URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Submission: On April 04 via api from US — Scanned from FR

Summary

This website contacted 29 IPs in 4 countries across 21 domains to perform 129 HTTP transactions. The main IP is 146.185.42.33, located in France and belongs to OXALIDE, FR. The main domain is www.zdnet.fr. The Cisco Umbrella rank of the primary domain is 848531.
TLS certificate: Issued by R3 on March 14th 2022. Valid for: 3 months.
This is the only time www.zdnet.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 146.185.42.33 47841 (OXALIDE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
26 13.224.189.91 16509 (AMAZON-02)
1 13.225.80.19 16509 (AMAZON-02)
1 2a04:4e42:4c:... 54113 (FASTLY)
3 2600:9000:224... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
16 84.17.46.53 60068 (CDN77 ^_^)
5 2a03:2880:f11... 32934 (FACEBOOK)
7 2606:2800:234... 15133 (EDGECAST)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 151.101.129.44 54113 (FASTLY)
7 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 104.244.42.200 13414 (TWITTER)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2600:9000:21f... 16509 (AMAZON-02)
2 142.250.186.98 15169 (GOOGLE)
2 2606:2800:233... 15133 (EDGECAST)
2 2620:1ec:22::14 8068 (MICROSOFT...)
2 2606:2800:233... 15133 (EDGECAST)
129 29
Apex Domain
Subdomains
Transfer
34 zdnet.fr
www.zdnet.fr — Cisco Umbrella Rank: 848531
206 KB
26 cloudfront.net
d1fmx1rbmqrxrr.cloudfront.net
1009 KB
16 ausha.co
widget.ausha.co — Cisco Umbrella Rank: 548490
image.ausha.co — Cisco Umbrella Rank: 308675
487 KB
9 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 579
syndication.twitter.com — Cisco Umbrella Rank: 828
177 KB
7 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 585
415 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
48 KB
5 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6451
api.privacy-center.org — Cisco Umbrella Rank: 9953
148 KB
4 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3722
www.linkedin.com — Cisco Umbrella Rank: 595
321 KB
3 pbstck.com
boot.pbstck.com — Cisco Umbrella Rank: 9465
cdn.pbstck.com — Cisco Umbrella Rank: 11247
intake.pbstck.com — Cisco Umbrella Rank: 9412
51 KB
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1049
162 KB
2 licdn.com
static-exp1.licdn.com — Cisco Umbrella Rank: 2871
17 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
126 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 136
85 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 497
p.typekit.net — Cisco Umbrella Rank: 605
1 KB
2 cupinteractive.com
aufeminin-zdnet.cupinteractive.com
cdn.cupinteractive.com
10 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 280
fonts.googleapis.com — Cisco Umbrella Rank: 45
94 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
28 KB
1 afcdn.com
static.afcdn.com — Cisco Umbrella Rank: 146969
157 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
50 KB
1 zdnet.com
www.zdnet.com — Cisco Umbrella Rank: 48555
127 KB
129 21
Domain Requested by
34 www.zdnet.fr www.zdnet.fr
ajax.googleapis.com
26 d1fmx1rbmqrxrr.cloudfront.net www.zdnet.fr
15 widget.ausha.co www.zdnet.fr
widget.ausha.co
7 static.xx.fbcdn.net www.facebook.com
7 platform.twitter.com www.zdnet.fr
platform.twitter.com
5 www.facebook.com www.zdnet.fr
connect.facebook.net
3 cdn.taboola.com www.zdnet.fr
cdn.taboola.com
3 sdk.privacy-center.org www.zdnet.fr
sdk.privacy-center.org
2 static-exp1.licdn.com www.linkedin.com
2 www.linkedin.com platform.linkedin.com
2 platform.linkedin.com ajax.googleapis.com
www.linkedin.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 api.privacy-center.org sdk.privacy-center.org
2 syndication.twitter.com 1 redirects platform.twitter.com
2 connect.facebook.net www.zdnet.fr
connect.facebook.net
1 intake.pbstck.com www.zdnet.fr
1 cdn.pbstck.com boot.pbstck.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagservices.com sdk.privacy-center.org
1 boot.pbstck.com aufeminin-zdnet.cupinteractive.com
1 image.ausha.co widget.ausha.co
1 fonts.googleapis.com widget.ausha.co
1 p.typekit.net use.typekit.net
1 static.afcdn.com aufeminin-zdnet.cupinteractive.com
1 www.googletagmanager.com www.zdnet.fr
1 www.zdnet.com www.zdnet.fr
1 cdn.cupinteractive.com www.zdnet.fr
1 use.typekit.net www.zdnet.fr
1 aufeminin-zdnet.cupinteractive.com www.zdnet.fr
1 ajax.googleapis.com www.zdnet.fr
129 30
Subject Issuer Validity Valid
admcms.zdnet.fr
R3
2022-03-14 -
2022-06-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
aufeminin-zdnet.cupinteractive.com
R3
2022-03-03 -
2022-06-01
3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1
2022-03-07 -
2023-04-07
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.cupinteractive.com
Amazon
2021-07-16 -
2022-08-14
a year crt.sh
*.zdnet.com
R3
2022-02-23 -
2022-05-24
3 months crt.sh
*.privacy-center.org
Amazon
2021-04-24 -
2022-05-23
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
static.afcdn.com
Amazon
2021-08-26 -
2022-09-24
a year crt.sh
widget.ausha.co
R3
2022-03-12 -
2022-06-10
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-01-12 -
2022-04-12
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
image.ausha.co
R3
2022-03-08 -
2022-06-06
3 months crt.sh
pbstck.com
Cloudflare Inc ECC CA-3
2021-08-04 -
2022-08-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-31 -
2022-10-30
a year crt.sh
api.privacy-center.org
Amazon
2021-07-10 -
2022-08-08
a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA
2021-09-10 -
2022-09-10
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2022-03-28 -
2022-09-28
6 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2021-09-16 -
2022-09-15
a year crt.sh

This page contains 13 frames:

Primary Page: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Frame ID: A5964809BA470E399A11905047CA0818
Requests: 88 HTTP requests in this frame

