www.zw3b.fr Open in urlscan Pro
2a01:e35:39f1:f747::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Effective URL:
https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Submission: On February 14 via api (February 14th 2022, 9:36:00 am UTC) from CH — Scanned from FR

Summary HTTP 102 Redirects Links 48 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 23 domains to perform 102 HTTP transactions. The main IP is 2a01:e35:39f1:f747::1, located in Paris, France and belongs to PROXAD, FR. The main domain is www.zw3b.fr.
TLS certificate: Issued by Gandi Standard SSL CA 2 on October 1st 2021. Valid for: a year.

This is the only time www.zw3b.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 51	2a01:e35:39f1... 2a01:e35:39f1:f747::1	12322 (PROXAD) (PROXAD)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:6038	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.181.70 104.18.181.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.195.34.147 152.195.34.147	15133 (EDGECAST) (EDGECAST)
1	2a01:4f8:10b:... 2a01:4f8:10b:3120::5	24940 (HETZNER-AS) (HETZNER-AS)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	128.30.52.100 128.30.52.100	3 (MIT-GATEWAYS) (MIT-GATEWAYS)
1	2603:400a:fff... 2603:400a:ffff:804:801e:34:0:15	3 (MIT-GATEWAYS) (MIT-GATEWAYS)
1	2001:41d0:701... 2001:41d0:701:1100::29c8	16276 (OVH) (OVH)
1	46.229.169.130 46.229.169.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:20:... 2606:4700:20::681a:407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	158.69.139.229 158.69.139.229	16276 (OVH) (OVH)
1	67.202.114.216 67.202.114.216	32748 (STEADFAST) (STEADFAST)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	104.18.28.199 104.18.28.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
102	29

51 2a01:e35:39f1:f747::1 (Paris, France) 1 redirects

ASN12322 (PROXAD, FR)

www.zw3b.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:6038 (United States)

ASN13335 (CLOUDFLARENET, US)

img.phonandroid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.181.70 (None, )

ASN13335 (CLOUDFLARENET, US)

www.usine-digitale.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.34.147 (United States)

ASN15133 (EDGECAST, US)

img.20mn.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:10b:3120::5 (Germany)

ASN24940 (HETZNER-AS, DE)

framablog.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.30.52.100 (United States)

ASN3 (MIT-GATEWAYS, US)
PTR: hans-moleman.w3.org

www.w3.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:400a:ffff:804:801e:34:0:15 (Cambridge, United States)

ASN3 (MIT-GATEWAYS, US)

jigsaw.w3.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:701:1100::29c8 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)

ipv6-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.229.169.130 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

webstatsdomain.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.69.139.229 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip229.ip-158-69-139.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.216 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.199 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	zw3b.fr 1 redirects www.zw3b.fr	7 MB
9	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 6696 ic.tynt.com — Cisco Umbrella Rank: 4079 de.tynt.com — Cisco Umbrella Rank: 1078	8 KB
6	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2400 www.google.com — Cisco Umbrella Rank: 2	86 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	673 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 stats.g.doubleclick.net — Cisco Umbrella Rank: 67	6 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	201 KB
2	gstatic.com fonts.gstatic.com	163 KB
2	google.fr www.google.fr — Cisco Umbrella Rank: 15945	608 B
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 13733	3 KB
2	w3.org www.w3.org — Cisco Umbrella Rank: 23494 jigsaw.w3.org — Cisco Umbrella Rank: 73935	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	76 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	157 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	4 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 14961	144 B
1	waust.at waust.at — Cisco Umbrella Rank: 48212	4 KB
1	webstatsdomain.org webstatsdomain.org — Cisco Umbrella Rank: 713307	2 KB
1	ipv6-test.com ipv6-test.com — Cisco Umbrella Rank: 135743	799 B
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 1915	819 KB
1	framablog.org framablog.org	180 KB
1	20mn.fr img.20mn.fr — Cisco Umbrella Rank: 230106	23 KB
1	usine-digitale.fr www.usine-digitale.fr — Cisco Umbrella Rank: 828488	13 KB
1	phonandroid.com img.phonandroid.com	196 KB
102	23

	Domain	Requested by
51	www.zw3b.fr	1 redirects www.zw3b.fr
7	ic.tynt.com	www.zw3b.fr
4	www.facebook.com	www.zw3b.fr
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	www.google-analytics.com	www.zw3b.fr www.google-analytics.com
3	connect.facebook.net	www.zw3b.fr connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.fr	www.zw3b.fr
2	www.google.com	www.zw3b.fr
2	stats.g.doubleclick.net	www.google-analytics.com
2	t.dtscout.com	waust.at t.dtscout.com
2	www.googletagmanager.com	www.zw3b.fr
2	pagead2.googlesyndication.com	www.zw3b.fr pagead2.googlesyndication.com
1	de.tynt.com	cdn.tynt.com
1	fonts.googleapis.com
1	cdn.tynt.com	waust.at
1	whos.amung.us	waust.at
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	waust.at	www.zw3b.fr
1	webstatsdomain.org	www.zw3b.fr
1	ipv6-test.com	www.zw3b.fr
1	jigsaw.w3.org	www.zw3b.fr
1	www.w3.org	www.zw3b.fr
1	upload.wikimedia.org	www.zw3b.fr
1	framablog.org	www.zw3b.fr
1	img.20mn.fr	www.zw3b.fr
1	www.usine-digitale.fr	www.zw3b.fr
1	img.phonandroid.com	www.zw3b.fr
102	28

This site contains links to these domains. Also see Links.

Domain
swan.lab3w.fr
admin.lab3w.fr
www.lab3w.com
api.zw3b.fr
howto.zw3b.fr
www.zw3b.site
www.zw3b.blog
www.zw3b.net
www.zw3b.tv
radio.zw3b.fr
dnslytics.com
fr.wikipedia.org
www.20minutes.fr
twitter.com
www.facebook.com
kss.zw3b.site
portfolio.lab3w.com
lab3w.business.site
www.instagram.com
www.dailymotion.com
fr.linkedin.com
fr.viadeo.com
beknown.com
steamcommunity.com
nightly.mozilla.org
framablog.org
www.inkedgeek.com
www.urbanfilmsfestival.com
www.juste-debout-tv.com
www.juste-debout.com
www.lab3w.fr
validator.w3.org
jigsaw.w3.org
ipv6-test.com
www.zw3b.fr.webstatsdomain.org

Subject Issuer	Validity	Valid
www.zw3b.fr Gandi Standard SSL CA 2	`2021-10-01` - `2022-10-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.20minutes.fr Sectigo RSA Organization Validation Secure Server CA	`2021-03-03` - `2022-03-03`	a year	crt.sh
framablog.org R3	`2022-02-03` - `2022-05-04`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-10-19` - `2022-11-17`	a year	crt.sh
*.w3.org Gandi Standard SSL CA 2	`2021-06-02` - `2022-07-03`	a year	crt.sh
*.ipv6-test.com Gandi Standard SSL CA 2	`2021-03-19` - `2022-04-19`	a year	crt.sh
*.webstatsdomain.org RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-14` - `2022-07-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-23` - `2022-02-21`	3 months	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Frame ID: 1C94916728691B84C1CD257CBAE950DE
Requests: 103 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html
Frame ID: 6939484A526E34427D1DBFFDA546E56C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Comment le malware MoonBounce sévit depuis 2012 * Informatique * ZW3B.FR :-: Le Web XXI

Page URL History Show full URLs

http://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012 HTTP 301
https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

102
Requests

99 %
HTTPS

68 %
IPv6

23
Domains

28
Subdomains

29
IPs

6
Countries

8913 kB
Transfer

10703 kB
Size

14
Cookies

48 Outgoing links

These are links going to different origins than the main page.

URL: http://swan.lab3w.fr/
Title: SWAN

Search URL Search Domain Scan URL

URL: http://admin.lab3w.fr/
Title: ADMIN

Search URL Search Domain Scan URL

URL: http://www.lab3w.com/
Title: LAB3W

Search URL Search Domain Scan URL

URL: http://api.zw3b.fr/
Title: API

Search URL Search Domain Scan URL

URL: http://howto.zw3b.fr/
Title: HOWTO

Search URL Search Domain Scan URL

URL: https://www.zw3b.site/
Title: SITE

Search URL Search Domain Scan URL

URL: https://www.zw3b.blog/
Title: BLOG

Search URL Search Domain Scan URL

URL: https://www.zw3b.net/
Title: NET

Search URL Search Domain Scan URL

URL: https://www.zw3b.tv/
Title: TV

Search URL Search Domain Scan URL

URL: http://radio.zw3b.fr/
Title: RADIO

Search URL Search Domain Scan URL

URL: https://dnslytics.com/ipv6/2001:41d0:8:d154::14
Title: 2001:41d0:8:d154::14

Search URL Search Domain Scan URL

URL: https://fr.wikipedia.org/wiki/Informatique
Title: WikipediA : Informatique

Search URL Search Domain Scan URL

URL: https://www.20minutes.fr/high-tech/3224939-20220127-un-malware-se-camoufle-dans-la-memoire-flash-des-cartes-meres

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=Comment+le+malware+MoonBounce+s%C3%A9vit+depuis+2012%20%3E%3E%20https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Search URL Search Domain Scan URL

URL: https://www.facebook.com/110766378956229
Title: 20 minutes online

Search URL Search Domain Scan URL

URL: https://kss.zw3b.site/
Title: O.Romain.Jaillet-ramey

Search URL Search Domain Scan URL

URL: http://portfolio.lab3w.com/
Title: Page Web

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lab3w.orj
Title: Page FaceBook

Search URL Search Domain Scan URL

URL: https://twitter.com/lab3w_orj
Title: Page Twitter

Search URL Search Domain Scan URL

URL: https://lab3w.business.site/
Title: Page Google Business

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lab3w.orj
Title: Page Instagram

Search URL Search Domain Scan URL

URL: http://www.dailymotion.com/ksso0s
Title: Page Dailymotion

Search URL Search Domain Scan URL

URL: https://fr.linkedin.com/in/o-romain-jaillet-ramey
Title: Page LinkedIn

Search URL Search Domain Scan URL

URL: https://fr.viadeo.com/fr/profile/o.romain.jaillet-ramey
Title: Page Viadeo

Search URL Search Domain Scan URL

URL: http://beknown.com/o.romain-jaillet-ramey
Title: Page Monster

Search URL Search Domain Scan URL

URL: http://steamcommunity.com/id/kss
Title: Page Steam

Search URL Search Domain Scan URL

URL: https://nightly.mozilla.org/
Title: Firefox Nightly

Search URL Search Domain Scan URL

URL: https://framablog.org/2017/07/04/firefox-night-club-entree-libre/?sample_rate=0.01&snippet_name=6844
Title: Nightly : Firefox Night-club, entrée libre !

