021 09:06:27 GMT
server: AmazonS3
etag: "8092a0afae36db3ec1cc5ad923acfedb"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/css
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Xe_82HJ2mB6r2as1GezpfidlNjx8BM933AjtMSkPHbm06zxiiLNtEQ==

GET
H/1.1 200
OK 855002 Show response
forms.mailmunch.co/sites/ 89 B
574 B 392ms
133ms XHR
application/json 52.55.225.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.mailmunch.co/sites/855002
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.225.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-225-227.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: 4660e2393cd6ee7ee790ade81530c5eba1d160dee67afa2ff3702c5fe99a7a6b

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 02:18:39 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Etag: W/"59-exX2UGHX+UQiQQ98laroVoOFHW8"
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-MM-Comp-Tracking, X-MM-EU-Continent, X-MM-T
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-MM-Form-Tool, X-MM-Coupons
Content-Length: 89

GET
H/1.1 200
OK hits
api.ownpage.fr/v1/collect/ 0
0 207ms
51ms Image
text/html 52.211.25.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.ownpage.fr/v1/collect/hits?client_key=288e97776c3e41e8&url=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&cookie_id=5cb48c5f6088e0b3
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.25.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-25-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 user Show response
choices.consentframework.com/api/v1/public/consent-string/ 50 B
279 B 104ms
34ms Fetch
application/json 212.129.3.112
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/api/v1/public/consent-string/user

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/22690/c/IKVR3/cmp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.112 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

212-129-3-112.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

0790fa5b4a55640095c5a04b85e0f96a16085ba9af355e93269639c9c70c8939

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: content-type
content-length: 50
expires: Wed, 03 Feb 2021 02:18:39 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 17ms
17ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8847036-1&cid=1439922371.1612232319&jid=2034212795&_u=YEBAAEAAAAAAAC~&z=339935683

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:18:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 37ms
18ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8847036-1&cid=1439922371.1612232319&jid=2034212795&_u=YEBAAEAAAAAAAC~&z=339935683

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:18:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.html
platform.twitter.com/embed/ Frame E15A 0
0 14ms
14ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/embed/index.html?dnt=false&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1353856344655204352&lang=fr&origin=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&siteScreenName=Clubic&theme=light&widgetsVersion=ed20a2b%3A1601588405575&width=550px
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA9) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 997
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Tue, 02 Feb 2021 02:18:39 GMT
Etag: "0a7c0ee5972037292537365a97d5b19e"
Last-Modified: Thu, 28 Jan 2021 22:41:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BA9)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 487

GET
H2 200 tcstring Show response
choices.consentframework.com/api/v1/public/v2/ 15 B
375 B 34ms
34ms Fetch
application/json 212.129.3.112
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/api/v1/public/v2/tcstring

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/22690/c/IKVR3/cmp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.112 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

212-129-3-112.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

fcd4c0d68d77fa05f6b07831d9df4c56286788916c40399506d5fcbe87bb4a27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.clubic.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
content-length: 15
x-xss-protection: 0

OPTIONS
H2 200 user-action
choices.consentframework.com/api/v1/public/ Frame 0
0 37ms
37ms Other 212.129.3.112
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/api/v1/public/user-action

Protocol

Server

212.129.3.112 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

212-129-3-112.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.clubic.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.11.3
date: Tue, 02 Feb 2021 02:18:39 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains; preload

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 72ms
52ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

722f834d0c44729d5535f864b0db96c363412148785466734983f6175b9e6e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47560
x-xss-protection: 0
server: cafe
etag: 13820021645336652624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 02 Feb 2021 02:18:39 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 109ms
35ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: scripts.static-od.com
URL: https://scripts.static-od.com/setup/?site=clubic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

f3867e13d3cda906dad33da7014be1fdf5c6327e8fbf859971b3ed2c62dc57ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "771 / 588 of 1000 / last-modified: 1612220970"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19144
x-xss-protection: 0
expires: Tue, 02 Feb 2021 02:18:39 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 116 KB
30 KB 121ms
47ms Script
application/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: scripts.static-od.com
URL: https://scripts.static-od.com/setup/?site=clubic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: Server /
Resource Hash: dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: m.Wx5c17akL0ZDdjRDCoIM1PRpKlJoJG
content-encoding: gzip
server: Server
age: 79
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Tue, 02 Feb 2021 02:17:20 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: vl1-NXAyrPbEtB8D4pPF2t14Ni-x4iChl_FVGwto8iDkHKEf4U5ulw==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 14ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:18:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clubic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK prebidSkin.min.js Show response
secure-assets.rubiconproject.com/utils/prebidSkin/ 9 KB
4 KB 94ms
30ms Script
text/javascript 184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-assets.rubiconproject.com/utils/prebidSkin/prebidSkin.min.js
Requested by: Host: scripts.static-od.com
URL: https://scripts.static-od.com/setup/?site=clubic
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cacd80cb1cf80c78a1c44f32376a3dc1cb27a48879d1f7a969c01a81e16c7d64

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 02:18:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Sep 2020 05:29:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=9432
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3570
Expires: Tue, 02 Feb 2021 04:55:51 GMT

GET
H2 200 latest.json Show response
currency.prebid.org/ 1 KB
2 KB 56ms
34ms XHR
application/octet-stream 2600:9000:20eb:d200:19:2cf2:a900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://currency.prebid.org/latest.json
Requested by: Host: scripts.static-od.com
URL: https://scripts.static-od.com/setup/?site=clubic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d200:19:2cf2:a900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4eaf854afe83b54dfa0e71c95c5af5885c6ac7894f5315a873744714e2d1d638

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 01 Feb 2021 10:00:58 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
vary: Origin
age: 58662
x-cache: Hit from cloudfront
content-length: 1343
last-modified: Mon, 01 Feb 2021 10:00:57 GMT
server: AmazonS3
etag: "bcf918dd43d282284a4390f08e3c2830"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: blbopd2dcZVpD5ypFJTgAaeRXtvWYZpmB8eYN9EATBtwPOJMYQOPiA==
expires: Tue, 02 Feb 2021 10:00:50 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
279 B 118ms
45ms XHR
application/json 18.195.221.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.17.0&referrer=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&tmax=2000&gdpr=false

Requested by

Host: scripts.static-od.com
URL: https://scripts.static-od.com/setup/?site=clubic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.195.221.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-221-58.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:18:39 GMT
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.clubic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
714 B 126ms
40ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: scripts.static-od.com
URL: https://scripts.static-od.com/setup/?site=clubic