Frame: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Frame ID: 1A842423D0515134E1ED819D48A7A9BE
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?id=6512744217&width=300&connections=5&locale=fr_FR&stream=false&header=true&height=220
Frame ID: 094DA2AD68864BE8C1D8B66BB8FC3BA7
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Fwww.zdnet.fr
Frame ID: 1DF9E7547DF217060173AB28ADFF3532
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.0af76c3310098d2f8f428367b62351b8.fr.html
Frame ID: C54EFD835445322AB10019CADB195CE2
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=243265768935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc81b8b167d534%26domain%3Dwww.zdnet.fr%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdnet.fr%252Ff1169665526c704%26relation%3Dparent.parent&container_width=0&height=21&href=https%3A%2F%2Fwww.zdnet.fr%2Factualites%2Fransomware-le-montant-moyen-des-rancons-augmente-39939605.htm&layout=button_count&locale=fr_FR&sdk=joey&size=small&width=55
Frame ID: 9B8C2D3D54ABEB49C215643F931988FE
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=243265768935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a209c290bcf3c%26domain%3Dwww.zdnet.fr%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdnet.fr%252Ff1169665526c704%26relation%3Dparent.parent&container_width=0&height=21&href=https%3A%2F%2Fwww.zdnet.fr%2Factualites%2Fransomware-le-montant-moyen-des-rancons-augmente-39939605.htm&layout=button_count&locale=fr_FR&sdk=joey&size=small&width=55
Frame ID: 882AD8F8CF614BA6220BB90E90211650
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=243265768935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35819c7e75c2ac%26domain%3Dwww.zdnet.fr%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdnet.fr%252Ff1169665526c704%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.facebook.com%2Fzdnet.fr&layout=button_count&locale=fr_FR&sdk=joey&send=false&show_faces=false&width=83
Frame ID: 25CE188A0A5BE3C61573D5CF2A6252D3
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.0af76c3310098d2f8f428367b62351b8.fr.html
Frame ID: 13C4274CA6A1487DA4A5BA1812158F99
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.0af76c3310098d2f8f428367b62351b8.fr.html
Frame ID: 2BB2482FB0E838C66E0A038A05605CAF
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: C853B495C691AABF8BCEE0648F0C0E1A
Requests: 1 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=3044984&counter=&xdOrigin=https%3A%2F%2Fwww.zdnet.fr&xdChannel=ed6bcd56-e46e-4734-be77-342de2410979&xd_origin_host=https%3A%2F%2Fwww.zdnet.fr
Frame ID: 46450E7018DEC3B768DC28E88B4215FE
Requests: 1 HTTP requests in this frame

Frame: https://www.linkedin.com/pages-extensions/FollowCompany?id=3044984&counter=&xdOrigin=https%3A%2F%2Fwww.zdnet.fr&xdChannel=ed6bcd56-e46e-4734-be77-342de2410979&xd_origin_host=https%3A%2F%2Fwww.zdnet.fr
Frame ID: 1A429746681BD02F2D00FCA19686DB19
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Ransomware : le montant moyen des rançons augmente - ZDNet

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

129
Requests

99 %
HTTPS

75 %
IPv6

21
Domains

30
Subdomains

29
IPs

4
Countries

3764 kB
Transfer

10233 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 126
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

129 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
www.zdnet.fr/actualites/
72 KB
15 KB
Document
General
Full URL
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
f751c64a1a1f398769c834dbaed024e367ffff27ddbd1f8ea2a68f0bfcd98bae

Request headers

Accept-Language
fr-FR,fr;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
max-age=31556952, public
Connection
keep-alive
Content-Encoding
gzip
Content-Length
15286
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Apr 2022 16:39:30 GMT
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
Via
1.1 varnish
Whois-Cache
neweb.cbs.infra-cache-01.adm
X-Cache
MISS
X-Varnish
274875187
scaffolding.css
www.zdnet.fr/min-css/
124 KB
20 KB
Stylesheet
General
Full URL
https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
2585edbf5a835e516889cf9e44c744cb48c09db55f17121297c2d6229e5e9516

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Apr 2022 14:15:33 GMT
Server
nginx
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/css
Via
1.1 varnish
Cache-Control
max-age=31556952, public
X-Varnish
274875220
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20240
fr.css
www.zdnet.fr/min-css/
12 KB
4 KB
Stylesheet
General
Full URL
https://www.zdnet.fr/min-css/fr.css?v=202203251740
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
f2ff3cfaa9ea0fe4a66e4eb5eb664e3e39ddfc5850fa7f82e63329305660519c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Apr 2022 14:15:33 GMT
Server
nginx
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/css
Via
1.1 varnish
Cache-Control
max-age=31556952, public
X-Varnish
274875224
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3347
scaffolding.768.css
www.zdnet.fr/min-css/
11 KB
3 KB
Stylesheet
General
Full URL
https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
f164bdbacb350dc889373e5069cd4edc2ba84bb7c7f1f40537679016012231c2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Apr 2022 14:15:33 GMT
Server
nginx
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/css
Via
1.1 varnish
Cache-Control
max-age=31556952, public
X-Varnish
274875227
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2659
scaffolding.1024.css
www.zdnet.fr/min-css/
9 KB
3 KB
Stylesheet
General
Full URL
https://www.zdnet.fr/min-css/scaffolding.1024.css?v=202203251740
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
15e2c89578630ea9461de3f976fde31c625945110db78415d99bf77b90d4ef38

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Apr 2022 14:15:33 GMT
Server
nginx
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/css
Via
1.1 varnish
Cache-Control
max-age=31556952, public
X-Varnish
274875228
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2566
alert-corner2.css
www.zdnet.fr/min-css/
872 B
813 B
Stylesheet
General
Full URL
https://www.zdnet.fr/min-css/alert-corner2.css?v=202203251740
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
ceb6cc726bf245411d759fd943fb3538a63d1e5dd387371211f8ff398216a029

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Apr 2022 14:15:33 GMT
Server
nginx
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/css
Via
1.1 varnish
Cache-Control
max-age=31556952, public
X-Varnish
274875231
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
411
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/
92 KB
92 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:54:08 GMT
x-content-type-options
nosniff
age
420322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93868
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 19:54:08 GMT
jquery.cookie.1.4.js
www.zdnet.fr/min-js/
1 KB
1 KB
Script
General
Full URL
https://www.zdnet.fr/min-js/jquery.cookie.1.4.js?v=202203251740
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
62f2f3e642ef54a52909525af5a51cec84a1543d3899bee8d169095c2bc73287

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Apr 2022 14:15:33 GMT
Server
nginx
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/javascript
Via
1.1 varnish
Cache-Control
max-age=31556952, public
X-Varnish
274875233
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
666
modernizr-custom.2.5.3.js
www.zdnet.fr/min-js/
8 KB
4 KB
Script
General
Full URL
https://www.zdnet.fr/min-js/modernizr-custom.2.5.3.js
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
125f7b53d89003c4125749e2d3015e2e7af8dbee8f3c24f834e430ddaec7dead

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Apr 2022 14:15:33 GMT
Server
nginx
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/javascript
Via
1.1 varnish
Cache-Control
max-age=31556952, public
X-Varnish
274875234
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3661
alert-corner2.js
www.zdnet.fr/min-js/
865 B
863 B
Script
General
Full URL
https://www.zdnet.fr/min-js/alert-corner2.js?v=202203251740
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
6d011ad422c46a00b8c71c1b6a335bd0328822571be04ef74e69a678dcfb6c85