Search URL Search Domain Scan URL

URL: https://fr.wikipedia.org/wiki/New_Age
Title: XXI &eagrave;me si&eagrave;cle : New Àge ;)

Search URL Search Domain Scan URL

URL: http://www.inkedgeek.com/
Title: Inked Geek : Geek - Mode - Beaute - Lifestyle - Tattoo - Photo - Culture

Search URL Search Domain Scan URL

URL: http://www.inkedgeek.com/selection-automne-asos/
Title: Sélection Automne ASOS

Search URL Search Domain Scan URL

URL: http://www.inkedgeek.com/pourquoi-avoir-un-blog/
Title: Pourquoi avoir un blog ?

Search URL Search Domain Scan URL

URL: http://www.inkedgeek.com/igraal-6-ans-apres/
Title: Igraal, 6 ans après

Search URL Search Domain Scan URL

URL: http://www.inkedgeek.com/reportez-court-metrage-muet/
Title: Reportez ! Court Métrage muet

Search URL Search Domain Scan URL

URL: http://www.inkedgeek.com/fond-decran-avril/
Title: Fond d?écran Avril #04-2021

Search URL Search Domain Scan URL

URL: http://www.inkedgeek.com/fond-decran-mars-2021-3/
Title: Fond d?écran Mars #03-2021

Search URL Search Domain Scan URL

URL: http://www.inkedgeek.com/fond-decran-fevrier-2021/
Title: Fond d?écran Février #02-2021

Search URL Search Domain Scan URL

URL: http://www.inkedgeek.com/fond-decran-janvier-2021/
Title: Fond d?écran Janvier #01-2021

Search URL Search Domain Scan URL

URL: http://www.inkedgeek.com/fond-decran-decembre-2020/
Title: Fond d?écran Décembre #12-2020

Search URL Search Domain Scan URL

URL: http://www.inkedgeek.com/fond-decran-novembre-2020/
Title: Fond d?écran Novembre #11-2020

Search URL Search Domain Scan URL

URL: http://www.urbanfilmsfestival.com/
Title: Urban Fims : MasterClass UFF

Search URL Search Domain Scan URL

URL: http://www.juste-debout-tv.com/live-stream/
Title: Juste Debout Live Stream

Search URL Search Domain Scan URL

URL: http://www.juste-debout.com/

Search URL Search Domain Scan URL

URL: https://www.lab3w.fr/orj
Title: © 2022 Application Web créée par LAB3W O.Romain.Jaillet-ramey : Laboratoire Web et réseaux - Ingénierie de l'Internet

Search URL Search Domain Scan URL

URL: https://validator.w3.org/check?uri=https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Search URL Search Domain Scan URL

URL: https://jigsaw.w3.org/css-validator/check/referer

Search URL Search Domain Scan URL

URL: https://ipv6-test.com/validate.php?url=referer

Search URL Search Domain Scan URL

URL: https://www.zw3b.fr.webstatsdomain.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012 HTTP 301
https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

102 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request comment-le-malware-moonbounce-sevit-depuis-2012 Show response
www.zw3b.fr/informatique/
Redirect Chain

http://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

51 KB
16 KB

4710ms
4224ms

Document
text/html

2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),

Reverse DNS

Software

Apache /

Resource Hash

009437ab0a64ba9686aeca365befb8217e9dfa5100c6f1ad53ceef669bbada5e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

Date: Mon, 14 Feb 2022 09:35:43 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Frame-Options: deny
Vary: Accept-Encoding
Content-Encoding: gzip
X-ZW-Head: ZW3B.Networks D=3774801 t=1644831343808454
X-ZW-BackNode: w1w.zw3b.net
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
X-ZW-LB-Name: w1w
Content-Length: 15190
Content-Type: text/html; charset=UTF-8
Via: 1.1 web.zw3b.fr
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

Redirect headers

Date: Mon, 14 Feb 2022 09:35:42 GMT
Server: Apache
Location: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Cache-Control: max-age=7200
Expires: Mon, 14 Feb 2022 11:35:42 GMT
Content-Length: 349
Content-Type: text/html; charset=iso-8859-1
Via: 1.1 web.zw3b.fr
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

GET
H/1.1 200
OK global.css
www.zw3b.fr/skins/zw3b-fr/css/ 25 KB
5 KB 620ms
516ms Stylesheet
text/css 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/global.css?1789327863
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: fdb388a09650d36635bacedc0f074dd5a0a33698c6a5f04af4010e4c96c599f0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:48 GMT
Content-Encoding: gzip
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 4103
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Thu, 09 Dec 2021 13:01:04 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=17667 t=1644831348237105
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 web.zw3b.fr
Cache-Control: max-age=0, s-maxage=0, no-cache, no-store, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Wed, 16 Mar 2022 09:35:48 GMT

GET
H/1.1 200
OK default.css
www.zw3b.fr/skins/zw3b-fr/css/ 173 KB
27 KB 707ms
465ms Stylesheet
text/css 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: c3bae04d0820bc8b79795c4eb8cd9e822b5a307fbc1161796ee87466fcee25dd

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:48 GMT
Content-Encoding: gzip
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 26972
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Wed, 02 Feb 2022 19:28:26 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=7929 t=1644831348341819
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 web.zw3b.fr
Cache-Control: max-age=0, s-maxage=0, no-cache, no-store, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Wed, 16 Mar 2022 09:35:48 GMT

GET
H/1.1 200
OK magnific-popup.css
www.zw3b.fr/skins/zw3b-fr/css/ 8 KB
3 KB 701ms
459ms Stylesheet
text/css 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/magnific-popup.css
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: bf2911b44c7fa0b1734ab6f03b8cb46245cef7df3cdf8deb0c9a1ad8c6294b7b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:48 GMT
Content-Encoding: gzip
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1924
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 17:59:12 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=3246 t=1644831348340550
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 web.zw3b.fr
Cache-Control: max-age=0, s-maxage=0, no-cache, no-store, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Wed, 16 Mar 2022 09:35:48 GMT

GET
H/1.1 200
OK jquery.1.9.1.min.js Show response
www.zw3b.fr/lib/jquery/ 90 KB
33 KB 705ms
462ms Script
application/javascript 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zw3b.fr/lib/jquery/jquery.1.9.1.min.js
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:48 GMT
Content-Encoding: gzip
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 32775
Access-Control-Allow-Origin: https://www.facebook.com
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 25 Feb 2018 13:34:52 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=4529 t=1644831348343358
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 web.zw3b.fr
Cache-Control: max-age=0, s-maxage=0, no-cache, no-store, private
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Thu, 17 Feb 2022 09:35:48 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.zw3b.fr/lib/jquery/ 196 KB
51 KB 1079ms
462ms Script
application/javascript 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zw3b.fr/lib/jquery/jquery-ui.min.js
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: df7113bb66ade3be2f722c400f7b6c0bc7212477533dd845b0e4ef5442956ea6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:48 GMT
Content-Encoding: gzip
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 51524
Access-Control-Allow-Origin: https://www.facebook.com
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 25 Feb 2018 13:35:02 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=7418 t=1644831348712178
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 web.zw3b.fr
Cache-Control: max-age=0, s-maxage=0, no-cache, no-store, private
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Thu, 17 Feb 2022 09:35:48 GMT

GET
H/1.1 200
OK slides.min.jquery.js Show response
www.zw3b.fr/lib/jquery/slides/js/ 7 KB
3 KB 1137ms
441ms Script
application/javascript 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zw3b.fr/lib/jquery/slides/js/slides.min.jquery.js
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 56aa55fef8efc2df0844e91d58884f9722533ce8fcd1ed8fe82fc0591387156c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:48 GMT
Content-Encoding: gzip
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 2341
Access-Control-Allow-Origin: https://www.facebook.com
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 25 Feb 2018 13:34:52 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2168 t=1644831348782083
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 web.zw3b.fr
Cache-Control: max-age=0, s-maxage=0, no-cache, no-store, private
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Thu, 17 Feb 2022 09:35:48 GMT

GET
H/1.1 200
OK jquery.cycle.all.js Show response
www.zw3b.fr/skins/zw3b-fr/js/ 49 KB
14 KB 1259ms
440ms Script
application/javascript 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zw3b.fr/skins/zw3b-fr/js/jquery.cycle.all.js
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: fb49365112c202c722a3e8354736f4002b2fe1e8ef65e24af2769f5bf1988fe4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:48 GMT
Content-Encoding: gzip
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 13399
Access-Control-Allow-Origin: https://www.facebook.com
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 17:59:08 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=3122 t=1644831348905417
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 web.zw3b.fr
Cache-Control: max-age=0, s-maxage=0, no-cache, no-store, private
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Thu, 17 Feb 2022 09:35:48 GMT

GET
H/1.1 200
OK jquery.easing.1.3.js Show response
www.zw3b.fr/skins/zw3b-fr/js/ 8 KB
3 KB 1361ms
441ms Script
application/javascript 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zw3b.fr/skins/zw3b-fr/js/jquery.easing.1.3.js
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 8269cabae0710f266eb9220c1e024f98f33276edf187f86e01ba8b543e442326