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Feb 2021 02:18:39 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid: 06bdd449-9f67-40e6-8f3b-14f952e1f18a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.clubic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 148ms
71ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: scripts.static-od.com
URL: https://scripts.static-od.com/setup/?site=clubic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.clubic.com
date: Tue, 02 Feb 2021 02:18:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
297 B 178ms
101ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: scripts.static-od.com
URL: https://scripts.static-od.com/setup/?site=clubic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.clubic.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Tue, 02 Feb 2021 02:18:39 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 350 B
3 KB 168ms
74ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20336&site_id=261894&zone_id=1320214%3B1319296&size_id=2%3B15&alt_size_ids=55%2C57%2C58%2C68%2C152%3B9%2C8%2C10%2C14&p_pos=%3Batf&gdpr=0&rf=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&tk_flint=pbjs_lite_v4.17.0&x_source.tid=975ba0cf-e3da-45da-b3cd-a383616406b6%3B15c90d34-88c4-435c-9642-758cfbc2521f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=2&rand=0.3443113626960914
Requested by: Host: scripts.static-od.com
URL: https://scripts.static-od.com/setup/?site=clubic
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 506bb38fe6c54ff4c6dcd75213dd9898d0cfe7a6159c673187dd69fb3f07b68b

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Feb 2021 02:18:39 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.clubic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 350
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content v1 Show response
prg.smartadserver.com/prebid/ 0
329 B 138ms
52ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: scripts.static-od.com
URL: https://scripts.static-od.com/setup/?site=clubic
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:18:39 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.clubic.com
x-smrt-reason: 5
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 122ms
40ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.17.0&cb=73690405537
Requested by: Host: scripts.static-od.com
URL: https://scripts.static-od.com/setup/?site=clubic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.clubic.com
date: Tue, 02 Feb 2021 02:18:39 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2

200

GS.d Show response
js.sddan.com/
Redirect Chain

https://js.sddan.com/GS.d?si=4&subcat_name=Malware&cat_name=Logiciel&hd_m=&hd_s256=&postal_code=&product_brand=&product_name=&uf_bday=&uf_gender=&pa=22690&c=IKVR3&cmp=0&u=https%3A%2F%2Fwww.clubic.c...
https://js.sddan.com/GS.d?si=4&subcat_name=Malware&cat_name=Logiciel&hd_m=&hd_s256=&postal_code=&product_brand=&product_name=&uf_bday=&uf_gender=&pa=22690&c=IKVR3&cmp=0&u=https%3A%2F%2Fwww.clubic.c...

11 KB
5 KB

36ms
36ms

Script
text/javascript

51.15.145.116
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sddan.com/GS.d?si=4&subcat_name=Malware&cat_name=Logiciel&hd_m=&hd_s256=&postal_code=&product_brand=&product_name=&uf_bday=&uf_gender=&pa=22690&c=IKVR3&cmp=0&u=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&r=&rand=1612232319358&gdpr=0&gdpr_consent=&globalscope=false&tbp=true&bounce=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.145.116 , France, ASN12876 (Online SAS, FR),

Reverse DNS

51-15-145-116.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

cd981bc07700d5fe93023753c470c01d388ce693adbd0781d9f5d729a7a702c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
server: nginx/1.11.3
strict-transport-security: max-age=15724800; includeSubDomains; preload
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-type: text/javascript
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:18:39 GMT
server: nginx/1.11.3
location: https://js.sddan.com/GS.d?si=4&subcat_name=Malware&cat_name=Logiciel&hd_m=&hd_s256=&postal_code=&product_brand=&product_name=&uf_bday=&uf_gender=&pa=22690&c=IKVR3&cmp=0&u=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&r=&rand=1612232319358&gdpr=0&gdpr_consent=&globalscope=false&tbp=true&bounce=1
strict-transport-security: max-age=15724800; includeSubDomains; preload
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-length: 0
x-xss-protection: 0
expires: Tue, 01 Jan 2000 00:00:00 GMT

POST
H2 200 user-action Show response
choices.consentframework.com/api/v1/public/ 0
164 B 44ms
43ms Fetch 212.129.3.112
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.consentframework.com/api/v1/public/user-action

Requested by

Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/22690/c/IKVR3/cmp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.129.3.112 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

212-129-3-112.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 02 Feb 2021 02:18:39 GMT
server: nginx/1.11.3
access-control-allow-headers: content-type
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains; preload

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 38ms
37ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1903383014&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&ul=en-us&de=UTF-8&dt=Une%20campagne%20nord-cor%C3%A9enne%20de%20piratage%20ciblant%20les%20chercheurs%20en%20s%C3%A9curit%C3%A9%20identifi%C3%A9e%20par%20Google&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=timePerformance&ea=auctionInit&el=100&ev=0&_u=SACAAEABCAAAAC~&jid=&gjid=&cid=1439922371.1612232319&tid=UA-8847036-3&_gid=1475070460.1612232319&cd1=%2F21718639124%2Fclubic.com%2Fcontenu-actu&cd2=direct&cd3=control&z=1613432409

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Feb 2021 17:23:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32108
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/ 225 KB
85 KB 68ms
54ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64c8551c397b1915ef17010eca19e10f01083601d6e0f81b2bef6a081a2f69c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86255
x-xss-protection: 0
server: cafe
etag: 8534310779558063066
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Feb 2021 02:18:39 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/ Frame 8C06 0
0 6ms
5ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210127/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 02 Feb 2021 00:57:55 GMT
expires: Tue, 16 Feb 2021 00:57:55 GMT
content-type: text/html; charset=UTF-8
etag: 6748560809430760793
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4784
x-xss-protection: 0
age: 4844
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 pubads_impl_2021012801.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 78ms
44ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

fa533eb34a8900f6013bf6f0095c696ea16758fe6fbf7442694de0f8ebb2f536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 09:41:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99311
x-xss-protection: 0
expires: Tue, 02 Feb 2021 02:18:39 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 187 B
559 B 136ms
136ms XHR
text/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&pid=fxi2x1eQDZ4L3&cb=0&ws=1600x1200&v=7.58.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21718639124%2Fclubic.com%2Fcontenu-actu%2FBillboard_1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F21718639124%2Fclubic.com%2Fcontenu-actu%2FHalfpageAd_1%22%7D%5D&pubid=02baacae-0cfc-4942-8fc1-8f85c19e7b49&gdpre=0&gdprl=%7B%22cmpTimeout%22%3A30000%2C%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 352f9076ca935bced9f4c24cf0e0ec9ded7342d29ef45d1c1568f5c05b1c2634

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.clubic.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 185
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-amz-cf-id: Scuv0t3R01I-0AdJiwqHk3_Ws9QnECq7pMf0HTSfmwOy6Adb6C1EHw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 79ms
26ms XHR
application/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 03:08:13 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 83427
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 06:42:57 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: dW6OdibmqSo3lymlKue5vw94ppeCRETgTQE9NF2lpP5cx0sjAIo34g==