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-02.adm
Date
Mon, 04 Apr 2022 16:39:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Apr 2022 14:15:33 GMT
Server
nginx
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/javascript
Via
1.1 varnish
Cache-Control
max-age=31556952, public
X-Varnish
2814972183
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
446
ads
aufeminin-zdnet.cupinteractive.com/reloaded/esi/
7 KB
8 KB
Script
General
Full URL
https://aufeminin-zdnet.cupinteractive.com/reloaded/esi/ads?device=desktop&render=js&keywords=content_keywords%3Dcyberattaque%3Bcontent_keywords%3Dcybersecurite%3Bcontent_keywords%3Dcybercriminalite%3Bcontent_keywords%3Dransomware%3Bplatform%3Ddesktop%3Bcontent_class%3Drg%3Bcontenttype%3Darticle%3Bdate%3D29-03-2022%3Bstory%3D39939605%3Bsection%3Dactualites%3Bsubsection%3Dinformatique%3Bnew_visitor%3D1
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
218209b8146e19b61fa10507e20f7230b327ad1168b07bb21d207090df2380fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:30 GMT
referrer-policy
no-referrer-when-downgrade
fastly-original-body-size
7492
age
0
expect-ct
max-age=3600
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
public
accept-ranges
bytes
content-length
7492
x-content-type-options
nosniff
pcp7pxj.css
use.typekit.net/
2 KB
873 B
Stylesheet
General
Full URL
https://use.typekit.net/pcp7pxj.css
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dcd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d44f7f587251c7a69704ce10dbc9fa68986f16f58e968c19aa8cddbaf1392172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 04 Apr 2022 16:39:30 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
641
avatar-20x20.jpg
www.zdnet.fr/images/base/
585 B
929 B
Image
General
Full URL
https://www.zdnet.fr/images/base/avatar-20x20.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
1cc7a5a5107d822616f4f8ea14ae8aa0bb61b0a1b2fa435774b7e15bd423641f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-02.adm
Date
Mon, 04 Apr 2022 16:39:30 GMT
Via
1.1 varnish
Last-Modified
Fri, 25 Mar 2022 17:22:15 GMT
Server
nginx
Age
523559
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
2814972199 2759925245
Connection
keep-alive
Content-Encoding
gzip
la-redaction-de-zdnet_60x45.png
d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/authors/
3 KB
3 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/authors/la-redaction-de-zdnet_60x45.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30a47886883ee878489813c7d56e47d47f93064e672fa32487e212366996d73c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 05:55:16 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 08:30:45 GMT
server
AmazonS3
age
22157056
etag
"8a0cdff12928dc02dd330ee4cf95d969"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA2-C1
content-length
3170
x-amz-cf-id
SbtDJL7z2j0mpcEIhquCgah0yrMOERKMCNWh2EsOUppTov3GnOXfHQ==
bitcoin_610_2__w1200.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2017/03/
91 KB
92 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2017/03/bitcoin_610_2__w1200.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6eb52642f67703edf31ddcc6dcb7f25eacb7518d756fb7408992f1f6624073c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 23:55:30 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 26 Oct 2020 04:53:10 GMT
server
AmazonS3
age
751441
etag
"b117b756c2ad70d463e2f63b7277408a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
93259
x-amz-cf-id
_go2Hy51JUYcTn69eKSwFHxgqooh5TUBepIVMNDXGt1zLsqqvC9Feg==
Ransomware%20C.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/edit/ne/2019/Pierre%20temp/
666 KB
667 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/edit/ne/2019/Pierre%20temp/Ransomware%20C.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
867428200b8be4bcc0e1cfabb00c0655173877ec4db0da1ae94994b14eb6e1c4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 06:41:12 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 12 Jul 2021 15:23:50 GMT
server
AmazonS3
age
1159100
etag
"4c2e6e772b9f686e2ebc45b337d627c4"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
681853
x-amz-cf-id
RRZStwnJsFy0iwgLdjR_XA92-szNBJmGyjmVC65QYbpGWbvnc_8-5g==
ransomware_1200__60_45__overflow.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2020/01/
4 KB
5 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2020/01/ransomware_1200__60_45__overflow.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b832fc6f2eb0422aec9d94364c82e13675895b703ac976ec43a8528af8f53f7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 09:37:21 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Fri, 17 Dec 2021 13:02:14 GMT
server
AmazonS3
age
630131
etag
"fd3fd2a337ad372f7a6adf639d834694"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
4519
x-amz-cf-id
RtQBwki2KoAatP31G1L2dFdQPZDT9ZBpRLjr2iHG-Nfo6MjB-CPIkg==
Ransom__60_45__overflow.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2022/
1 KB
2 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2022/Ransom__60_45__overflow.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fc13a4c61f42edc3bf146e9209f90e3af9606cc5f6eb1e246e81db0ac6ad09

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 16:31:10 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 16:31:09 GMT
server
AmazonS3
age
1555702
etag
"d2d6c4c6794ae2f17cfa2750f7d3b1de"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
1371
x-amz-cf-id
LvMMzEOm9CSO6u1yPO20_L0NXLAwSFGtttxkTfqUuAzWt3jE1DnRpw==
Ransomware__60_45__overflow.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2021/03/
5 KB
5 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2021/03/Ransomware__60_45__overflow.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c5c5ab22e50f61886bb8b7f66f9d534ec8c4cd5032579cc68b9f7d2155f5d70

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 18:58:38 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 29 Mar 2021 06:18:04 GMT
server
AmazonS3
age
2065254
etag
"38038e7645ff6b07a3239be6d92f2d5c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
4747
x-amz-cf-id
hTyaTtCF2Y1mtemGaa-DpJQ09pX8HqiAhCi0lsXs4c7LXFNH2hk1mQ==
zdtech-podcast_140x105__60_45__overflow.png
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2021/09/
5 KB
5 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2021/09/zdtech-podcast_140x105__60_45__overflow.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fec59a477c5e4ab7503acd8a5ff4d9696407509b543aac12040e6509b7424276

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:15:46 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Wed, 20 Oct 2021 13:15:43 GMT
server
AmazonS3
age
14354625
etag
"f021421827d29c5f3b5d5a025f66de07"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
5086
x-amz-cf-id
DHqcM3sEP2ZQ_trXzujSWYX58rBVslaD0Nwy8AeIKIwqTKSvXv3uqg==
zoo-beauval_.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/edit/ne/2021/11/
5 KB
5 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/edit/ne/2021/11/zoo-beauval_.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c76ebbf1355e3d20e870fa272f296f2022d61aeb5a770c47017275346df866ac