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:49 GMT
Content-Encoding: gzip
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1997
Access-Control-Allow-Origin: https://www.facebook.com
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 17:59:10 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1917 t=1644831349008074
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 web.zw3b.fr
Cache-Control: max-age=0, s-maxage=0, no-cache, no-store, private
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Thu, 17 Feb 2022 09:35:49 GMT

GET
H/1.1 200
OK jquery.zaccordion.js Show response
www.zw3b.fr/skins/zw3b-fr/js/ 21 KB
6 KB 1459ms
441ms Script
application/javascript 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zw3b.fr/skins/zw3b-fr/js/jquery.zaccordion.js
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: ca7dfed2fd8e7916b01bcac3f41cde6a4a49755f9ce70375606e736e12eae2c3

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:49 GMT
Content-Encoding: gzip
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 5367
Access-Control-Allow-Origin: https://www.facebook.com
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 17:59:10 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2500 t=1644831349106057
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 web.zw3b.fr
Cache-Control: max-age=0, s-maxage=0, no-cache, no-store, private
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Thu, 17 Feb 2022 09:35:49 GMT

GET
H/1.1 200
OK jquery.magnific-popup.min.js Show response
www.zw3b.fr/lib/jquery/ 20 KB
8 KB 1462ms
442ms Script
application/javascript 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zw3b.fr/lib/jquery/jquery.magnific-popup.min.js
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: c6743217c9b525646d77f69bfb8cae859c8191ec933c8f5cae459a338b00fd2b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:49 GMT
Content-Encoding: gzip
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 7564
Access-Control-Allow-Origin: https://www.facebook.com
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 25 Feb 2018 13:34:59 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2086 t=1644831349108308
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 web.zw3b.fr
Cache-Control: max-age=0, s-maxage=0, no-cache, no-store, private
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Thu, 17 Feb 2022 09:35:49 GMT

GET
H/1.1 200
OK default.js Show response
www.zw3b.fr/skins/zw3b-fr/js/ 50 KB
10 KB 1574ms
440ms Script
application/javascript 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zw3b.fr/skins/zw3b-fr/js/default.js?1789327863
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: a9e04b524d3e5afada044f58bc5ff8aca018af627cc15499965e2ef276ae49f6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:49 GMT
Content-Encoding: gzip
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 9370
Access-Control-Allow-Origin: https://www.facebook.com
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Thu, 20 Jan 2022 15:02:00 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2602 t=1644831349224500
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 web.zw3b.fr
Cache-Control: max-age=0, s-maxage=0, no-cache, no-store, private
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Thu, 17 Feb 2022 09:35:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 112ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3379702122145482

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

342922beaefd34e0904d381a532ff422bdf332b155ea9ef1a3b17a1724730ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zw3b.fr/
Origin: https://www.zw3b.fr
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53657
x-xss-protection: 0
server: cafe
etag: 562780468454864340
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 09:35:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 96ms
34ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-36011703-2

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

020e660ca503449793836f0f68935a8ade3d1ad9b64a1080f767290c997d1834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36093
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Feb 2022 09:35:49 GMT

GET
H/1.1 200
OK red2.png
www.zw3b.fr/skins/zw3b-fr/css/img/stats-diodes/bulles/ 2 KB
2 KB 448ms
445ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/stats-diodes/bulles/red2.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 1ee29f5632ab3651645e2c345c58f65edf08b2d41cadd16b43111afd8280f4c2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:49 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1818
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:01:10 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2243 t=1644831349679708
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Wed, 16 Mar 2022 09:35:49 GMT

GET
H/1.1 200
OK green3.png
www.zw3b.fr/skins/zw3b-fr/css/img/stats-diodes/bulles/ 1 KB
2 KB 450ms
446ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/stats-diodes/bulles/green3.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: db4458d59dc34dc1dc18d1bbd9a89efcf66d5c1befd0ef5f250e9d230dd2afd1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:49 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1442
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:01:10 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1650 t=1644831349682088
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Wed, 16 Mar 2022 09:35:49 GMT

GET
H/1.1 200
OK green2.png
www.zw3b.fr/skins/zw3b-fr/css/img/stats-diodes/bulles/ 1 KB
2 KB 450ms
446ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/stats-diodes/bulles/green2.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 8aa1d10d86d9d1f671d435de13d786f7d91e92b50bdc7797b4cd666931e0e956

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:49 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1361
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:01:10 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1860 t=1644831349685340
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Wed, 16 Mar 2022 09:35:49 GMT

GET
H/1.1 200
OK informatique_20200619172009_8.jpg
www.zw3b.fr/var/tree///www.zw3b.fr/informatique// 75 KB
76 KB 453ms
449ms Image
image/jpeg 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/var/tree///www.zw3b.fr/informatique//informatique_20200619172009_8.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 6e9bb5fbfeb21b86c65815b51b6080a01d6ddd477faf2e557708f066afd82a7c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:49 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 77174
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Fri, 19 Jun 2020 15:20:09 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=3502 t=1644831349685883
Content-Type: image/jpeg
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Wed, 16 Mar 2022 09:35:49 GMT

GET
H/1.1 200
OK informatique_20200619172008_7.jpg
www.zw3b.fr/var/tree///www.zw3b.fr/informatique// 850 KB
850 KB 454ms
450ms Image
image/jpeg 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/var/tree///www.zw3b.fr/informatique//informatique_20200619172008_7.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: e65e29f124ecfa00fac9d86f788d0a2f635df1e8a35ebe9bcfebe8d78aa534b1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:49 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 870333
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Fri, 19 Jun 2020 15:20:08 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1823 t=1644831349688776
Content-Type: image/jpeg
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Wed, 16 Mar 2022 09:35:49 GMT

GET
H/1.1 200
OK informatique_20200619172008_6.png
www.zw3b.fr/var/tree///www.zw3b.fr/informatique// 3 MB
3 MB 459ms
455ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/var/tree///www.zw3b.fr/informatique//informatique_20200619172008_6.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: a93089d6a15b714f5e71d84f0e6a4f88ccb96a5a58df1384baf5f3b44697adc9

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:49 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 3231572
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Fri, 19 Jun 2020 15:20:08 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1666 t=1644831349688990
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Wed, 16 Mar 2022 09:35:49 GMT

GET
H/1.1 200
OK informatique_20200619172008_5.jpg
www.zw3b.fr/var/tree///www.zw3b.fr/informatique// 816 KB
817 KB 440ms
440ms Image
image/jpeg 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/var/tree///www.zw3b.fr/informatique//informatique_20200619172008_5.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: d3e15324bc707e7b7b04d2c2b293d63a149cd25f5e8b2f129d5cbe0b00051a54

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:51 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 836090
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Fri, 19 Jun 2020 15:20:08 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2577 t=1644831351911761
Content-Type: image/jpeg
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Wed, 16 Mar 2022 09:35:51 GMT

GET
H/1.1 200
OK informatique_20200619172008_4.jpg
www.zw3b.fr/var/tree///www.zw3b.fr/informatique// 49 KB
49 KB 464ms
463ms Image
image/jpeg 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/var/tree///www.zw3b.fr/informatique//informatique_20200619172008_4.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 6c81a8ef350a43eabb1dd2145e2dfee95cc11a54c1741374eca0cb82dcd66724

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:52 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 50013
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Fri, 19 Jun 2020 15:20:08 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=5609 t=1644831352267448
Content-Type: image/jpeg
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Wed, 16 Mar 2022 09:35:52 GMT

GET
H/1.1 200
OK informatique_20200619172008_3.jpg
www.zw3b.fr/var/tree///www.zw3b.fr/informatique// 183 KB
183 KB 463ms
463ms Image
image/jpeg 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/var/tree///www.zw3b.fr/informatique//informatique_20200619172008_3.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: b210afb78148c6432212c6d1e5ef43a4219467d8479d49672f8ff22d1d638ba8

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:52 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 187313
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Fri, 19 Jun 2020 15:20:08 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2636 t=1644831352381210
Content-Type: image/jpeg
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Wed, 16 Mar 2022 09:35:52 GMT

GET
H/1.1 200
OK informatique_20200619172008_2.png
www.zw3b.fr/var/tree///www.zw3b.fr/informatique// 160 KB
161 KB 439ms
438ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/var/tree///www.zw3b.fr/informatique//informatique_20200619172008_2.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: da03ce070788adb72fdb3c42a554f9e7c108f3b852f1137ae80bb39c4b558de1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:52 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 164343
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Fri, 19 Jun 2020 15:20:08 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1216 t=1644831352545849
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Wed, 16 Mar 2022 09:35:52 GMT

GET
H/1.1 200
OK informatique_20200619172007_1.jpg
www.zw3b.fr/var/tree///www.zw3b.fr/informatique// 756 KB
756 KB 438ms
438ms Image
image/jpeg 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/var/tree///www.zw3b.fr/informatique//informatique_20200619172007_1.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 80738f5a39000c2c529ce53a395bd9294de6c1d098151d66df4a20b3c58a129a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:52 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 773955
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Fri, 19 Jun 2020 15:20:07 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1466 t=1644831352709739
Content-Type: image/jpeg
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Wed, 16 Mar 2022 09:35:52 GMT

GET
H2 200 reseau.jpg
img.phonandroid.com/2022/02/ 195 KB
196 KB 102ms
54ms Image
image/webp 2606:4700:20::ac43:6038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.phonandroid.com/2022/02/reseau.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:6038 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28834ef06853884a28cc0035f3a0e92cb584f140a798e405b34f82f65e1726d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1960
cf-polished: origFmt=jpeg, origSize=412790
content-disposition: inline; filename="reseau.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 199644
last-modified: Wed, 02 Feb 2022 09:38:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdJR%2Bz83AZG7%2FhTTphEvlu3Ctdg8YsaffbfczBJSykxAnq4X2q%2Fkp6KjptVkU8toGN%2Fs%2B3dloLKC7zxaAsw%2BwYAOg5zC28nSEkqKl%2BBYY8YtafjFTZonzoC2zI3Wos0BucKGwQNy7uwar52CHTX6LsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6dd54efe0f533b2b-CDG
cf-bgj: imgq:100,h2pri