GET
H2 200 CT.d
ct.sddan.com/ Frame EE75 0
0 42ms
34ms Document
text/html 51.15.145.116
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.sddan.com/CT.d?iframeUrl=https%3A%2F%2Fmap.sddan.com%2FSC.d%3Fmapnames%3Dnexus%2Ctaboola%2Cfreewheel%2Cweborama%2Csquadata%2Cttd%2Cadobe%2Cgroupm%2Caudiencerate%2Cgoogle%2Cyahoo%2Cexelate%2Crubicon%2Csmart

Requested by

Host: js.sddan.com
URL: https://js.sddan.com/GS.d?si=4&subcat_name=Malware&cat_name=Logiciel&hd_m=&hd_s256=&postal_code=&product_brand=&product_name=&uf_bday=&uf_gender=&pa=22690&c=IKVR3&cmp=0&u=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&r=&rand=1612232319358&gdpr=0&gdpr_consent=&globalscope=false&tbp=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.145.116 , France, ASN12876 (Online SAS, FR),

Reverse DNS

51-15-145-116.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

:method: GET
:authority: ct.sddan.com
:scheme: https
:path: /CT.d?iframeUrl=https%3A%2F%2Fmap.sddan.com%2FSC.d%3Fmapnames%3Dnexus%2Ctaboola%2Cfreewheel%2Cweborama%2Csquadata%2Cttd%2Cadobe%2Cgroupm%2Caudiencerate%2Cgoogle%2Cyahoo%2Cexelate%2Crubicon%2Csmart
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: techcookie=1; newu=1; SDDAN=20210202_1a288536bf86ce141beee35e2025a3e4; mregen3=1; tb=1; mgm=1; mar=1; dc3=1; mex=1; rubi=1; d_rt=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Response headers

server: nginx/1.11.3
date: Tue, 02 Feb 2021 02:18:39 GMT
content-type: text/html
strict-transport-security: max-age=15724800; includeSubDomains; preload
content-encoding: gzip

GET
H2 200 CT.d
ct.sddan.com/ Frame A0E7 0
0 39ms
34ms Document
text/html 51.15.145.116
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.sddan.com/CT.d?imgUrl=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fsync-uid.leadplace.fr%2Fsync-uid.php%3Fpart%3Dsirapp%26id%3D%2524UID%26gdpr%3D0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.145.116 , France, ASN12876 (Online SAS, FR),

Reverse DNS

51-15-145-116.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

:method: GET
:authority: ct.sddan.com
:scheme: https
:path: /CT.d?imgUrl=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fsync-uid.leadplace.fr%2Fsync-uid.php%3Fpart%3Dsirapp%26id%3D%2524UID%26gdpr%3D0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: techcookie=1; newu=1; SDDAN=20210202_1a288536bf86ce141beee35e2025a3e4; mregen3=1; tb=1; mgm=1; mar=1; dc3=1; mex=1; rubi=1; d_rt=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Response headers

server: nginx/1.11.3
date: Tue, 02 Feb 2021 02:18:39 GMT
content-type: text/html
content-length: 151
strict-transport-security: max-age=15724800; includeSubDomains; preload

GET
H2 200 CT.d
ct.sddan.com/ Frame BA34 0
0 39ms
34ms Document
text/html 51.15.145.116
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.sddan.com/CT.d?imgUrl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtemelio_dmp%26google_sc%26google_cm%26gdpr%3D0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.145.116 , France, ASN12876 (Online SAS, FR),

Reverse DNS

51-15-145-116.rev.poneytelecom.eu

Software

nginx/1.11.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

:method: GET
:authority: ct.sddan.com
:scheme: https
:path: /CT.d?imgUrl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtemelio_dmp%26google_sc%26google_cm%26gdpr%3D0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: techcookie=1; newu=1; SDDAN=20210202_1a288536bf86ce141beee35e2025a3e4; mregen3=1; tb=1; mgm=1; mar=1; dc3=1; mex=1; rubi=1; d_rt=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Response headers

server: nginx/1.11.3
date: Tue, 02 Feb 2021 02:18:39 GMT
content-type: text/html
content-length: 136
strict-transport-security: max-age=15724800; includeSubDomains; preload

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
5ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1903383014&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&ul=en-us&de=UTF-8&dt=Une%20campagne%20nord-cor%C3%A9enne%20de%20piratage%20ciblant%20les%20chercheurs%20en%20s%C3%A9curit%C3%A9%20identifi%C3%A9e%20par%20Google&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=timePerformance&ea=initAdserver&el=200&ev=0&_u=SACAAEABCAAAAC~&jid=&gjid=&cid=1439922371.1612232319&tid=UA-8847036-3&_gid=1475070460.1612232319&cd1=%2F21718639124%2Fclubic.com%2Fcontenu-actu&cd2=direct&cd3=control&z=1438736858

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Feb 2021 17:23:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32108
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1903383014&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&ul=en-us&de=UTF-8&dt=Une%20campagne%20nord-cor%C3%A9enne%20de%20piratage%20ciblant%20les%20chercheurs%20en%20s%C3%A9curit%C3%A9%20identifi%C3%A9e%20par%20Google&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=initAdserver&ea=odpbjs&el=CMPv2_OOS&ev=0&_u=SACAAEABCAAAAC~&jid=&gjid=&cid=1439922371.1612232319&tid=UA-8847036-3&_gid=1475070460.1612232319&cd1=%2F21718639124%2Fclubic.com%2Fcontenu-actu&cd2=direct&cd3=control&z=723318834

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Feb 2021 17:23:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32108
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings-1612195618.json Show response
a.mailmunch.co/forms-cache/855002/ 2 KB
1 KB 22ms
8ms XHR
application/json 2600:9000:2156:7600:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/855002/settings-1612195618.json
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7600:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d2ce1866449190b944e30835ceff0221fee4020ea5622db2d472acf46f5ffc9

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 16:07:05 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 36695
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 01 Feb 2021 16:07:04 GMT
server: AmazonS3
etag: W/"9321c912af22251c81935808dd11815f"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SEqNBKYDOYWd-FIjm_dbv9KMG4Nc0fINJ69m6M9E7Jr0LRE-QJnK6g==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
638 B 192ms
98ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.clubic.com&callback=_gfp_s_&client=ca-pub-9540567666833588

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

2fc0fdf6820ef1b5b4957377f39b08ed3a20b5555a7c67dcd0b6698cf9af1a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 47ms
27ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.clubic.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 47ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.clubic.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 43ms
42ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&tn=HEADER&ign=false