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 12:30:40 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 12:18:18 GMT
server
AmazonS3
age
13061332
etag
"44835239dfae6166cce7f3ba24293814"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
4804
x-amz-cf-id
pPkfVAYSK1MI20ahin3xmth0M1l9FRZkTZZfvlBdHNyqVVei-5xR9g==
Dell_hyperconvergence_620__w630.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2021/04/
54 KB
54 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2021/04/Dell_hyperconvergence_620__w630.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee7630e35f5ad9cb3bb7ccb08194b61423a1517747cc938eda392f9819c6a8e1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 12:31:22 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Sat, 23 Oct 2021 15:28:47 GMT
server
AmazonS3
age
1742890
etag
"f64f8d017ef55df5fd4cb9332c3bf160"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
54936
x-amz-cf-id
WoK_QmasjDYVW236zOFjhyfLFLmtV3TH1DYNktrdWq7mBOVUPIT8vA==
Hybrides.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/edit/ne/2021/11/
4 KB
4 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/edit/ne/2021/11/Hybrides.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ef0c3ce30ca5afb475a5bcfcb8206a6187a9ab2d30b94b72b9ad5d76604c7b3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 19:57:54 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 12:18:18 GMT
server
AmazonS3
age
9060098
etag
"44d0fe813d8cf69aaa3170bc69fa08ac"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
4229
x-amz-cf-id
VRiB1ieXrk2dKjwoI3KZDeM5YrNrfKtnTHj4LSFuSFCQT-dtxoJIpw==
Acer-TravelMate-native-620__w630.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2021/04/
54 KB
55 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2021/04/Acer-TravelMate-native-620__w630.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57e512f49d41c97524eeaea461d0be199e04919baf14bef5c4b5ed1370de9d5c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 09:43:03 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 14 Mar 2022 08:59:37 GMT
server
AmazonS3
age
1839388
etag
"eda08db48302509df9b437d54df72de1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
55711
x-amz-cf-id
sQkDW-PgOtEc_vqasPbE_ZZflA25vWvt2cn-sgOMMP4UQV76rQ27Mg==
logo_60x35_inmac.jpg
cdn.cupinteractive.com/assets/ticker/
3 KB
3 KB
Image
General
Full URL
https://cdn.cupinteractive.com/assets/ticker/logo_60x35_inmac.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-19.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
064fb7e380e06e8590a9ead7bad5a2d6185d2213001f857e732691866b8990e9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

whois-cache
neweb.cbs.infra-cache-01.adm
date
Mon, 04 Apr 2022 04:37:28 GMT
via
1.1 varnish, 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
content-type
image/jpeg
last-modified
Wed, 13 Nov 2019 09:27:13 GMT
server
nginx
age
86762
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-varnish
270160421 266344451
cache-control
max-age=518400
x-amz-cf-pop
FRA2-C2
content-encoding
gzip
x-amz-cf-id
6Ej1hFFbElaVpmgt_hNpIx16pADII5ZwZzxTvGLP7ZEmsjXo7lokrQ==
expires
Sat, 09 Apr 2022 16:33:29 GMT
ausha.png
d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/podcasts/
5 KB
5 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/podcasts/ausha.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5765d3c40c025f57e1c9230566613e79dffac37f492f11771a5be771f8b496d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 02:05:16 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 28 Oct 2019 16:02:39 GMT
server
AmazonS3
age
23294056
etag
"74c759ac5ed5d5a7012f4990d934395a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
4800
x-amz-cf-id
yPZAXOk2SLRxaOdpMSNiNEGd3DMy_5tNv6djJSgUPtUpJVOW30JF3Q==
spotify.png
d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/podcasts/
1 KB
2 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/podcasts/spotify.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
144d20ece69fff33d50900fed9032ab1996eb4d1353345abfe9f7be4857096c6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 03:07:30 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 28 Oct 2019 16:02:39 GMT
server
AmazonS3
age
14736722
etag
"fdaa926a4f4f4b88f39483c516140843"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
1373
x-amz-cf-id
JhgaMge5wP5hg3I0BCVvNX3-EvwstUNY0v130BOl8R1r8SJGXCTYfg==
apple-podcast.png
d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/podcasts/
3 KB
3 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/podcasts/apple-podcast.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f05405484b223fec29af6fef020ba568376220fa756f95d3b4b680b87a96e64

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:10:48 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 28 Oct 2019 16:02:39 GMT
server
AmazonS3
age
22177724
etag
"400d0f73104859d3e6399afab29edb14"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
3198
x-amz-cf-id
3TyYFKFyXagxonzYw93Hrl_RVwcN_5iCQKJ2bArDocGP8gQwKNVSWw==
deezer.png
d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/podcasts/
907 B
1 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/podcasts/deezer.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e95a7a3af64cc1d0740fbe69ee3067d7c47e22f82c754e2e1743feadcd8eeb00

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 06:45:44 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 28 Oct 2019 16:02:39 GMT
server
AmazonS3
age
21981228
etag
"8cdcf1216d1431a6241f21f0276ce4a9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
907
x-amz-cf-id
BNzZP9rtqp7J6Ov4TJgg_goIMtpojcbE4kVibrhHcatx6gb7Xssp9A==
iPhone%20A__60_45__overflow.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2019/Pierre%20temp/
4 KB
5 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2019/Pierre%20temp/iPhone%20A__60_45__overflow.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8d13c147d1533917d0768126bff5d28ac78613da10cfb60bd6469456a7a9cbb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 07:42:27 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Sun, 06 Dec 2020 07:02:47 GMT
server
AmazonS3
age
291425
etag
"239c14efd006b10f39dde61cc6863b42"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
4407
x-amz-cf-id
hWExYsRIEhdoI82733CMXIgtvZ34dCxRO8oM-T6GAiNyB93Cczj1-g==
Smartphone%20F__60_45__overflow.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2019/Pierre%20temp/
2 KB
2 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2019/Pierre%20temp/Smartphone%20F__60_45__overflow.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0df9deef4800ae1afcc0cfd4b7bd93a20c18b0e73336c8ff7ef96ed7f0138294

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:11:29 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Wed, 26 Jan 2022 14:26:34 GMT
server
AmazonS3
age
588483
etag
"add6d4b96f7f6b4e2cefd34e73724ec2"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
2198
x-amz-cf-id
M4_Pcqt2ed5c9h6glOboAFJ-UaEI43YXNoEAyHBnYnlc8HJ3BYMbSg==
Smartphone%20B__60_45__overflow.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2019/Pierre%20temp/
4 KB
5 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2019/Pierre%20temp/Smartphone%20B__60_45__overflow.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
331543e5c2598fde744040adf1794cd31dbbdcdaab762d48b120d8a644a7c95a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 13:10:33 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Wed, 09 Sep 2020 13:38:10 GMT
server
AmazonS3
age
617339
etag
"9ab2ec085db71dbf2432afc46067d62d"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
4441
x-amz-cf-id
WJRts1ZCH2zFuYjzyQwo7q9WSLzsKf6mHh29_X7fSWW6h5HoIHlJRA==
transfonum_strategie__60_45__overflow.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2020/01/
4 KB
5 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2020/01/transfonum_strategie__60_45__overflow.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcb063e3fd44eb2451d6c84f5bb5669f79e2c5e578d9ade3f3e9db2f9abc2b21