GET
H2 200 google-analytics.jpg
www.usine-digitale.fr/mediatheque/7/0/2/001215207_pageListeTypeACropped/ 12 KB
13 KB 82ms
33ms Image
image/jpeg 104.18.181.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.usine-digitale.fr/mediatheque/7/0/2/001215207_pageListeTypeACropped/google-analytics.jpg

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.181.70 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de88d6a9be9d375a03ccf604ba34a696c21e4a116230eecc80580998fda4848c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:49 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 320584
cf-bgj: h2pri
content-length: 12764
x-ipd: ExuVAIMEJ90HmjOijEBpiC2smZs+BWOLwrIr2SF8TSA=
last-modified: Thu, 10 Feb 2022 16:15:41 GMT
server: cloudflare
etag: "31dc-5d7ac42f63d18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
content-type: image/jpeg
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 6dd54efe0aa339ed-CDG
expires: Sat, 13 Aug 2022 09:35:49 GMT

GET
H2 200 648x360_un-malware-quasi-indetectable-sevit-sur-le-web.jpg
img.20mn.fr/-QESF61pRIKA7ShnpIch2Ck/ 22 KB
23 KB 95ms
28ms Image
image/webp 152.195.34.147
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.20mn.fr/-QESF61pRIKA7ShnpIch2Ck/648x360_un-malware-quasi-indetectable-sevit-sur-le-web.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.34.147 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (pab/6F3D) /
Resource Hash: cdbb067070a8996ba8c04fa71532596a7dc1bb1f8c7e7d93c63b71442e58837f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:49 GMT
x-twicpics-quality: 70
age: 825677
x-cache: HIT
x-twicpics-source: twicpics
content-length: 22650
apigw-requestid: NCJeSiA5joEEPcA=
allow: GET, OPTIONS
last-modified: Fri, 04 Feb 2022 20:14:32 GMT
server: ECAcc (pab/6F3D)
access-control-max-age: 3600
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
access-control-allow-credentials: true
x-cdn-forward: ocdn-ec
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK lab3w-orj_20190812144442.jpg
www.zw3b.fr/var/usr/o/_/r/o/m/a/i/n/_/j/a/i/l/l/e/t/-/r/a/m/o_romain_jaillet-ramey/web_photos/ 14 KB
15 KB 2554ms
440ms Image
image/jpeg 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/var/usr/o/_/r/o/m/a/i/n/_/j/a/i/l/l/e/t/-/r/a/m/o_romain_jaillet-ramey/web_photos/lab3w-orj_20190812144442.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: f1f118897742e54852f20951e0f40e8901f306a340901f8e989747d54ffde4f1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:51 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 14313
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Mon, 12 Aug 2019 12:44:42 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2436 t=1644831351887477
Content-Type: image/jpeg
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Wed, 16 Mar 2022 09:35:51 GMT

GET
H2 200 petitRobotPoster.png
framablog.org/wp-content/uploads/2017/07/ 179 KB
180 KB 145ms
31ms Image
image/png 2a01:4f8:10b:3120::5
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framablog.org/wp-content/uploads/2017/07/petitRobotPoster.png

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:3120::5 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

970e4d951623fbed121c38a7689afb09c6b0c575169107a0819ff08608f6b0f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:49 GMT
last-modified: Mon, 03 Jul 2017 22:08:30 GMT
server: nginx/1.18.0
etag: "595ac05e-2ccb6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=315360000
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 183478
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Siete_chakras.jpg
upload.wikimedia.org/wikipedia/commons/3/3a/ 818 KB
819 KB 127ms
60ms Image
image/jpeg 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/3/3a/Siete_chakras.jpg

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

310c86d33e6e1ebb44a4c0cf9a0d43729c2f66c8c8d5b651d5490e91f4804391

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 07:37:39 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 7090
x-cache-status: hit-front
x-cache: cp3059 hit, cp3057 hit/17
server-timing: cache;desc="hit-front", host;desc="cp3057"
content-length: 837437
x-client-ip: 2001:41d0:8:d154::14
x-object-meta-sha1base36: jcz6nqxpmoxxwm6lsafbbp33s13jp3n
last-modified: Fri, 04 Oct 2013 16:27:15 GMT
server: ATS/8.0.8
etag: 06a73c45d446ecf6381845589f8c7b84
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1380904034.69385
permissions-policy: interest-cohort=()
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H/1.1 200
OK UFF2016_2-02.jpg
www.zw3b.fr/var/pub/partners/ 498 KB
498 KB 444ms
444ms Image
image/jpeg 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/var/pub/partners/UFF2016_2-02.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: b0ec260030b2b58990a788f71045139b5dbb33cd41164c63091e22bf3273b7bd

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:53 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 509878
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Thu, 16 Feb 2017 12:39:39 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2606 t=1644831353343192
Content-Type: image/jpeg
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Wed, 16 Mar 2022 09:35:53 GMT

GET
H/1.1 200
OK juste-debout-event-2016.jpg
www.zw3b.fr/var/pub/partners/ 71 KB
72 KB 438ms
438ms Image
image/jpeg 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/var/pub/partners/juste-debout-event-2016.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: d81cd105d3e678968b86fd0d9cff2763fbdca55a363c14ce34e2f10d916da7f4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:53 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 73182
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Thu, 16 Feb 2017 12:39:39 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1281 t=1644831353526120
Content-Type: image/jpeg
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Wed, 16 Mar 2022 09:35:53 GMT

GET
H/1.1 200
OK zw3b-pub-768x90.gif
www.zw3b.fr/pub/ 46 KB
46 KB 458ms
458ms Image
image/gif 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/pub/zw3b-pub-768x90.gif
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 3b586e27470f947b86cc8d270872d1b76813de1d8d776fcd8528e0f6ba1f427c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:53 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 46876
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sat, 30 May 2020 21:10:53 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2853 t=1644831353797801
Content-Type: image/gif
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Expires: Wed, 16 Mar 2022 09:35:53 GMT

GET
H2 200 valid-xhtml10
www.w3.org/Icons/ 2 KB
2 KB 359ms
102ms Image
image/png 128.30.52.100
MIT-GATEWAYS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.w3.org/Icons/valid-xhtml10

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

128.30.52.100 , United States, ASN3 (MIT-GATEWAYS, US),

Reverse DNS

hans-moleman.w3.org

Software

Resource Hash

8a9e64adf9351dbc0f333daae135c88d5162ed8eadf5e65801c19914ab657bab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubdomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:49 GMT
last-modified: Fri, 14 Jul 2006 01:43:32 GMT
x-backend: varnish
etag: "75a-41880ced83900;5c6b032305abf"
tcn: choice
vary: negotiate,accept
content-type: image/png; qs=0.7
access-control-allow-origin: *
cache-control: public, max-age=86400
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=15552000; includeSubdomains; preload
accept-ranges: bytes
content-location: valid-xhtml10.png
content-length: 1882
x-request-id: 620a22752bb5bf97

GET
H2 200 vcss
jigsaw.w3.org/css-validator/images/ 2 KB
2 KB 325ms
95ms Image
image/gif 2603:400a:ffff:804:801e:34:0:15
MIT-GATEWAYS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jigsaw.w3.org/css-validator/images/vcss

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2603:400a:ffff:804:801e:34:0:15 Cambridge, United States, ASN3 (MIT-GATEWAYS, US),

Reverse DNS

Software

Jigsaw/2.3.0-beta2 /

Resource Hash

a5e988ededb2aa6ac2fbada686f36a5185bcfa983e316729a4540fb87ec54a0b

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="cN0QSpPIkuwpT6iP2YjEo1bEwGpH/yiUn6yhdy+HNto="; pin-sha256="WGJkyYjx1QMdMe0UqlyOKXtydPDVrk7sl2fV+nNm1r4="; pin-sha256="LrKdTxZLRTvyHM4/atX2nquX9BeHRZMCxg3cf4rhc2I="; max-age=864000
Strict-Transport-Security	max-age=15552015; includeSubDomains; preload
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:15:12 GMT
content-md5: ZMFf26sMyqX3mHU4H/zPhg==
strict-transport-security: max-age=15552015; includeSubDomains; preload
content-length: 1547
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="cN0QSpPIkuwpT6iP2YjEo1bEwGpH/yiUn6yhdy+HNto="; pin-sha256="WGJkyYjx1QMdMe0UqlyOKXtydPDVrk7sl2fV+nNm1r4="; pin-sha256="LrKdTxZLRTvyHM4/atX2nquX9BeHRZMCxg3cf4rhc2I="; max-age=864000
last-modified: Mon, 08 Feb 2016 20:19:38 GMT
server: Jigsaw/2.3.0-beta2
x-frame-options: deny
etag: "178shp7:1a2k0qrk0"
vary: Accept
content-type: image/gif
x-request-id: 620a227569e30e4d
cache-control: max-age=518400
accept-ranges: bytes
content-location: https://jigsaw.w3.org/css-validator/images/vcss.gif
expires: Thu, 17 Feb 2022 09:15:12 GMT

GET
H/1.1 200
OK button-ipv6-80x15.png
ipv6-test.com/ 514 B
799 B 90ms
22ms Image
image/png 2001:41d0:701:1100::29c8
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipv6-test.com/button-ipv6-80x15.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:41d0:701:1100::29c8 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache/2.4.25 (Debian) /
Resource Hash: 447e546ad25c88c3df88416348fb57a8d8c490f854093a3b6e847ff1cc33fc98

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:49 GMT
Last-Modified: Fri, 28 Mar 2014 20:31:50 GMT
Server: Apache/2.4.25 (Debian)
ETag: "202-4f5b09766f980"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 514