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:18:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 89D3 0
0 80ms
79ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=0&client=ca-pub-9540567666833588&output=html&adk=293675617&adf=814277786&lmt=1612232319&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&ea=0&flash=0&pra=5&wgl=1&dt=1612232319418&bpp=12&bdt=726&idt=138&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4871064511777&frm=20&pv=2&ga_vid=1439922371.1612232319&ga_sid=1612232320&ga_hid=1903383014&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C44735932%2C21068769%2C21068893&oid=3&pvsid=1736375433190984&pem=809&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=159

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&gdpr=0&client=ca-pub-9540567666833588&output=html&adk=293675617&adf=814277786&lmt=1612232319&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&ea=0&flash=0&pra=5&wgl=1&dt=1612232319418&bpp=12&bdt=726&idt=138&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4871064511777&frm=20&pv=2&ga_vid=1439922371.1612232319&ga_sid=1612232320&ga_hid=1903383014&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C44735932%2C21068769%2C21068893&oid=3&pvsid=1736375433190984&pem=809&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=159
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 02 Feb 2021 02:18:39 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Feb-2021 02:33:39 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 02 Feb 2021 02:18:39 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208dfab1fdcf1f4e57f80d6fd873265f0ff90c42c36cb25e38dff42695e383a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612182870646033"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28348
x-xss-protection: 0
expires: Tue, 02 Feb 2021 02:18:39 GMT

GET
H2 200 popover.js Show response
a.mailmunch.co/app/v1/ 9 KB
3 KB 6ms
6ms Script
text/javascript 2600:9000:2156:7600:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/app/v1/popover.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7600:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6436853c276f2b13c3888aeae8711e7cb7a42b39bafc43eefe9709b13bbb13c9

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 01:28:25 GMT
content-encoding: gzip
age: 3015
x-cache: Hit from cloudfront
content-length: 2224
access-control-allow-origin: *
last-modified: Mon, 01 Feb 2021 09:06:21 GMT
server: AmazonS3
etag: "9c77280de991e91159da03ae5e726370"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/javascript
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 8Y2hJC7UpfTcQ66A-ihA9pjSxnMndtoQJuunaxD5992zuk3uNVNKXA==

GET
H2 200 index-1606294799.html Show response
a.mailmunch.co/forms-cache/855002/968385/ 116 KB
40 KB 9ms
9ms XHR
text/html 2600:9000:2156:7600:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/forms-cache/855002/968385/index-1606294799.html
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7600:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db6dfee5a89795dbe7e0323f668935b84bca3f92b162ece6df2a915e8763b590

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 09:36:40 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 319320
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 25 Nov 2020 09:00:02 GMT
server: AmazonS3
etag: W/"f60377d2b4aadbe8c6b69c8dcd233c45"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/html; charset=utf-8
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=31556952
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: MDqnqugk-a9FEQdeS0SDbyy6pVDmoIUyEk188tpE6B_AESb7uckH9A==

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 122 KB
38 KB 616ms
615ms XHR
text/plain 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1736375433190984&correlator=3622122579995491&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C21069917&vrg=2021012801&ptt=17&gdpr=0&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210202&iu_parts=21718639124%2Cclubic.com%2Ccontenu-actu&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C1x1%7C1800x1000%7C1000x250%7C1000x90%7C970x250%7C800x250%7C970x90%7C728x90%7C700x250%2C320x50%7C1x1%7C300x600%7C300x250%7C160x600%7C120x600%7C250x250&fluid=height%2Cheight&prev_scp=adslot%3DBillboard_1%26amznbid%3D1%26amznp%3D1%7Cadslot%3DHalfpageAd_1%26amznbid%3D1%26amznp%3D1&eri=1&cust_params=kw%3Dtech%252Cmalware%252Csecurite_informatique%252Cpiratage_informatique%252Creseaux%252C351694%252Cune_campagne_nord_coreenne_de_piratage_ciblant_les_chercheurs_en_securite_identifiee_par_google%252Cantivirus_securite_informatique_virus_hacker_piratage_malware_logiciel_malveillant%252Clogiciel%252C1%26env%3Dprod%26issafe%3D1%26mode%3Dlight%26article_id%3D5109636661627154%26source_id%3D4688598004011344%26npads%3Dnotready&cookie_enabled=1&bc=31&abxe=1&lmt=1612232319&dt=1612232319663&dlt=1612232318692&idt=918&frm=20&biw=1600&bih=1200&oid=3&adxs=800%2C1133&adys=87%2C436&adks=4277546801%2C1723292668&ucis=1%7C2&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1000x1%7C303x1&msz=970x1%7C303x1&ga_vid=1439922371.1612232319&ga_sid=1612232320&ga_hid=1903383014&fws=0%2C512&ohw=0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

26ff3f8c610b42eb152770edc765612b1b6c9a13e8e335656230b4563a57187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38404
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.clubic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 86ms
54ms Other
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 978B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-index_pm-db5_rbd_cnv_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-index_pm-db5_rbd_cnv_3lift&dcc=t

0
0

205ms
204ms

Document
text/html

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-index_pm-db5_rbd_cnv_3lift&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=AxK_9I6oFUyEmhB3MIwbPuo|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Response headers

Server: Server
Date: Tue, 02 Feb 2021 02:18:40 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 215
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=AxK_9I6oFUyEmhB3MIwbPuo; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 02:18:39 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 02:18:40 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Tue, 02 Feb 2021 02:18:39 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-index_pm-db5_rbd_cnv_3lift&dcc=t
Set-Cookie: ad-id=AxK_9I6oFUyEmhB3MIwbPuo|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 02:18:39 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 index.css
a.mailmunch.co/v2/themes/mailmunch/falcon/popover/ Frame 8F0E 13 KB
4 KB 7ms
6ms Stylesheet
text/css 2600:9000:2156:7600:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mailmunch.co/v2/themes/mailmunch/falcon/popover/index.css
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7600:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: baf2722dfebe3778ee8bcfa914b2475439416a6075340b3d78575c6d7b4479a3

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 21:50:05 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 16115
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 08 Jan 2020 12:12:58 GMT
server: AmazonS3
etag: W/"708b1034226ea5b02723b5b01a40b8e1"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: text/css
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fk2j-4-dS2pbDb5x6NU3Y39W_aEqt-42l7EF84lVlK2N6RvIx3qDtg==

GET
H2 200 img.png
a.mailmunch.co/themes/assets/embedded/falcon/img/ Frame 8F0E 4 KB
5 KB 7ms
6ms Image
image/png 2600:9000:2156:7600:4:c961:9640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mailmunch.co/themes/assets/embedded/falcon/img/img.png
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7600:4:c961:9640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8502550cc9d2ba8394cc23c198f4e10bf40f62dcab88c78123e3fbbf3b5e86e9