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 26 Feb 2022 00:07:05 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jan 2022 09:32:37 GMT
server
AmazonS3
age
3256347
etag
"b0b9c429a3887c7d9e836cb7b53d9c04"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
4373
x-amz-cf-id
Kzjm6eJ6tBQ7RsW85dLqPaGT8RSK-YxH-idiE39XykL8yzZGux_C2Q==
Ordinateur%20panne%20A__60_45__overflow.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2019/Pierre%20temp/
4 KB
5 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2019/Pierre%20temp/Ordinateur%20panne%20A__60_45__overflow.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
612860b706dfdb09cf794fa6dc80387c335cfcf9109a74775be272eb00d1115f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 09:41:11 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Fri, 04 Dec 2020 10:03:52 GMT
server
AmazonS3
age
2098701
etag
"b7fc5cd88d9b8f462426fb4724955771"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
4483
x-amz-cf-id
p6jH_eJeCH4lVHvnMdzvYz2SMruws4iIrSTDb0iOMHQKQwgfm5cnBg==
power-center-Inmac-equipement-it.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/partenaire/inmacwstore/
19 KB
19 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/partenaire/inmacwstore/power-center-Inmac-equipement-it.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
475cb8beeb2ef890b1f917a22fdf8f4b036cf5696a76cf2e167da7548181ec86

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:49:21 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Fri, 03 Dec 2021 14:45:11 GMT
server
AmazonS3
age
10547411
etag
"78e7c315282c033d88c0c27d11c1ce1c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
19042
x-amz-cf-id
8NuVwChLy6hzOVyOvGOFNYRV-6CX9uonhdhNnh0VRgP1wbLQI910Pg==
POWER%20C%20300x120.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/partenaire/dell/
11 KB
12 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/i/partenaire/dell/POWER%20C%20300x120.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe91745890f69b5bb0bed30da28871305352f6de188efdade64818b7f3a0e797

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 01:58:16 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 08 Mar 2021 16:31:43 GMT
server
AmazonS3
age
2299276
etag
"3805d7f9a91704f850a2a15da8a597a1"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
11506
x-amz-cf-id
MZ6oKpBInIW0sxK-qcy6tGkugr_k3iNuxn71hlRTp1Y1q5HD73K9pA==
Equipe%20entreprise__60_45__overflow.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2020/01/
5 KB
5 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2020/01/Equipe%20entreprise__60_45__overflow.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed5fd48b8a3fbd101370141db8de92408a3f6cce03c8b5c3a9c429a88d44a680

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 15:32:37 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 15:32:02 GMT
server
AmazonS3
age
4015
etag
"0624e8079f9bcb6f2fc1b78a18f65b7e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
4969
x-amz-cf-id
QM2w0IfyoMW5YdEO4AW6-6z3hAPlaW9xJhnHMmuVX4H0T9-Aosk1uA==
VTT%20montagne__60_45__overflow.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2020/01/
2 KB
2 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2020/01/VTT%20montagne__60_45__overflow.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c80e37d48cc13c3e562415f83f6abe598f443a7b649df445c61ce60880f624f3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 12:50:58 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 12:50:54 GMT
server
AmazonS3
age
13714
etag
"ccc2e471e119e7eb16e393125584db9a"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
1766
x-amz-cf-id
qcMSbp7IaWjdAAlWXpElSk3C_zmCGo-GnXJ43yoQIFWaUGNyM409Fw==
identite_140__60_45__overflow.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2020/08/
2 KB
2 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2020/08/identite_140__60_45__overflow.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90c78fab00c6d59edc15458ee39e30807dcb273937f0e4e92e936f279ab48feb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 12:08:10 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 31 Aug 2020 16:31:30 GMT
server
AmazonS3
age
2349082
etag
"02ca5fc5f0876c31ad8eef9669d20728"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
1649
x-amz-cf-id
2Vc935pWuCH9AIevC5_gGFqpUqOY7kNZv4VG136Ojor2NZIT9Hocyg==
treeswift.jpg
www.zdnet.com/a/img/2022/03/28/e2c90035-12f3-42ae-b291-14b6705cad2e/
127 KB
127 KB
Image
General
Full URL
https://www.zdnet.com/a/img/2022/03/28/e2c90035-12f3-42ae-b291-14b6705cad2e/treeswift.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ContentServer /
Resource Hash
7401a0f2c75f73821d31d115c83ce950ed14421ef9fe9eee9ee9666228fc0e3f
Security Headers
Name Value
Content-Security-Policy default-src https://*.zdnet.com:*
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:31 GMT
via
1.1 varnish
x-goog-meta-imagewidth
1024
x-goog-meta-imageheight
548
x-goog-meta-imageformat
jpeg
content-length
129845
x-xss-protection
1; mode=block
last-modified
Mon, 28 Mar 2022 18:46:29 GMT
server
ContentServer
x-frame-options
SAMEORIGIN
etag
"fa1ee20e6dd4b004e7d2815dd48dbd67"
vary
Accept-Encoding, Accept
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
max-age=31536000
x-goog-meta-contentlength
129845
content-security-policy
default-src https://*.zdnet.com:*
fastly-original-body-size
129845
accept-ranges
bytes
expires
Sun, 03 Apr 2022 09:01:13 GMT
Nativedell1_620__w630.jpg
d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2021/07/
40 KB
40 KB
Image
General
Full URL
https://d1fmx1rbmqrxrr.cloudfront.net/zdnet/optim/i/edit/ne/2021/07/Nativedell1_620__w630.jpg
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6372db370b1ccea2ef4a780846825fafd36dfe8d7229172eb0cd466e912a9011

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 09:56:53 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 09:25:10 GMT
server
AmazonS3
age
22401758
etag
"98c8250b3893248916244553e2c4cacf"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
content-length
40850
x-amz-cf-id
vfCUZxXzDDIoCeW66i3z7iOqyM4TL-cApxeVGSR15KDzVTAIF5dnfA==
build-core.js
www.zdnet.fr/min-js/
35 KB
12 KB
Script
General
Full URL
https://www.zdnet.fr/min-js/build-core.js?v=202203251740
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
b5e2a04c9b2f56add70dccd216791675454695966bee0fe86f48d48d3ee02fa2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-02.adm
Date
Mon, 04 Apr 2022 16:39:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Apr 2022 14:15:33 GMT
Server
nginx
Age
0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/javascript
Via
1.1 varnish
Cache-Control
max-age=31556952, public
X-Varnish
2814972194
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11795
loader.js
sdk.privacy-center.org/257d0d56-29d8-4b15-9c61-26d6e013bb68/
27 KB
7 KB
Script
General
Full URL
https://sdk.privacy-center.org/257d0d56-29d8-4b15-9c61-26d6e013bb68/loader.js?target=www.zdnet.fr
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
64ca07269a30c9f879a227b5a84e57d7a96bc7faa2f14d9e23d11fc61b078500