GET
H/1.1 200
OK /
webstatsdomain.org/widget/stats/ 2 KB
2 KB 350ms
99ms Image
image/jpeg 46.229.169.130
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webstatsdomain.org/widget/stats/?domain=zw3b.fr&gr=1&al=1&ct=565656&bg=FFFFFF
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.229.169.130 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 2cc7a3ae0e4c7d51ebe97565f7b217ae2ad3822cf140cd1c76212a454fafc036

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:49 GMT
Cache-Control: max-age=604800
Server: nginx/1.10.3
Connection: keep-alive
Content-Type: image/jpeg
Transfer-Encoding: chunked
Expires: Mon, 21 Feb 2022 09:35:49 GMT

GET
H2 200 s.js Show response
waust.at/ 8 KB
4 KB 104ms
28ms Script
application/x-javascript 2606:4700:20::681a:407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/s.js
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0298a25db873588e37945ece2b90e9f573dda86bfc84ae9f3efb8c3fbdcbce84

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2534
last-modified: Mon, 03 May 2021 17:48:39 GMT
server: cloudflare
etag: W/"60903777-1ed7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQhhm9vrS0RqgjWEFk67Tx%2FQo%2F1GuIRdwNn5rB2tMUEl4SYf0U%2BcrJxghVwlyyKCQI8cAmxboeh2ewaPv3Wvn1yAUfIXUl7kus6yOSle6si0GsUfu%2FDJGMdVF0xZoc2aQdDEZoeP"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6dd54eff2d1932aa-CDG
expires: Tue, 15 Feb 2022 08:53:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 113ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5457
date: Mon, 14 Feb 2022 08:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 14 Feb 2022 10:04:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
40 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3RPRGR

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

808f158bc1dfe3315de269f5789057beea99c9ede25d549944d70049524ad7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40847
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Feb 2022 09:35:49 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 107ms
0ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: NPz76yCXf6cp4tlmPfk5R2PhnSPGSt8Zg4gthE1FKShRmZH7dJmPmY6CRa4UMjMyf0H0KFc4aoz5X/ivYnp82A==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 14 Feb 2022 09:35:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK body-n.png
www.zw3b.fr/skins/zw3b-fr/css/img/ 1 KB
2 KB 2069ms
453ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/body-n.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: aa2560dbe8be5fc29bb2eb8c5422cb5cd266fcb5cd338d57dd989de2333bff55

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:51 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1362
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:01:06 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2102 t=1644831351364504
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Wed, 16 Mar 2022 09:35:51 GMT

GET
H/1.1 200
OK master.png
www.zw3b.fr/skins/zw3b-fr/css/img/ 2 KB
3 KB 833ms
441ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/master.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 23699b861f7396e0c32112bc6a29aa62d532b62c93138e1f8dea736a6df16957

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:50 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 2140
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:00:57 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=3022 t=1644831350128875
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Wed, 16 Mar 2022 09:35:50 GMT

GET
H/1.1 200
OK zw3b-logo-20x20.png
www.zw3b.fr/pub/logos/ 1 KB
2 KB 1710ms
440ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/pub/logos/zw3b-logo-20x20.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 313f3051103dfa6c32a511e96b52fe30ed7406894847c58de0610dbae333214c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:51 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1106
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sat, 21 Mar 2015 11:01:40 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1318 t=1644831351007768
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Wed, 16 Mar 2022 09:35:51 GMT

GET
H/1.1 200
OK site.png
www.zw3b.fr/skins/zw3b-fr/css/img/ 1 KB
2 KB 1278ms
443ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/site.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 40db28d0dfb085fc94e62bdea667f27822e8dc7c8f30f80c2a42a9580bbb02a9

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:50 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1231
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:01:15 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=3258 t=1644831350573482
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Wed, 16 Mar 2022 09:35:50 GMT

GET
H/1.1 200
OK header.png
www.zw3b.fr/skins/zw3b-fr/css/img/ 1 KB
2 KB 1616ms
440ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/header.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 50fa8f1d7b53572f7fb817b999cf60aabeefb779af746f128912bd641c5178a2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:50 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1108
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 17:59:12 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1340 t=1644831350911619
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Wed, 16 Mar 2022 09:35:50 GMT

GET
H/1.1 200
OK zw3b-logo-50x50.png
www.zw3b.fr/skins/zw3b-fr/css/img/ 3 KB
3 KB 2172ms
454ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/zw3b-logo-50x50.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 9bfeee766d1ffbb35e6b36024d1d8af6ac2dfd385d32c72b76605dcc984b04b1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:51 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 2829
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:01:55 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1895 t=1644831351469802
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Wed, 16 Mar 2022 09:35:51 GMT

GET
H/1.1 200
OK header-stats-diodes1.png
www.zw3b.fr/skins/zw3b-fr/css/img/ 4 KB
4 KB 1717ms
438ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/header-stats-diodes1.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: de407674267cfc048a0ed27fd0445e033fc1a3c34c042c91fa6725ebfb79a6cf

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:51 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 4030
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:01:05 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2081 t=1644831351014065
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Wed, 16 Mar 2022 09:35:51 GMT

GET
H/1.1 200
OK site-body.png
www.zw3b.fr/skins/zw3b-fr/css/img/ 2 KB
3 KB 1718ms
439ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/site-body.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 5545e77db23a3169abe4a5f579acc92b6a30017e7efe2aae2b1db0b1c0ff29be

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:51 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 2180
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 17:59:16 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1189 t=1644831351015897
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Wed, 16 Mar 2022 09:35:51 GMT

GET
H/1.1 200
OK tetiere.png
www.zw3b.fr/skins/zw3b-fr/css/img/ 2 KB
2 KB 1277ms
444ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/tetiere.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: d6fb58a2d299ed9f1f340fe580526e2ccdaa5d6d010dec1bb6431d8149669af0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:50 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1973
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:01:15 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=4753 t=1644831350571605
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Wed, 16 Mar 2022 09:35:50 GMT

GET
H/1.1 200
OK key-16x16.png
www.zw3b.fr/skins/zw3b-fr/css/img/puces/usr/ 877 B
1 KB 2511ms
442ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/puces/usr/key-16x16.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/global.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 7eb4043a7c945ae6024ef3ce37d4a0ec4b414d9c706c9683ad3095c3b82b1c07

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/global.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:51 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 877
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Thu, 25 Feb 2021 01:26:33 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1353 t=1644831351807575
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Wed, 16 Mar 2022 09:35:51 GMT

GET
H/1.1 200
OK globe-icone-6377-32.png
www.zw3b.fr/skins/zw3b-fr/css/img/puces/contents/links/ 3 KB
3 KB 2149ms
438ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/puces/contents/links/globe-icone-6377-32.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/global.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 043568959832b245471474f20fa7fd4b1da1a2876213570c00a61c0312223614

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/global.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:51 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 2815
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:01:29 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1367 t=1644831351446877
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Wed, 16 Mar 2022 09:35:51 GMT

GET
H/1.1 200
OK share-fb.png
www.zw3b.fr/skins/zw3b-fr/css/img/ 7 KB
8 KB 1267ms
440ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/share-fb.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: d02757e2e2cae42ca274a628aa5fc2af9102afd5e7501d40b4bd0c8d7b7e2f49

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:50 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 7110
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:01:06 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1970 t=1644831350563973
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Wed, 16 Mar 2022 09:35:50 GMT

GET
H/1.1 200
OK share-twitter.png
www.zw3b.fr/skins/zw3b-fr/css/img/ 6 KB
7 KB 2173ms
455ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/share-twitter.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 4444c9802d49ae390dc93efa542b850b505c68a8a5220b74ac706c20b2d76b60

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:51 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 6650
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:01:03 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2771 t=1644831351469870
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Wed, 16 Mar 2022 09:35:51 GMT

GET
H/1.1 200
OK share-linkedin.png
www.zw3b.fr/skins/zw3b-fr/css/img/ 2 KB
2 KB 834ms
441ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/share-linkedin.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 1fff62e231889bc608ef1c50230034e839dfd3a79cffb2f9a20fc603ceaaf9ab

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:50 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1554
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Thu, 11 Feb 2021 15:04:15 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1425 t=1644831350131625
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Wed, 16 Mar 2022 09:35:50 GMT

GET
H/1.1 200
OK zw3b-logo-16x16.png
www.zw3b.fr/skins/zw3b-fr/css/img/ 931 B
1 KB 2584ms
447ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/zw3b-logo-16x16.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/global.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 474cf6b125fe987da8bf66a2289d7936d56eeca3e7352e3cc3ae0ce82e134a02

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/global.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:51 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 931
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 17:59:16 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1563 t=1644831351910797
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Wed, 16 Mar 2022 09:35:51 GMT

GET
H/1.1 200
OK user-16.png
www.zw3b.fr/skins/zw3b-fr/css/img/puces/usr/ 672 B
1 KB 445ms
445ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/puces/usr/user-16.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/global.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 49d00d2715d7cf4dc9bb732ebee4bc83e55afc79a13667e2dd365fe76e00ba8d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/global.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:54 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 672
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Tue, 27 Jun 2006 15:01:04 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1854 t=1644831354287527
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Wed, 16 Mar 2022 09:35:54 GMT

GET
H/1.1 200
OK lien-go-icone-9719-16.png
www.zw3b.fr/skins/zw3b-fr/css/img/puces/pub/ 998 B
2 KB 446ms
446ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/puces/pub/lien-go-icone-9719-16.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 1b41e31e8729e225ff745459074fda9650707b024dc3cd9acb7025d66b81aa9c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:54 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 998
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:01:35 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1904 t=1644831354558927
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Expires: Wed, 16 Mar 2022 09:35:54 GMT

GET
H/1.1 200
OK facebook-16x16.jpg
www.zw3b.fr/skins/zw3b-fr/css/img/puces/social/ 1 KB
2 KB 440ms
440ms Image
image/jpeg 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/puces/social/facebook-16x16.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 1a105dfd9ee6243bb6ced387e8270ce3af8d980a257ddba1f1738090f6142b96