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 00:24:33 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
age: 6846
x-cache: Hit from cloudfront
content-length: 4354
last-modified: Tue, 19 Jul 2016 02:49:42 GMT
server: AmazonS3
etag: "b65c531e029a7b4f975014efba5df494"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: X3F_Jqx0Ciuo8Tnszg3CQFnap1Jkr6Ynq3KkcqNeGboPSgILADxkog==

GET
H/1.1 200
OK Logo_rectangle_ownpage+copie.png
assets.ownpage.fr/clubic/image/ Frame 8F0E 6 KB
6 KB 103ms
30ms Image
image/png 143.204.93.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ownpage.fr/clubic/image/Logo_rectangle_ownpage+copie.png
Requested by: Host: a.mailmunch.co
URL: https://a.mailmunch.co/app/v1/site.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-120.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eefcf6e6dbaf08a46e9728f74fe24316cbd4dd98f0fbe7b423c91edffa63aad0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 02:17:51 GMT
Via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
Last-Modified: Mon, 11 Jan 2021 18:45:40 GMT
Server: AmazonS3
Age: 263
ETag: "66aef470fa155858aec75b38181c6c38"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 5977
X-Amz-Cf-Id: 8yV-KQ96ZSm3nx0xqA1glWBPKOiJ0MNsiwApTv1kZuM3gPSQagjlCg==

GET
H2 200 css
fonts.googleapis.com/ Frame 8F0E 6 KB
787 B 23ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700,600,400

Requested by

Host: a.mailmunch.co
URL: https://a.mailmunch.co/v2/themes/mailmunch/falcon/popover/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d67ca5d28f1dd6fc58ae8f8ab79b70755b30a52eb04572a6df8e50869ff748e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://a.mailmunch.co/v2/themes/mailmunch/falcon/popover/index.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Feb 2021 02:18:39 GMT
server: ESF
date: Tue, 02 Feb 2021 02:18:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Feb 2021 02:18:39 GMT

GET
DATA 200
OK truncated
/ Frame 8F0E 489 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c371030558feed8e851871ecff997f50080c5149056f9d511ad4754da36c353

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 404 current.json Show response
forum.clubic.com/session/ 0
774 B 44ms
42ms XHR
text/plain 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.clubic.com/session/current.json

Requested by

Host: www.clubic.com
URL: https://www.clubic.com/assets/js/jquery.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.135.119.243 , France, ASN16276 (OVH, FR),

Reverse DNS

ip243.ip-5-135-119.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-discourse-route: session/current
server: nginx
x-xss-protection: 1; mode=block
x-via-poph: front01
x-runtime: 0.005790
referrer-policy: strict-origin-when-cross-origin
x-request-id: c81405c1-0941-44c1-bdd9-0d24817ba303
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.clubic.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization

GET
H2

200

27911_2.png
forum.clubic.com/user_avatar/forum.clubic.com/nicgrover/45/
Redirect Chain

https://forum.clubic.com/user_avatar/forum.clubic.com/nicgrover/43/27911_2.png
https://forum.clubic.com/user_avatar/forum.clubic.com/nicgrover/45/27911_2.png

2 KB
3 KB

39ms
39ms

Image
image/jpeg

5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.clubic.com/user_avatar/forum.clubic.com/nicgrover/45/27911_2.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.135.119.243 , France, ASN16276 (OVH, FR),

Reverse DNS

ip243.ip-5-135-119.eu

Software

nginx /

Resource Hash

047119f591b25460de3d0ef2d872a66ed7131f6c03356c5543ea148e829bf7db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.clubic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
via: 1.1 varnish (Varnish/5.0)
x-via-popn: forum
x-cacheable: Yes
x-permitted-cross-domain-policies: none
age: 40548
x-cache: HIT
x-discourse-route: user_avatars/show
content-length: 1759
x-xss-protection: 1; mode=block
x-via-poph: front01
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Nov 2019 11:39:20 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
x-varnish: 327092250 227800579
access-control-allow-origin: https://www.clubic.com
cache-control: max-age=31556952, public, immutable
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-content-type-options: nosniff
content-transfer-encoding: binary

Redirect headers

date: Tue, 02 Feb 2021 02:18:39 GMT
via: 1.1 varnish (Varnish/5.0)
x-via-popn: forum
x-cacheable: No, not cacheable
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS
x-discourse-route: user_avatars/show
content-length: 144
x-xss-protection: 1; mode=block
x-via-poph: front01
access-control-allow-origin: https://www.clubic.com
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
x-varnish: 321081322
location: https://forum.clubic.com/user_avatar/forum.clubic.com/nicgrover/45/27911_2.png
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-content-type-options: nosniff

GET
H2 200 43.png
forum.clubic.com/letter_avatar_proxy/v2/letter/k/f0a364/ 758 B
2 KB 38ms
36ms Image
image/png 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.clubic.com/letter_avatar_proxy/v2/letter/k/f0a364/43.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.135.119.243 , France, ASN16276 (OVH, FR),

Reverse DNS

ip243.ip-5-135-119.eu

Software

nginx /

Resource Hash

af880775b9eedf811ee6ad2cad00d16142fd0241f458817f14eb6812757878ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
via: 1.1 varnish (Varnish/5.0)
x-via-popn: forum
x-cacheable: Yes
x-permitted-cross-domain-policies: none
age: 40525
x-cache: HIT
x-discourse-route: user_avatars/show_proxy_letter
content-length: 758
x-xss-protection: 1; mode=block
x-via-poph: front01
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jan 1990 00:00:00 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
x-varnish: 326839631 322306053
access-control-allow-origin: https://www.clubic.com
cache-control: max-age=31556952, public, immutable
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-content-type-options: nosniff
content-transfer-encoding: binary

GET
H2 200 43.png
forum.clubic.com/letter_avatar_proxy/v2/letter/j/e19adc/ 518 B
1 KB 37ms
36ms Image
image/png 5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.clubic.com/letter_avatar_proxy/v2/letter/j/e19adc/43.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.135.119.243 , France, ASN16276 (OVH, FR),

Reverse DNS

ip243.ip-5-135-119.eu

Software

nginx /

Resource Hash

d780243bb452baf0c6c23883f8228b0529957de9c5d5a60b0bf8a8ef221ea38f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
via: 1.1 varnish (Varnish/5.0)
x-via-popn: forum
x-cacheable: Yes
x-permitted-cross-domain-policies: none
age: 39749
x-cache: HIT
x-discourse-route: user_avatars/show_proxy_letter
content-length: 518
x-xss-protection: 1; mode=block
x-via-poph: front01
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jan 1990 00:00:00 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
x-varnish: 324855248 314919349
access-control-allow-origin: https://www.clubic.com
cache-control: max-age=31556952, public, immutable
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-content-type-options: nosniff
content-transfer-encoding: binary