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:08:35 GMT
content-encoding
gzip
server
CloudFront
age
1856
etag
"71d1ab6132d057f12470976a41cc3e43"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
cache-control
public, max-age=7200
x-amz-cf-pop
DUS51-P1
content-length
6719
x-amz-cf-id
q9t6kl34pdFN0mb-vYysD4SBFmi9NpRxPwhhc5rwns7dcwx-lbHxzQ==
gtm.js
www.googletagmanager.com/
139 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFRJPMJ&l=unify_dataSlayer
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
002ee65ae795a1986f393955e35b2b0b61fc82de9934285ba24f49cc205e62aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51148
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Apr 2022 16:39:31 GMT
body.png
www.zdnet.fr/images/base/
347 B
786 B
Image
General
Full URL
https://www.zdnet.fr/images/base/body.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
26b9a37e02e9c1ca41bb08f40ff4481c1c96799a8bde301303ab91632b3202eb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-02.adm
Date
Mon, 04 Apr 2022 16:39:30 GMT
Via
1.1 varnish
Last-Modified
Fri, 25 Mar 2022 17:22:15 GMT
Server
nginx
Age
523559
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
2814972192 2759925217
Connection
keep-alive
Content-Encoding
gzip
concat.js
static.afcdn.com/relzdnet/
541 KB
157 KB
Script
General
Full URL
https://static.afcdn.com/relzdnet/concat.js?PCM-lVJNbwIhEP01PZYgNbWXHoyJl37E1MTrBpaBUllmw7Ba_32x29qYrJa9TB7vvXlMYDYQNMYbsWw7RZ3KYMLuGT8Rt-SC9ZAwsA963Py6Fe4J_gBr3LkuO5Or9aikr2psGgxVwnbAI80zWpsjhqQ1EDkcipaajjNGUE735OobXw47b-jBHRMzxkfELzAYZ0c0vMggrw2UK8QdxCOusjD_ORc1aNP-6299Z12gns3jJwjpCQ57jJqG3zy5entYoL-ilt02xruSUXovP8vcS6w7KrO-gYlA72XmV5ncDua6MHu9dZd3s__M0z4ywYXgUz6dPIjZFw
Requested by
Host: aufeminin-zdnet.cupinteractive.com
URL: https://aufeminin-zdnet.cupinteractive.com/reloaded/esi/ads?device=desktop&render=js&keywords=content_keywords%3Dcyberattaque%3Bcontent_keywords%3Dcybersecurite%3Bcontent_keywords%3Dcybercriminalite%3Bcontent_keywords%3Dransomware%3Bplatform%3Ddesktop%3Bcontent_class%3Drg%3Bcontenttype%3Darticle%3Bdate%3D29-03-2022%3Bstory%3D39939605%3Bsection%3Dactualites%3Bsubsection%3Dinformatique%3Bnew_visitor%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a00:c:61a0:4ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5bd46a2f7ba43368675b26b975cbf2e07c20026ac62a657087faae7e142229a9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:27:31 GMT
content-encoding
gzip
surrogate-key
resource-concat resource-concat-js resource-concat-js-202204041827
last-modified
Mon, 04 Apr 2022 16:27:00 GMT
server
nginx
age
720
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
Public, max-age=31536000, s-maxage=31536000
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
D9tg3P7s7UcZmdhqa1hWLXju0e0Wzo4I2cRwgXDETjk4doSWGaXNNQ==
via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
p.css
p.typekit.net/
5 B
181 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=pcp7pxj&ht=tk&f=139.175&a=76538633&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pcp7pxj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dcb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:31 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
index.html
widget.ausha.co/ Frame 1A84
920 KB
164 KB
Document
General
Full URL
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 / Next.js
Resource Hash
d910f74e196a2c4658ec26cefc3903036a098cc827fe9b58cebbee96f190022c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
1
cache-control
public, max-age=1200
cdn-cache
HIT
cdn-cachedat
04/04/2022 16:38:31
cdn-edgestorageid
459
cdn-proxyver
1.02
cdn-pullzone
206564
cdn-requestcountrycode
FR
cdn-requestid
d4d98a719e9a770b28a45eb79ee1b876
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-status
200
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 16:39:31 GMT
etag
W/"e5fa4-O1SnULBCRqU67Dp8fS2bWy25Fw8"
server
BunnyCDN-AMS1-879
vary
Accept-Encoding
x-nf-request-id
01FZTQ2CF0P5T8HZD791NTC6G3
x-powered-by
Next.js
likebox.php
www.facebook.com/plugins/ Frame 094D
15 KB
9 KB
Document
General
Full URL
https://www.facebook.com/plugins/likebox.php?id=6512744217&width=300&connections=5&locale=fr_FR&stream=false&header=true&height=220
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14acd54d0e5bad38d1cec8e225512e2a287d4cf728e4e3e4f43d7158359497f8
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 04 Apr 2022 16:39:31 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
eyNymSgVKYulBEQCYeCPys4kk5w0YSQt+5p6vra3jJlNSx9LE2XD+ozookJYiwTObNcJRc9wPUz5qHKuJNzcuA==
x-fb-rlafr
0
x-xss-protection
0
slider.js
www.zdnet.fr/frontend/core/js/cbsi/
13 KB
3 KB
Script
General
Full URL
https://www.zdnet.fr/frontend/core/js/cbsi/slider.js?v=202104230830
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
eba1d000c5370f9b4378005ecd4f0ac6841d2e7ef833010b85f8348c500700df

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-02.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Content-Encoding
gzip
Age
523565
X-Cache
HIT
Connection
keep-alive
Content-Length
2322
Last-Modified
Fri, 25 Mar 2022 17:22:15 GMT
Server
nginx
ETag
"1667af-3364-5db0e342ddfc0"
Vary
Accept-Encoding
X-Varnish
2814972210 2759924409
Via
1.1 varnish
Cache-Control
max-age=31556952, public
Accept-Ranges
bytes
Content-Type
application/javascript
lazyLoading.js
www.zdnet.fr/js/
3 KB
1 KB
Script
General
Full URL
https://www.zdnet.fr/js/lazyLoading.js?v=202104230830
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
a0641c825bde216ce776e7c75be98eb46be6c50581ffefe56c93f0d4664a8295

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Content-Encoding
gzip
Age
1123573
X-Cache
HIT
Connection
keep-alive
Content-Length
805
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
ETag
"74048-c2a-5daba4790d6c0"
Vary
Accept-Encoding
X-Varnish
274875270 159390942
Via
1.1 varnish
Cache-Control
max-age=31556952, public
Accept-Ranges
bytes
Content-Type
application/javascript
placeholder.js
www.zdnet.fr/frontend/core/js/cbsi/
1 KB
926 B
Script
General
Full URL
https://www.zdnet.fr/frontend/core/js/cbsi/placeholder.js?v=202104230830
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
544d0c7beb963c9d6e23db102eed01d55a1cd0824fc3d94e0829118666acc69b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Content-Encoding
gzip
Age
1123584
X-Cache
HIT
Connection
keep-alive
Content-Length
461
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
ETag
"32ed1f-59d-5daba4790d6c0"
Vary
Accept-Encoding
X-Varnish
274875271 159388522
Via
1.1 varnish
Cache-Control
max-age=31556952, public
Accept-Ranges
bytes
Content-Type
application/javascript
fixate.js
www.zdnet.fr/js/
5 KB
2 KB
Script
General
Full URL
https://www.zdnet.fr/js/fixate.js?v=202104230830
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
869ea07282b2a05406025a4953581a35442e011253faa88b6a6d89cb159672eb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Content-Encoding
gzip
Age
1123555
X-Cache
HIT
Connection
keep-alive
Content-Length
1494
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
ETag
"312fac-1559-5daba4790d6c0"
Vary
Accept-Encoding
X-Varnish
274875275 159393206
Via
1.1 varnish
Cache-Control
max-age=31556952, public
Accept-Ranges
bytes
Content-Type
application/javascript
shareBar.js
www.zdnet.fr/js/
16 KB
4 KB
Script
General
Full URL
https://www.zdnet.fr/js/shareBar.js?v=202104230830
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
e808c6bdf214c8f45c13511ea01c38d7ff9d70ffa8f1039c92d1f5839e045268