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:54 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1204
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:00:58 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1240 t=1644831354730061
Content-Type: image/jpeg
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Expires: Wed, 16 Mar 2022 09:35:54 GMT

GET
H/1.1 200
OK twitter-16x16.jpg
www.zw3b.fr/skins/zw3b-fr/css/img/puces/social/ 1 KB
2 KB 445ms
444ms Image
image/jpeg 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/puces/social/twitter-16x16.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: e0bcd815cd8bcd529c5612a0695a2885aa5c6fc06d2f39398cefee15d95e50ec

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:55 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 1266
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Sun, 11 Nov 2018 18:00:59 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1843 t=1644831355005050
Content-Type: image/jpeg
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Expires: Wed, 16 Mar 2022 09:35:55 GMT

GET
H/1.1 200
OK google-translate.jpg
www.zw3b.fr/pub/ 4 KB
5 KB 442ms
442ms Image
image/jpeg 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/pub/google-translate.jpg
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: a3b20f7fbe0d4653d0f0d33f75a9c2ded00a61c99304b001899714fa37c57885

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:55 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 4118
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Mon, 17 Jun 2019 13:38:07 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1775 t=1644831355172737
Content-Type: image/jpeg
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Expires: Wed, 16 Mar 2022 09:35:55 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 590a50923420fd1756993a6f59dd02fa4711806494cf6a6c736586e4efbec2bf

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK inkedgeek-x30.png
www.zw3b.fr/skins/zw3b-fr/css/img/puces/partners/ 3 KB
3 KB 440ms
440ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/puces/partners/inkedgeek-x30.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: a15b97d7775c502766eb4a3cd49a4f4ebdbe1b908638b1e9fcc9bbf4a9f39635

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:55 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 2737
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Mon, 26 Feb 2018 04:31:39 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1797 t=1644831355423585
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Wed, 16 Mar 2022 09:35:55 GMT

GET
H/1.1 200
OK inkedgeek-10x10.png
www.zw3b.fr/skins/zw3b-fr/css/img/puces/partners/ 394 B
967 B 446ms
446ms Image
image/png 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/img/puces/partners/inkedgeek-10x10.png
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: 26300f3eb5b25ac0d06f8f2918bee63a90e32f36acba7b9577799bf9e2aed444

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:55 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 394
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Mon, 26 Feb 2018 04:31:36 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=1843 t=1644831355452042
Content-Type: image/png
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Expires: Wed, 16 Mar 2022 09:35:55 GMT

GET
H/1.1 200
OK alarm_clock.ttf
www.zw3b.fr/skins/zw3b-fr/css/fonts/ 21 KB
22 KB 775ms
445ms Font
font/ttf 2a01:e35:39f1:f747::1
PROXAD

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zw3b.fr/skins/zw3b-fr/css/fonts/alarm_clock.ttf
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:e35:39f1:f747::1 Paris, France, ASN12322 (PROXAD, FR),
Reverse DNS
Software: Apache /
Resource Hash: e94f05cbfaaada359a4721f6320c2f8b82c736cdaef7dccf3301cb981168a4cc

Request headers

Referer: https://www.zw3b.fr/skins/zw3b-fr/css/default.css?1789327863
Origin: https://www.zw3b.fr
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:50 GMT
Via: 1.1 web.zw3b.fr
X-ZW-LB-Name: w1w
Connection: Keep-Alive
Content-Length: 21664
X-ZW-BackNode: w1w.zw3b.net
Last-Modified: Tue, 02 Sep 2014 11:56:40 GMT
Server: Apache
X-ZW-LB-IPv4: 158.69.126.137
X-ZW-Head: ZW3B.Networks D=2433 t=1644831350127516
Content-Type: font/ttf
Cache-Control: max-age=-2592000, public
X-ZW-LB-IPv6: 2607:5300:0060:9389:0015:0001:000a:0010
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Mon, 14 Feb 2022 11:35:50 GMT

GET undefined
www.zw3b.fr/informatique/ 0
0

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/ 289 KB
104 KB 121ms
87ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3379702122145482&plah=www.zw3b.fr

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3379702122145482

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f48eb7ed2dc4a031c4b65ea339a6e05c1b6ce71abbe9d4f24758dce4046e7203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106425
x-xss-protection: 0
server: cafe
etag: 3206790415973976107
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 09:35:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/ Frame 6939 10 KB
5 KB 428ms
37ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3379702122145482

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sun, 13 Feb 2022 23:18:13 GMT
expires: Sun, 27 Feb 2022 23:18:13 GMT
cache-control: public, max-age=1209600
age: 37057
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 368ms
107ms Script
application/javascript 158.69.139.229
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012&j=
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip229.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 27f3e97f04587e1c7897b1d0ffeccdec3b91173297342ac575ceabf689f65cf3

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:50 GMT
X-T: 0.549
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl3
Expires: Mon, 14 Feb 2022 09:35:49 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 64ms
31ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 14 Feb 2022 10:34:12 GMT

GET
H3 200 304330253818873 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 50ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/304330253818873?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a761e569427aa5818d5895b9ec63d6baa5715e63576c9fb387f4312720c97979

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89124
x-xss-protection: 0
pragma: public
x-fb-debug: OglKqlhEqEmB7HtmfPlDFFmJMWDrAjStIeL7ZzzKqa+9saNflPSE/ZDfJmSHCs48Rf0IABKgiLrFYbs1GX6CUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Feb 2022 09:35:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 28 B
144 B 366ms
115ms Script
text/javascript 67.202.114.216
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=8wabc2d4yz&t=Comment%20le%20malware%20MoonBounce%20s%C3%A9vit%20depuis%202012%20*%20Informatique%20*%20ZW3B.FR%20%3A-%3A%20Le%20&c=s&x=https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012&y=&a=0&d=6.896&v=27&r=960
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.114.216 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: c0b6fb1a9ec164fec15b92fd86fd99cd9c33ce580c9b9b1472e2a1be39ac941d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:50 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2 200 ca-pub-3379702122145482 Show response
fundingchoicesmessages.google.com/i/ 89 KB
31 KB 169ms
47ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3379702122145482?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3379702122145482&plah=www.zw3b.fr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8d1360495c9ade5a89d98eff7b9dc3634da9cad6bbc8cb3523a884cd1bd0d10

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q4TPocuwiLYfKIkmfQF/jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-q4TPocuwiLYfKIkmfQF/jA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-q4TPocuwiLYfKIkmfQF/jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-q4TPocuwiLYfKIkmfQF/jA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
date: Mon, 14 Feb 2022 09:35:50 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 100ms
26ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36011703-2&cid=267631588.1644831350&jid=1646273101&gjid=875868114&_gid=1081672558.1644831350&_u=KGBAgEAjAAAAAE~&z=1924380232

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zw3b.fr/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Feb 2022 09:35:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.zw3b.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 35ms
26ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36011703-2&cid=267631588.1644831350&jid=1854427162&gjid=516827842&_gid=1081672558.1644831350&_u=aGDAiEAjBAAAAE~&z=1807796790

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zw3b.fr/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Feb 2022 09:35:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.zw3b.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
26ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=907657715&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012&ul=en-us&de=UTF-8&dt=Comment%20le%20malware%20MoonBounce%20s%C3%A9vit%20depuis%202012%20*%20Informatique%20*%20ZW3B.FR%20%3A-%3A%20Le%20Web%20XXI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEAj~&jid=1646273101&gjid=875868114&cid=267631588.1644831350&tid=UA-36011703-2&_gid=1081672558.1644831350&z=370788561

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 21:06:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44935
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
27ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=907657715&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012&ul=en-us&de=UTF-8&dt=Comment%20le%20malware%20MoonBounce%20s%C3%A9vit%20depuis%202012%20*%20Informatique%20*%20ZW3B.FR%20%3A-%3A%20Le%20Web%20XXI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEAjBAAAAE~&jid=1854427162&gjid=516827842&cid=267631588.1644831350&tid=UA-36011703-2&_gid=1081672558.1644831350&gtm=2wg290M3RPRGR&cg0=%2Fclub%2F&cg1=%2Fabout%2F&cg2=%2Factivity%2F&z=835447561

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Feb 2022 21:06:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44935
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 297839307777936 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 30ms
29ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/297839307777936?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab50753ffa604bbd25c9e83162155967d1ed93b71b9dd21d6952d061ccb46c29

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89115
x-xss-protection: 0
pragma: public
x-fb-debug: Drj+XcpvdDMTvbAZDtjK+Qz82f3HC98oqjODylMbonBQ8WHGOfESVeqwzQymwB5tS9vyjvTxQcWU+8KK8Dg0uQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Feb 2022 09:35:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 79ms
24ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304330253818873&ev=PageView&dl=https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012&rl=&if=false&ts=1644831350233&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644831350226.1749303726&it=1644831349892&coo=false&rqm=GET

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 14 Feb 2022 09:35:50 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 112ms
50ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36011703-2&cid=267631588.1644831350&jid=1646273101&_u=KGBAgEAjAAAAAE~&z=290116015

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 09:35:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
107 B 115ms
49ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36011703-2&cid=267631588.1644831350&jid=1646273101&_u=KGBAgEAjAAAAAE~&z=290116015

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 09:35:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 113ms
51ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36011703-2&cid=267631588.1644831350&jid=1854427162&_u=aGDAiEAjBAAAAE~&z=1348584778

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 09:35:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
501 B 114ms
49ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36011703-2&cid=267631588.1644831350&jid=1854427162&_u=aGDAiEAjBAAAAE~&z=1348584778

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 09:35:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVHtJugHM5DyLQXDvmAd_K15YE71ELxeD2cx1eG7EQEYTVDYyzhj55gmV-EsNn396uozqxDiTc0Wb2avRB0MIY= Show response
fundingchoicesmessages.google.com/el/ 0
25 B 71ms
37ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVHtJugHM5DyLQXDvmAd_K15YE71ELxeD2cx1eG7EQEYTVDYyzhj55gmV-EsNn396uozqxDiTc0Wb2avRB0MIY=?pvid=B4B2F16A-AE87-4F59-8482-2384AB2AC9C4&anonid=7EDF52FA-761A-4069-A3A4-6F3E18839BC3