GET
H2

200

51832_2.png
forum.clubic.com/user_avatar/forum.clubic.com/maspriborintorg/45/
Redirect Chain

https://forum.clubic.com/user_avatar/forum.clubic.com/maspriborintorg/43/51832_2.png
https://forum.clubic.com/user_avatar/forum.clubic.com/maspriborintorg/45/51832_2.png

4 KB
5 KB

39ms
38ms

Image
image/jpeg

5.135.119.243
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.clubic.com/user_avatar/forum.clubic.com/maspriborintorg/45/51832_2.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.135.119.243 , France, ASN16276 (OVH, FR),

Reverse DNS

ip243.ip-5-135-119.eu

Software

nginx /

Resource Hash

3574fd92787d57dc215f849ef52d314e1322030bebe60cf5d13ca3bb6a9a5cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.clubic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:39 GMT
via: 1.1 varnish (Varnish/5.0)
x-via-popn: forum
x-cacheable: Yes
x-permitted-cross-domain-policies: none
age: 39202
x-cache: HIT
x-discourse-route: user_avatars/show
content-length: 4578
x-xss-protection: 1; mode=block
x-via-poph: front01
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Oct 2020 09:37:36 GMT
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
x-varnish: 107957626 316039948
access-control-allow-origin: https://www.clubic.com
cache-control: max-age=31556952, public, immutable
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-content-type-options: nosniff
content-transfer-encoding: binary

Redirect headers

date: Tue, 02 Feb 2021 02:18:39 GMT
via: 1.1 varnish (Varnish/5.0)
x-via-popn: forum
x-cacheable: No, not cacheable
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS
x-discourse-route: user_avatars/show
content-length: 150
x-xss-protection: 1; mode=block
x-via-poph: front01
access-control-allow-origin: https://www.clubic.com
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
x-varnish: 327092247
location: https://forum.clubic.com/user_avatar/forum.clubic.com/maspriborintorg/45/51832_2.png
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-content-type-options: nosniff

GET
H2 200 marty Show response
www.clubic.com/commentaires/liked-topic/351694/ 27 B
312 B 674ms
674ms XHR
application/json 5.135.119.242
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clubic.com/commentaires/liked-topic/351694/marty
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/assets/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.119.242 , France, ASN16276 (OVH, FR),
Reverse DNS: ip242.ip-5-135-119.eu
Software: /
Resource Hash: c4750474cc47ce11526dac4ca5a47f5648e896b7d0dd907ff362371f3a9c5381

Request headers

Accept: */*
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:40 GMT
content-encoding: gzip
x-via-popn: front03
age: 0
etag: W/"fd58eea7dd2962d58ec1d8b22ca14821"
vary: Accept-Encoding
x-via-popv: front02
x-varnish: 492002217
cache-control: max-age=0, private
x-cache: MISS
accept-ranges: bytes
content-type: application/json
content-length: 45
x-via-poph: front03

GET
H3-Q050 200 container.html
214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2FDD 0
0 34ms
21ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 02 Feb 2021 02:18:39 GMT
expires: Wed, 02 Feb 2022 02:18:39 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1903383014&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&ul=en-us&de=UTF-8&dt=Une%20campagne%20nord-cor%C3%A9enne%20de%20piratage%20ciblant%20les%20chercheurs%20en%20s%C3%A9curit%C3%A9%20identifi%C3%A9e%20par%20Google&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=timePerformance&ea=firstSlotRendered&el=1500&ev=0&_u=SACAAEABCAAAAC~&jid=&gjid=&cid=1439922371.1612232319&tid=UA-8847036-3&_gid=1475070460.1612232319&cd1=%2F21718639124%2Fclubic.com%2Fcontenu-actu&cd2=direct&cd3=control&z=860954582

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Feb 2021 17:23:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32109
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4256 0
0 6ms
6ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 02 Feb 2021 02:18:39 GMT
expires: Wed, 02 Feb 2022 02:18:39 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 81 KB
26 KB 43ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: scripts.static-od.com
URL: https://scripts.static-od.com/setup/?site=clubic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:41 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 11:16:36 GMT
server: nginx
etag: W/"5ff6ed94-14284"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 03 Feb 2021 02:18:41 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 81 KB
26 KB 43ms
16ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:18:41 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 11:16:36 GMT
server: nginx
etag: W/"5ff6ed94-14284"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 03 Feb 2021 02:18:41 GMT

GET
H/1.1

204
No Content

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=158939&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?p=158939&gdpr=0&gdpr_consent=&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkNEMUY4RjYtNTVFQy00ODhFLUIzODQtNTE4QjNENTRFMDlF&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
507 B

32ms
32ms

Image
text/plain

185.64.189.216
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 02:18:42 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Date: Tue, 02 Feb 2021 02:18:42 GMT
X-Cnection: close
X-lat: Pug22046:0:502
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 399
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
264 B

49ms
49ms

Image
image/gif

99.80.71.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: www.clubic.com
URL: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.71.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-71-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:18:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date: Tue, 02 Feb 2021 02:18:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 13ms
12ms XHR
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1903383014&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.clubic.com%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&ul=en-us&de=UTF-8&dt=Une%20campagne%20nord-cor%C3%A9enne%20de%20piratage%20ciblant%20les%20chercheurs%20en%20s%C3%A9curit%C3%A9%20identifi%C3%A9e%20par%20Google&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Intervalles%20de%2030%20secondes%20complets%20pass%C3%A9s%20sur%20la%20page&ea=1&el=%2Fantivirus-securite-informatique%2Fvirus-hacker-piratage%2Fpiratage-informatique%2Factualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html&_u=aAjAAEABCAAAAC~&jid=180289428&gjid=1477900271&cid=1439922371.1612232319&tid=UA-8847036-1&_gid=725662844.1612232349&_r=1&cd1=Malware%2CPiratage%20informatique%2CR%C3%A9seaux&cd2=&cd3=Actu&gtm=2wg1k0T95PRJD&cd4=&cd5=&cd6=antivirus-securite-informatique%2Fvirus-hacker-piratage%2Fmalware-logiciel-malveillant&cd7=425&cd8=Benjamin%20Bruel&cd9=&cd10=29%2F01%2F2021&cd11=17%3A48&cd12=N&cd13=&cd14=4&cd15=&cm1=425&cm2=4&z=1686315257

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:19:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.clubic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-8847036-1&cid=1439922371.1612232319&jid=180289428&gjid=1477900271&_gid=725662844.1612232349&_u=aAjAAEABCAAAAC~&z=1139455778