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-02.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Content-Encoding
gzip
Age
523576
X-Cache
HIT
Connection
keep-alive
Content-Length
4123
Last-Modified
Fri, 25 Mar 2022 17:22:15 GMT
Server
nginx
ETag
"4a2fb0-3fa4-5db0e342ddfc0"
Vary
Accept-Encoding
X-Varnish
2814972213 2759923146
Via
1.1 varnish
Cache-Control
max-age=31556952, public
Accept-Ranges
bytes
Content-Type
application/javascript
pop.js
www.zdnet.fr/js/
4 KB
2 KB
Script
General
Full URL
https://www.zdnet.fr/js/pop.js?v=202104230830
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
2120b923dd53f846c75b42ef36f8f31f66b7e496ffeb4de12adeb96156bac77e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-02.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Content-Encoding
gzip
Age
523575
X-Cache
HIT
Connection
keep-alive
Content-Length
1307
Last-Modified
Fri, 25 Mar 2022 17:22:15 GMT
Server
nginx
ETag
"4a2fbf-1194-5db0e342ddfc0"
Vary
Accept-Encoding
X-Varnish
2814972216 2759923170
Via
1.1 varnish
Cache-Control
max-age=31556952, public
Accept-Ranges
bytes
Content-Type
application/javascript
fader.js
www.zdnet.fr/js/
3 KB
1 KB
Script
General
Full URL
https://www.zdnet.fr/js/fader.js?v=202104230830
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
5485410c1824e6b9b04f823a98372b3efa8bf8b61e39d4a9fc501264e73af121

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Content-Encoding
gzip
Age
1123573
X-Cache
HIT
Connection
keep-alive
Content-Length
823
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
ETag
"7403e-a2c-5daba4790d6c0"
Vary
Accept-Encoding
X-Varnish
274875279 159390895
Via
1.1 varnish
Cache-Control
max-age=31556952, public
Accept-Ranges
bytes
Content-Type
application/javascript
member.js
www.zdnet.fr/js/
24 KB
4 KB
Script
General
Full URL
https://www.zdnet.fr/js/member.js?v=202104230830
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
9d5dd2d063697d318abb4a5d99d8bc4f1c0f7685ccfa97043e0e5a540452edf7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Content-Encoding
gzip
Age
1123566
X-Cache
HIT
Connection
keep-alive
Content-Length
3689
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
ETag
"312fae-5e2f-5daba4790d6c0"
Vary
Accept-Encoding
X-Varnish
274875278 159391062
Via
1.1 varnish
Cache-Control
max-age=31556952, public
Accept-Ranges
bytes
Content-Type
application/javascript
modal.js
www.zdnet.fr/js/
6 KB
2 KB
Script
General
Full URL
https://www.zdnet.fr/js/modal.js?v=202104230830
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
f25ac4ac5e72689fda03cb5a2c9787b74a85a75b5b7477d9615adea11fb4588d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-02.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Content-Encoding
gzip
Age
523556
X-Cache
HIT
Connection
keep-alive
Content-Length
2089
Last-Modified
Fri, 25 Mar 2022 17:22:15 GMT
Server
nginx
ETag
"4a2fcc-1965-5db0e342ddfc0"
Vary
Accept-Encoding
X-Varnish
2814972218 2759925668
Via
1.1 varnish
Cache-Control
max-age=31556952, public
Accept-Ranges
bytes
Content-Type
application/javascript
build-form-utils.js
www.zdnet.fr/js/
36 KB
8 KB
Script
General
Full URL
https://www.zdnet.fr/js/build-form-utils.js?v=202104230830
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
3e726f7a02c86c482f839b00f417db7a4080ba8628927e84b4731a4c455af22f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Content-Encoding
gzip
Age
1123584
X-Cache
HIT
Connection
keep-alive
Content-Length
7599
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
ETag
"7403c-8ed6-5daba4790d6c0"
Vary
Accept-Encoding
X-Varnish
274875283 159388525
Via
1.1 varnish
Cache-Control
max-age=31556952, public
Accept-Ranges
bytes
Content-Type
application/javascript
widgets.js
platform.twitter.com/
97 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F85) /
Resource Hash
da7ae7eec9c1f857161ad9356669f90a20a3e1bd18c8124b53cc2e367e04780b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 16:39:31 GMT
Content-Encoding
gzip
Age
808
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
29457
x-tw-cdn
VZ
Last-Modified
Thu, 31 Mar 2022 19:50:29 GMT
Server
ECS (pab/6F85)
Etag
"f763893db69b9ff52796c20ddfe2ac52+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
header-top-fade.png
www.zdnet.fr/images/base/
212 B
644 B
Image
General
Full URL
https://www.zdnet.fr/images/base/header-top-fade.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
03a0b944094a8f23ee61644f0f070eb5ec308aa83dbdae7fe1f9387906fab2b6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-02.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Via
1.1 varnish
Last-Modified
Fri, 25 Mar 2022 17:22:15 GMT
Server
nginx
Age
523546
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
2814972221 2759927143
Connection
keep-alive
Content-Encoding
gzip
header-highlights.png
www.zdnet.fr/images/base/
24 KB
24 KB
Image
General
Full URL
https://www.zdnet.fr/images/base/header-highlights.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
b16b8df9b270a40c2a6dc597f3b26053c129a5e6ab27afa66d9dbf195aba60ba

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-02.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Via
1.1 varnish
Last-Modified
Fri, 25 Mar 2022 17:22:15 GMT
Server
nginx
Age
523532
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
2814972224 2759928838
Connection
keep-alive
Content-Encoding
gzip
logo2x.png
www.zdnet.fr/images/base/
5 KB
5 KB
Image
General
Full URL
https://www.zdnet.fr/images/base/logo2x.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
25c18ac67b63e1ffd4ef45f2843c9bc916229bd950414ab315f9d242395200a8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Via
1.1 varnish
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
Age
1123585
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
274875287 159388503
Connection
keep-alive
Content-Encoding
gzip
header-search.png
www.zdnet.fr/images/base/
881 B
1 KB
Image
General
Full URL
https://www.zdnet.fr/images/base/header-search.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
7712ea4fa045ae61e81848941491523b380696162a1c5d6a830dd02c5825d638