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.akLFzi0OZbQ.es5.O/d=1/rs=AJlcJMxfKkBuJiS4IXyfOyMCtqW1yLydbg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NP7BwNBzRkze0AQQ+429PA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-NP7BwNBzRkze0AQQ+429PA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zw3b.fr/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 09:35:50 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.zw3b.fr
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NP7BwNBzRkze0AQQ+429PA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-NP7BwNBzRkze0AQQ+429PA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW460m6rPzghY3dZFmgnqBEhy4MWa36LAi4dDBIrVh8ig47673snt8W3cgq0kHmak78TSj9X56dvIgdGkGTmeM= Show response
fundingchoicesmessages.google.com/f/ 281 KB
53 KB 100ms
66ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW460m6rPzghY3dZFmgnqBEhy4MWa36LAi4dDBIrVh8ig47673snt8W3cgq0kHmak78TSj9X56dvIgdGkGTmeM=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQ0ODMxMzUwLDMyNjAwMDAwMF0sIkI0QjJGMTZBLUFFODctNEY1OS04NDgyLTIzODRBQjJBQzlDNCIsIjdFREY1MkZBLTc2MUEtNDA2OS1BM0E0LTZGM0UxODgzOUJDMyIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy56dzNiLmZyL2luZm9ybWF0aXF1ZS9jb21tZW50LWxlLW1hbHdhcmUtbW9vbmJvdW5jZS1zZXZpdC1kZXB1aXMtMjAxMiIsbnVsbCxbXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5a5c7ac239884db3df03631bd93a191f2e72c76f43176eff7cef4ff49fb8db7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-G/CRa7u1z1qHAdFcjLVImA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-G/CRa7u1z1qHAdFcjLVImA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 09:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-G/CRa7u1z1qHAdFcjLVImA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-G/CRa7u1z1qHAdFcjLVImA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 295ms
97ms Script
application/javascript 158.69.139.229
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zw3b.fr&_ss=kel2hxi29y&_pv=1&_ls=0&_u1=1&_u3=1&_cc=fr&_pl=d&_cbid=6pcj&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip229.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 39e3493093320d26c913a251444f237e763b5b50633336ce42797d86183851c2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 09:35:50 GMT
X-T: 0.208
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Mon, 14 Feb 2022 09:35:49 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 73ms
28ms Script
application/javascript 104.18.28.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:37 GMT
server: cloudflare
age: 218059
etag: W/"612951fd-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6dd54f03fb9e3a8d-CDG
expires: Thu, 17 Feb 2022 09:35:50 GMT

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 47ms
22ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=297839307777936&ev=PageView&dl=https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012&rl=&if=false&ts=1644831350353&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644831350226.1749303726&it=1644831349892&coo=false&rqm=GET

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 14 Feb 2022 09:35:50 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 349ms
113ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!8wabc2d4yz&lm=0&ts=1644831350418&dn=TC&iso=0&t=Comment%20le%20malware%20MoonBounce%20s%C3%A9vit%20depuis%202012%20*%20Informatique%20*%20ZW3B.FR%20%3A-%3A%20Le%20Web%20XXI&cu=https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 css
fonts.googleapis.com/ 54 KB
4 KB 202ms
43ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.fr.DiXpQq8okxo.es5.O/d=1/rs=AJlcJMw56Ma9ChOqeNFrFczbB_3TMzOZAA/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d24a4fa4847b5c367d77e8df3a77d1c1b69d15a84e7f129fda45d87046def864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 09:35:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Feb 2022 09:35:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Feb 2022 09:35:50 GMT

POST
H3 204 AGSKWxVCk1KGeNwiCj3f286gIKbxfK6_qL8tMtDdAvO8cqf2pihCQ21TOZ-_31KsAQrLjoxeuv4DTKPGAm7Lxn2_8LnzsB4NVdGyOF1htf4kwtPa-xmdZt5bjvHBdsAcTpjFQXpKfnDt59A153ajSKZ72mZ67zkiAeaY2_z-WjA1ec0783g4cfh2Cmf98nbM Show response
fundingchoicesmessages.google.com/el/ 0
26 B 65ms
64ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVCk1KGeNwiCj3f286gIKbxfK6_qL8tMtDdAvO8cqf2pihCQ21TOZ-_31KsAQrLjoxeuv4DTKPGAm7Lxn2_8LnzsB4NVdGyOF1htf4kwtPa-xmdZt5bjvHBdsAcTpjFQXpKfnDt59A153ajSKZ72mZ67zkiAeaY2_z-WjA1ec0783g4cfh2Cmf98nbM?dmid=3183b9014d42a044

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rV7UsS+C6FEHcfZQcvee4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-rV7UsS+C6FEHcfZQcvee4Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zw3b.fr/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 09:35:50 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.zw3b.fr
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rV7UsS+C6FEHcfZQcvee4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-rV7UsS+C6FEHcfZQcvee4Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v121/ 119 KB
120 KB 90ms
24ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v121/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zw3b.fr
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 19:31:38 GMT
x-content-type-options: nosniff
age: 482652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121784
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 19:19:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 19:31:38 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 144ms
85ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zw3b.fr
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 09:58:52 GMT
x-content-type-options: nosniff
age: 257818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 11 Feb 2023 09:58:52 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 387ms
116ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!8wabc2d4yz&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:50 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Tue, 15 Feb 2022 09:35:51 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 31ms
30ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304330253818873&ev=Microdata&dl=https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012&rl=&if=false&ts=1644831350794&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Comment%20le%20malware%20MoonBounce%20s%C3%A9vit%20depuis%202012%20*%20Informatique%20*%20ZW3B.FR%20%3A-%3A%20Le%20Web%20XXI%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Comment%20le%20malware%20MoonBounce%20s%C3%A9vit%20depuis%202012%20*%20Informatique%20*%20ZW3B.FR%20%3A-%3A%20Le%20Web%20XXI%22%2C%22og%3Adescription%22%3A%22Le%20malware%C2%A0se%20camoufle%20dans%20la%20m%C3%A9moire%20flash%20des%20cartes%20m%C3%A8res%20et%20permet%20aux%20pirates%20de%20prendre%20le%20contr%C3%B4le%C2%A0des%20machines%2C%20et%20ce%20depuis%20vingt%20ans.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644831350226.1749303726&it=1644831349892&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 14 Feb 2022 09:35:50 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 116ms
116ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!8wabc2d4yz&lm=0&ts=1644831350418&dn=TC&iso=0&t=Comment%20le%20malware%20MoonBounce%20s%C3%A9vit%20depuis%202012%20*%20Informatique%20*%20ZW3B.FR%20%3A-%3A%20Le%20Web%20XXI&cu=https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 28ms
27ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=297839307777936&ev=Microdata&dl=https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012&rl=&if=false&ts=1644831350856&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Comment%20le%20malware%20MoonBounce%20s%C3%A9vit%20depuis%202012%20*%20Informatique%20*%20ZW3B.FR%20%3A-%3A%20Le%20Web%20XXI%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Comment%20le%20malware%20MoonBounce%20s%C3%A9vit%20depuis%202012%20*%20Informatique%20*%20ZW3B.FR%20%3A-%3A%20Le%20Web%20XXI%22%2C%22og%3Adescription%22%3A%22Le%20malware%C2%A0se%20camoufle%20dans%20la%20m%C3%A9moire%20flash%20des%20cartes%20m%C3%A8res%20et%20permet%20aux%20pirates%20de%20prendre%20le%20contr%C3%B4le%C2%A0des%20machines%2C%20et%20ce%20depuis%20vingt%20ans.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.zw3b.fr%2Finformatique%2Fcomment-le-malware-moonbounce-sevit-depuis-2012%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644831350226.1749303726&it=1644831349892&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 14 Feb 2022 09:35:50 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 112ms
112ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!8wabc2d4yz&lm=0&ts=1644831350418&dn=TC&iso=0&t=Comment%20le%20malware%20MoonBounce%20s%C3%A9vit%20depuis%202012%20*%20Informatique%20*%20ZW3B.FR%20%3A-%3A%20Le%20Web%20XXI
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 112ms
112ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!8wabc2d4yz&lm=0&ts=1644831350418&dn=TC&iso=0
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 112ms
112ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!8wabc2d4yz&lm=0&ts=1644831350418&dn=TC&iso=0
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 113ms
112ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!8wabc2d4yz&lm=0&ts=1644831350418&dn=TC&iso=0
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 114ms
114ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!8wabc2d4yz&lm=0&ts=1644831350418&dn=TC&iso=0
Requested by: Host: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.zw3b.fr/informatique/comment-le-malware-moonbounce-sevit-depuis-2012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.zw3b.fr
URL: https://www.zw3b.fr/informatique/undefined