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 02 Feb 2021 02:19:08 GMT
content-type: text/plain
access-control-allow-origin: https://www.clubic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8847036-1&cid=1439922371.1612232319&jid=180289428&_u=aAjAAEABCAAAAC~&z=639172475

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:19:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8847036-1&cid=1439922371.1612232319&jid=180289428&_u=aAjAAEABCAAAAC~&z=639172475

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:19:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 51ms
32ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210127&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f516f6860fd22c55775194a9133f29064998a78634c90f1dea3fc5fd942532a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Feb 2021 02:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6826
x-xss-protection: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame A902 0
0 67ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.clubic.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.clubic.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1648
date: Tue, 02 Feb 2021 02:19:10 GMT
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 02:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 02 Feb 2021 02:19:10 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 84FA 0
0 26ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Mon, 01 Feb 2021 21:40:46 GMT
expires: Tue, 01 Feb 2022 21:40:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16704
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
40ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210127&jk=1736375433190984&bg=!cHOlczDNAAVwd1e1cDsAKQB2-DxaPjA7i5emF8keUohmGGRHfKpYOTUECismYDJPMjafik6h3UoaAgAAAHNSAAAAEmgBBwoAvMvPRAWtYuGN_aUCAweOXg6untxlK1gk-BZO1OPzA00a6igfBYqL4Luo8TobM9ni6Q_oDxqaGAvcnS7vXG24yf2RmrysNm6nwoLTteuj8TB1xlSWxwRNLCYwReIY65S_RyoDvR6Xw1sM2JkVa9anDPvVCb-0gfvbb7oOzhG1Ui6Dit2XuT8wmLLHH4HmP-BPw9DKBSbApUrtQZNXPB9Oy2HakH2xnIMJBqFgODXaKtkQ7QSQVGSE7dRFIcq2mQHPpIT9Cdg_nZthcZGBahQkvABQrgFmvLU9eDcwAj9Iqiz50CjviUy2e0z0Ydte3rpCNDbiENwD4wM0LjVd7DQUgoT1i7XNdiYbhFZaxFOC5fCK7L6BQsS8DETWHwuL5sDYT80n6CvheOQyk3kjt9GXOCotcIQyPm63xqrck8klLjecbpMV1NL-j7qWrWrWEas4wneBCY-yPjIn-Zp4-DbAH3YtN3g3x9GeJgoe7NKhNc0iCuFVZvQ0Vb5e8cBdn8X1LmvsJjllK8HyxuYd5Z_mLtN0bYBA7_mT8mK0Zh_p7Kn0slL2QrLu1byu7yvFyGKHCHLRClFx1pg1IkKoCKJ_GzcDa_KiNW_1zQ-7OWimn0IGzNcu9rjdUqZnwfSoNr10R8mK0TMqNt7K4NBJyLecp_uDleLFM9Ix6dZCAipsU4rmQh4W6GWw-CukxSoPjCATUloQ4GYSFz34LltgKXOah4n7b656i8E0A-dtWE4fW6VwmlbJ-qC2CBKUDYS2npJoPNw-3oe_2RiViIQpA4sN51KDzUVHmKXgjOjDD1GBGOIVE-qwCHA_wpN6kaEXleH0R2lsB0jDtHUXeC06jCWi760RiTkl3fw4dhXz-15kJg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.clubic.com/antivirus-securite-informatique/virus-hacker-piratage/piratage-informatique/actualite-351694-sr-une-campagne-nord-coreenne-de-piratage-ciblant-les-chercheurs-en-securite-identifiee-par-google.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 02:19:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clubic.com/	1970-01-19 15:50:32	Name: _gat_UA-8847036-1 Value: 1
.clubic.com/	1970-01-19 15:51:58	Name: _gid Value: GA1.2.725662844.1612232349
.clubic.com/	1970-01-20 09:21:44	Name: _ga Value: GA1.2.1439922371.1612232319

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.clubic.com/assets/js/9b24d27.js?1.16.2(Line 8) Message: reactApp