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.zw3b.fr/informatique	1970-01-20 00:55:17	Name: cv Value: id1989V1
www.zw3b.fr/	1969-12-31 23:59:59	Name: ROUTEID Value: .nice.lab3w.fr
.www.zw3b.fr/	1970-01-20 00:53:54	Name: lang Value: FR
www.zw3b.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1hnjl32ena0qdvj3n6npds4gop
.zw3b.fr/	1970-01-20 18:25:03	Name: _ga Value: GA1.2.267631588.1644831350
.zw3b.fr/	1970-01-20 00:55:17	Name: _gid Value: GA1.2.1081672558.1644831350
.zw3b.fr/	1970-01-20 00:53:51	Name: _gat Value: 1
.zw3b.fr/	1970-01-20 00:53:51	Name: _dc_gtm_UA-36011703-2 Value: 1
.dtscout.com/	1970-01-20 00:53:56	Name: m Value: 1
.dtscout.com/	1970-01-20 00:54:09	Name: b Value: 1
.dtscout.com/	1970-01-20 00:54:05	Name: oa Value: 1
.dtscout.com/	1970-01-20 03:17:51	Name: df Value: 1644831350
.zw3b.fr/	1970-01-20 03:03:27	Name: _fbp Value: fb.1.1644831350226.1749303726
.facebook.com/	1970-01-20 03:03:27	Name: fr Value: 0AsCabKiKxBl2c4X3..BiCiJ2...1.0.BiCiJ2.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tynt.com
connect.facebook.net
de.tynt.com
fonts.googleapis.com
fonts.gstatic.com
framablog.org
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ic.tynt.com
img.20mn.fr
img.phonandroid.com
ipv6-test.com
jigsaw.w3.org
pagead2.googlesyndication.com
stats.g.doubleclick.net
t.dtscout.com
upload.wikimedia.org
waust.at
webstatsdomain.org
whos.amung.us
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.usine-digitale.fr
www.w3.org
www.zw3b.fr
www.zw3b.fr
104.18.181.70
104.18.28.199
128.30.52.100
152.195.34.147
158.69.139.229
2001:41d0:701:1100::29c8
2603:400a:ffff:804:801e:34:0:15
2606:4700:20::681a:407
2606:4700:20::ac43:6038
2620:0:862:ed1a::2:b
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c0c::9c
2a01:4f8:10b:3120::5
2a01:e35:39f1:f747::1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
46.229.169.130
67.202.105.31
67.202.105.33
67.202.114.216
009437ab0a64ba9686aeca365befb8217e9dfa5100c6f1ad53ceef669bbada5e
020e660ca503449793836f0f68935a8ade3d1ad9b64a1080f767290c997d1834
0298a25db873588e37945ece2b90e9f573dda86bfc84ae9f3efb8c3fbdcbce84
043568959832b245471474f20fa7fd4b1da1a2876213570c00a61c0312223614
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16a6b6731e2fc6387561d78f5affd3b539a6c0540434924b809d490a5ebc9725
1a105dfd9ee6243bb6ced387e8270ce3af8d980a257ddba1f1738090f6142b96
1b41e31e8729e225ff745459074fda9650707b024dc3cd9acb7025d66b81aa9c
1ee29f5632ab3651645e2c345c58f65edf08b2d41cadd16b43111afd8280f4c2
1fff62e231889bc608ef1c50230034e839dfd3a79cffb2f9a20fc603ceaaf9ab
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
23699b861f7396e0c32112bc6a29aa62d532b62c93138e1f8dea736a6df16957
26300f3eb5b25ac0d06f8f2918bee63a90e32f36acba7b9577799bf9e2aed444
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
27f3e97f04587e1c7897b1d0ffeccdec3b91173297342ac575ceabf689f65cf3
2cc7a3ae0e4c7d51ebe97565f7b217ae2ad3822cf140cd1c76212a454fafc036
310c86d33e6e1ebb44a4c0cf9a0d43729c2f66c8c8d5b651d5490e91f4804391
313f3051103dfa6c32a511e96b52fe30ed7406894847c58de0610dbae333214c
342922beaefd34e0904d381a532ff422bdf332b155ea9ef1a3b17a1724730ca0
39e3493093320d26c913a251444f237e763b5b50633336ce42797d86183851c2
3b586e27470f947b86cc8d270872d1b76813de1d8d776fcd8528e0f6ba1f427c
40db28d0dfb085fc94e62bdea667f27822e8dc7c8f30f80c2a42a9580bbb02a9
4444c9802d49ae390dc93efa542b850b505c68a8a5220b74ac706c20b2d76b60
447e546ad25c88c3df88416348fb57a8d8c490f854093a3b6e847ff1cc33fc98
474cf6b125fe987da8bf66a2289d7936d56eeca3e7352e3cc3ae0ce82e134a02
49d00d2715d7cf4dc9bb732ebee4bc83e55afc79a13667e2dd365fe76e00ba8d
50fa8f1d7b53572f7fb817b999cf60aabeefb779af746f128912bd641c5178a2
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
5545e77db23a3169abe4a5f579acc92b6a30017e7efe2aae2b1db0b1c0ff29be
56aa55fef8efc2df0844e91d58884f9722533ce8fcd1ed8fe82fc0591387156c
590a50923420fd1756993a6f59dd02fa4711806494cf6a6c736586e4efbec2bf
6c81a8ef350a43eabb1dd2145e2dfee95cc11a54c1741374eca0cb82dcd66724
6e9bb5fbfeb21b86c65815b51b6080a01d6ddd477faf2e557708f066afd82a7c
7eb4043a7c945ae6024ef3ce37d4a0ec4b414d9c706c9683ad3095c3b82b1c07
80738f5a39000c2c529ce53a395bd9294de6c1d098151d66df4a20b3c58a129a
808f158bc1dfe3315de269f5789057beea99c9ede25d549944d70049524ad7ac
8269cabae0710f266eb9220c1e024f98f33276edf187f86e01ba8b543e442326
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a9e64adf9351dbc0f333daae135c88d5162ed8eadf5e65801c19914ab657bab
8aa1d10d86d9d1f671d435de13d786f7d91e92b50bdc7797b4cd666931e0e956
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
970e4d951623fbed121c38a7689afb09c6b0c575169107a0819ff08608f6b0f1
9bfeee766d1ffbb35e6b36024d1d8af6ac2dfd385d32c72b76605dcc984b04b1
a15b97d7775c502766eb4a3cd49a4f4ebdbe1b908638b1e9fcc9bbf4a9f39635
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a28834ef06853884a28cc0035f3a0e92cb584f140a798e405b34f82f65e1726d
a3b20f7fbe0d4653d0f0d33f75a9c2ded00a61c99304b001899714fa37c57885
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a5e988ededb2aa6ac2fbada686f36a5185bcfa983e316729a4540fb87ec54a0b
a761e569427aa5818d5895b9ec63d6baa5715e63576c9fb387f4312720c97979
a93089d6a15b714f5e71d84f0e6a4f88ccb96a5a58df1384baf5f3b44697adc9
a9e04b524d3e5afada044f58bc5ff8aca018af627cc15499965e2ef276ae49f6
aa2560dbe8be5fc29bb2eb8c5422cb5cd266fcb5cd338d57dd989de2333bff55
ab50753ffa604bbd25c9e83162155967d1ed93b71b9dd21d6952d061ccb46c29
b0ec260030b2b58990a788f71045139b5dbb33cd41164c63091e22bf3273b7bd
b210afb78148c6432212c6d1e5ef43a4219467d8479d49672f8ff22d1d638ba8
bf2911b44c7fa0b1734ab6f03b8cb46245cef7df3cdf8deb0c9a1ad8c6294b7b
c0b6fb1a9ec164fec15b92fd86fd99cd9c33ce580c9b9b1472e2a1be39ac941d
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3bae04d0820bc8b79795c4eb8cd9e822b5a307fbc1161796ee87466fcee25dd
c6743217c9b525646d77f69bfb8cae859c8191ec933c8f5cae459a338b00fd2b
c8d1360495c9ade5a89d98eff7b9dc3634da9cad6bbc8cb3523a884cd1bd0d10
ca7dfed2fd8e7916b01bcac3f41cde6a4a49755f9ce70375606e736e12eae2c3
cdbb067070a8996ba8c04fa71532596a7dc1bb1f8c7e7d93c63b71442e58837f
d02757e2e2cae42ca274a628aa5fc2af9102afd5e7501d40b4bd0c8d7b7e2f49
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d24a4fa4847b5c367d77e8df3a77d1c1b69d15a84e7f129fda45d87046def864
d3e15324bc707e7b7b04d2c2b293d63a149cd25f5e8b2f129d5cbe0b00051a54
d6fb58a2d299ed9f1f340fe580526e2ccdaa5d6d010dec1bb6431d8149669af0
d81cd105d3e678968b86fd0d9cff2763fbdca55a363c14ce34e2f10d916da7f4
da03ce070788adb72fdb3c42a554f9e7c108f3b852f1137ae80bb39c4b558de1
db4458d59dc34dc1dc18d1bbd9a89efcf66d5c1befd0ef5f250e9d230dd2afd1
de407674267cfc048a0ed27fd0445e033fc1a3c34c042c91fa6725ebfb79a6cf
de88d6a9be9d375a03ccf604ba34a696c21e4a116230eecc80580998fda4848c
df7113bb66ade3be2f722c400f7b6c0bc7212477533dd845b0e4ef5442956ea6
e0bcd815cd8bcd529c5612a0695a2885aa5c6fc06d2f39398cefee15d95e50ec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a5c7ac239884db3df03631bd93a191f2e72c76f43176eff7cef4ff49fb8db7
e65e29f124ecfa00fac9d86f788d0a2f635df1e8a35ebe9bcfebe8d78aa534b1
e94f05cbfaaada359a4721f6320c2f8b82c736cdaef7dccf3301cb981168a4cc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f118897742e54852f20951e0f40e8901f306a340901f8e989747d54ffde4f1
f48eb7ed2dc4a031c4b65ea339a6e05c1b6ce71abbe9d4f24758dce4046e7203
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
fb49365112c202c722a3e8354736f4002b2fe1e8ef65e24af2769f5bf1988fe4
fdb388a09650d36635bacedc0f074dd5a0a33698c6a5f04af4010e4c96c599f0

www.zw3b.fr Open in urlscan Pro 2a01:e35:39f1:f747::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

99 %HTTPS

68 %IPv6

23 Domains

28 Subdomains

29 IPs

6 Countries

8913 kBTransfer

10703 kBSize

14 Cookies

48 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zw3b.fr Open in urlscan Pro
2a01:e35:39f1:f747::1 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

99 %
HTTPS

68 %
IPv6

23
Domains

28
Subdomains

29
IPs

6
Countries

8913 kB
Transfer

10703 kB
Size

14
Cookies

102 HTTP transactions
2 data transactions