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

214acc45a81df9e0c677a0599a97d2ff.safeframe.googlesyndication.com
a.mailmunch.co
a.teads.tv
aax-eu.amazon-adsystem.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.ownpage.fr
assets.ownpage.fr
bidder.criteo.com
c.amazon-adsystem.com
choices.consentframework.com
cm.g.doubleclick.net
ct.sddan.com
currency.prebid.org
eb2.3lift.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
forms.mailmunch.co
forum.clubic.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image8.pubmatic.com
js.sddan.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pic.clubic.com
platform.twitter.com
prg.smartadserver.com
script.ownpage.fr
scripts.static-od.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tlx.3lift.com
tpc.googlesyndication.com
w.estat.com
www.clubic.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
13.224.192.34
143.204.93.120
15.237.22.192
172.217.21.194
178.250.2.131
18.159.63.118
18.195.221.58
184.30.212.16
185.33.221.14
185.64.189.110
185.64.189.112
185.64.189.216
185.86.138.121
2.18.232.7
212.129.3.112
216.58.207.34
2600:9000:20eb:d200:19:2cf2:a900:93a1
2600:9000:2156:7600:4:c961:9640:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::ac43:4a27
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:819::2002
2a00:1450:4001:821::2001
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:4001:825::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9b
2a02:2638:1::3
2a02:2638::1c
5.135.119.242
5.135.119.243
51.15.145.116
52.211.25.193
52.55.225.227
52.95.124.165
65.9.58.129
69.173.144.140
99.80.71.186
047119f591b25460de3d0ef2d872a66ed7131f6c03356c5543ea148e829bf7db
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0790fa5b4a55640095c5a04b85e0f96a16085ba9af355e93269639c9c70c8939
0a258c75df11cd189b2b1ba01ae647cc01bee6ed3a191a24aa167109b5a4b8b6
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
16b5bbfdf6786d78042d4da83f13d7d01316284dfe14312491ac665534b2fddc
208dfab1fdcf1f4e57f80d6fd873265f0ff90c42c36cb25e38dff42695e383a4
2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada
266f7d99ab5955fafa20741bcb525b30864f106652948f8dc4a7b28dc2bcb77a
2671ad9f93451b8f86097c6e19e6a3e81b35ec81769e39f916c0547bbe7cdbe9
26ff3f8c610b42eb152770edc765612b1b6c9a13e8e335656230b4563a57187c
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2caf135717a96501eecfec5411c7db8be52223162a806b5abb48d890322f32f1
2fc0fdf6820ef1b5b4957377f39b08ed3a20b5555a7c67dcd0b6698cf9af1a1e
33d016b36b1bf39bb3026a10c5cec5dba26f66a75527765bb344cd833fe51aa4
352f9076ca935bced9f4c24cf0e0ec9ded7342d29ef45d1c1568f5c05b1c2634
3574fd92787d57dc215f849ef52d314e1322030bebe60cf5d13ca3bb6a9a5cc6
38f03e89dc0a74224affb313644ee059d7af75dc18fe32f82677e15c87d455b5
3d2d4e18240e326c8e93c324902207298d5f0a057a3f13218bee68bb43b771f4
3d67ca5d28f1dd6fc58ae8f8ab79b70755b30a52eb04572a6df8e50869ff748e
40ea68936786a5e8d8bb1006335b3fc6da1969d8c0d5974d6096dc7e028bf993
43619edb893c75de7882492d9e8e60e10fb3f71fc790887f4cf4fcd18922acb0
437e6e23bb4219f1dd245da75b1729666e71fbf31985189fa35be75702b8cab9
4660e2393cd6ee7ee790ade81530c5eba1d160dee67afa2ff3702c5fe99a7a6b
47dcc5ccddda02ae4a968f0d40073bcd4c1fff886815b0ea5064c6f2d96b535a
4a10218b74f3f010a103ab25753f51e9d4cd398dc8473e19852202f888dc1c8e
4c06021095f6f8717e6bac9413d0c5197c23425ed15c8c7383600b406ee8d646
4d2ce1866449190b944e30835ceff0221fee4020ea5622db2d472acf46f5ffc9
4eaf854afe83b54dfa0e71c95c5af5885c6ac7894f5315a873744714e2d1d638
506bb38fe6c54ff4c6dcd75213dd9898d0cfe7a6159c673187dd69fb3f07b68b
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5a01c8532be4332fd622a0d2e85d94b78731d1d10604cbcaae0fceca3da50f3d
5f516f6860fd22c55775194a9133f29064998a78634c90f1dea3fc5fd942532a
6436853c276f2b13c3888aeae8711e7cb7a42b39bafc43eefe9709b13bbb13c9
64c8551c397b1915ef17010eca19e10f01083601d6e0f81b2bef6a081a2f69c1
66712ae98b2f7c08f41f858e9f533aa5941249cad0147c94da7dc431f590f784
681c7a3563e8c71b527cafa9b34d5cd11a3774a1b6cc6b2f131eb5e75671afe2
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6c371030558feed8e851871ecff997f50080c5149056f9d511ad4754da36c353
6d1b9cdabea9fa6bf623db98ebf156ac2855616caddeca73224b8488ea03357a
71399717305b09c8fb442c33440c2cfc135ebd246d8e9bbbc6dc5a32d29105ca
722f834d0c44729d5535f864b0db96c363412148785466734983f6175b9e6e4c
72c5e40ac49f5e971441e5539d15d2bb93b5a90e42cdb4054e21cbca0793f1a5
7976e2068bdfb2fbab4a32a16c3447218090259081d01496b0b41327448bfc82
7adbfc83b0d6cb2eac1f5fcaba53539135dbf791b7760632aec95e54e6cdbfe8
7c363c5b169b007e8c63b7ee0743546f2dba88223be03620b2a554953f660f92
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8502550cc9d2ba8394cc23c198f4e10bf40f62dcab88c78123e3fbbf3b5e86e9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9a7a84f3a76ca806208a152a7180cbaa119c459a3f77b5c45cd93ad49e2d58fc
a029f568a352f24c8ea91b673757e9ceda5553c448c8153697df6bf44a13b2a2
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1d73fb0b4366a22678e4eb7b9079a461e3d8317a1bdef008743a80aabaf3791
ab140244cd2fd2892fec183c503c0f9522f9935f5e6c5ace01e92924a7e2e90e
ae83305eec65c2cda8df97afbe9e0ad2422a4094fd14b3c667d11e026b915948
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af880775b9eedf811ee6ad2cad00d16142fd0241f458817f14eb6812757878ad
b071b4a09e0ddd14d373a4d13fa05c3534e6dcd70ecb09800d3712b8c8a7141b
b57fbf414f430030e0602a18c51eb14d1cff5921dd849e70a3ac456e12f85138
b8e8fe9b8ca280dc3c982691064e62ba97c8f2c192a17dfe74430c7cf73cb4de
baf2722dfebe3778ee8bcfa914b2475439416a6075340b3d78575c6d7b4479a3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c4750474cc47ce11526dac4ca5a47f5648e896b7d0dd907ff362371f3a9c5381
c679280313c63c9cc14fbccb6f86d9f51bff04783cec4c96cdc09850a395a837
c8c08382650607d491decf679e338e0a2d79d29241619abd74f3350bfde6fbfb
cacd80cb1cf80c78a1c44f32376a3dc1cb27a48879d1f7a969c01a81e16c7d64
cd981bc07700d5fe93023753c470c01d388ce693adbd0781d9f5d729a7a702c7
cec95965f263866b3249a8d82040b3a6986ea3ab28727967be92f8d48be0f47c
d0468ace0298e02972192363fef52533ad91febd39a676892eabcf120ad9d5aa
d088bc7b501be21a723912b9b77a8691d8a438081e1cc3905f56e40251274f68
d780243bb452baf0c6c23883f8228b0529957de9c5d5a60b0bf8a8ef221ea38f
d788f14393617c09961a71a374bd75a107bc726ab0384586879ed68fcc0c4f1a
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
db6dfee5a89795dbe7e0323f668935b84bca3f92b162ece6df2a915e8763b590
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e9ba7c66db6fdc4a62126a0df7843cd605bc304097315ce9ee9f58476b86dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eefcf6e6dbaf08a46e9728f74fe24316cbd4dd98f0fbe7b423c91edffa63aad0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3867e13d3cda906dad33da7014be1fdf5c6327e8fbf859971b3ed2c62dc57ba
f8aae5aa6a5c208b3ff58438fd87bd86ae5f374864107697d2dde8ab474bc4fe
fa533eb34a8900f6013bf6f0095c696ea16758fe6fbf7442694de0f8ebb2f536
fcd4c0d68d77fa05f6b07831d9df4c56286788916c40399506d5fcbe87bb4a27

www.clubic.com Open in urlscan Pro 5.135.119.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

123 Requests

100 %HTTPS

43 %IPv6

29 Domains

49 Subdomains

43 IPs

8 Countries

1602 kBTransfer

4097 kBSize

3 Cookies

22 Outgoing links

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.clubic.com Open in urlscan Pro
5.135.119.242 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

100 %
HTTPS

43 %
IPv6

29
Domains

49
Subdomains

43
IPs

8
Countries

1602 kB
Transfer

4097 kB
Size

3
Cookies

123 HTTP transactions
3 data transactions