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Via
1.1 varnish
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
Age
1123585
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
274875288 159388501
Connection
keep-alive
Content-Encoding
gzip
sprites.png
www.zdnet.fr/images/base/
23 KB
22 KB
Image
General
Full URL
https://www.zdnet.fr/images/base/sprites.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
4f47a3117706c6402b92ae4f26852792ca4a5143a68f7dda4368b9afd3e6025a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-02.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Via
1.1 varnish
Last-Modified
Fri, 25 Mar 2022 17:22:15 GMT
Server
nginx
Age
523548
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
2814972227 2759926866
Connection
keep-alive
Content-Encoding
gzip
header-lvl-nav.png
www.zdnet.fr/images/base/
2 KB
2 KB
Image
General
Full URL
https://www.zdnet.fr/images/base/header-lvl-nav.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
337c700d6936b2d29dfd1a823cf25554b981428a1d600a57f774c39b83de3abc

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/min-css/scaffolding.768.css?v=202203251740
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-02.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Via
1.1 varnish
Last-Modified
Fri, 25 Mar 2022 17:22:15 GMT
Server
nginx
Age
523518
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
2814972232 2759930699
Connection
keep-alive
Content-Encoding
gzip
header-nav-divider.png
www.zdnet.fr/images/base/
996 B
1 KB
Image
General
Full URL
https://www.zdnet.fr/images/base/header-nav-divider.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
cf6c73d88d239866e761ed1fc01a103d112a9be0e10719a07eb7afc04e329aaa

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Via
1.1 varnish
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
Age
1123557
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
274875291 159392793
Connection
keep-alive
Content-Encoding
gzip
heading.png
www.zdnet.fr/images/base/
945 B
1021 B
Image
General
Full URL
https://www.zdnet.fr/images/base/heading.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
d87419b7136c5046ae019b9156517d6b461bd99078518fe7001c8102cec24871

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Via
1.1 varnish
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
Age
1123572
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
274875293 159389616
Connection
keep-alive
Content-Encoding
gzip
sprites-catfish.png
www.zdnet.fr/images/base/
3 KB
3 KB
Image
General
Full URL
https://www.zdnet.fr/images/base/sprites-catfish.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
d7bd2a2f4fc2cb1e0ccf80bd8a90aa593b6c48bc54555b1c3719a44d573ef3f6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Via
1.1 varnish
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
Age
1123584
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
274875292 159388541
Connection
keep-alive
Content-Encoding
gzip
footer.png
www.zdnet.fr/images/base/
27 KB
28 KB
Image
General
Full URL
https://www.zdnet.fr/images/base/footer.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
c8b6d1ad6ba5f74457aef4be4ac339e0ff92f4be51efcaab0fc4908692e2f826

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Via
1.1 varnish
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
Age
1123568
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
274875295 159391771
Connection
keep-alive
Content-Encoding
gzip
all.js
connect.facebook.net/fr_FR/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/fr_FR/all.js
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
857922ea5cd073cde884eb387009fd8ce4afa615c04000fcdc658f77af8226a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
vLrmiDlQpFViy6dgGHl1Jw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
1sB+cHWdNN+cvuADh5wVNU1ZVGGSOi00OQ4tdToIQLqhyHmgX7HP93CVDzDtCRaw0wiJJgEJ9cleRlbgDCrIWA==
x-fb-trip-id
2050670934
x-fb-content-md5
1271d9b25cebd21c622b8855a0728e8b
x-frame-options
DENY
date
Mon, 04 Apr 2022 16:39:31 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"0218e9d9be90d374c29109273bd6f2f7"
timing-allow-origin
*
expires
Mon, 04 Apr 2022 16:54:40 GMT
sdk.bc8f596cc3e71020263c57dc87e34b53c73987b2.js
sdk.privacy-center.org/
387 KB
86 KB
Script
General
Full URL
https://sdk.privacy-center.org/sdk.bc8f596cc3e71020263c57dc87e34b53c73987b2.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/257d0d56-29d8-4b15-9c61-26d6e013bb68/loader.js?target=www.zdnet.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d02246e37ff54502748d6a20a0562443952c82afcf15b248ebec1aa4e44737b9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 10:08:25 GMT
content-encoding
gzip
last-modified
Mon, 04 Apr 2022 10:03:08 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1649066248/ctime:1649066248/gid:0/gname:root/md5:0e56543250d4ef2cbc3903971494221f/mode:33188/mtime:1649066248/uid:0/uname:root
age
23466
etag
W/"0e56543250d4ef2cbc3903971494221f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
skKyxytfNkJIHwOhDYe4u5F1aG9nHlzCSP-wPlyGSWRPgpooeBpi8Q==
loader.js
cdn.taboola.com/libtrc/unify-zdnet/
198 KB
25 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unify-zdnet/loader.js
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fabc5fc020d9072023449a3679f0200dc9783e54e22856eacb14459101a0600a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
_8Reyt8ok5ce0PxwVkccYQBMP8eYzYZ2
content-encoding
gzip
age
0
via
1.1 varnish
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
8
content-length
25011
x-amz-id-2
KFg6wn9DQlHzv2AAs75+8+lgsCsEGuYRC98AAbdiZMOe3+6BtTjwsD7wHetsi3Cd7xw1Hne7lys=
x-served-by
cache-cdg20753-CDG
last-modified
Mon, 04 Apr 2022 15:16:55 UTC
server
nginx
x-timer
S1649090371.308328,VS0,VE41
etag
"99471ec67de8e081adf020dc427b26ced29334c6"
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
B5DG11V2TM3FVBN6
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
date
Mon, 04 Apr 2022 16:39:31 GMT
abp
27
x-cache-hits
0
MW83idqB6Uj.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/ Frame 094D
18 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/MW83idqB6Uj.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=6512744217&width=300&connections=5&locale=fr_FR&stream=false&header=true&height=220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5f074c9a727c8725a45d10debe8c31b06cb68373ff9f4925e58c87c75b331da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rbXclk7KCSSaHKjYGWSk4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4781
x-fb-rlafr
0
x-fb-debug
hYEek1mH+dK6ms3JHABMKgMCfj0JQ6Txk3BvKR9abo6ABEpTAiDh2/duFKNOM1bK/+xB43TDxBaBVXT6TtofRg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 03 Apr 2023 16:18:26 GMT
css
fonts.googleapis.com/ Frame 1A84
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca6306b9a7596779af02f9b097a9bd36837022f84f1e95c5b2f790c8e1c02fa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 15:32:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 16:39:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 16:39:31 GMT
aea3675af88d5deac27b.css
widget.ausha.co/_next/static/css/ Frame 1A84
1 KB
1 KB
Stylesheet
General
Full URL
https://widget.ausha.co/_next/static/css/aea3675af88d5deac27b.css
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
36f7b921acbbb900f42caf61c058df0d20bb172acae50e69f9f90b90f27bc387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZTQ3NMPCN221CQ68B82ZX1A
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
766
age
269977
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
04/04/2022 16:39:12
cdn-pullzone
206564
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
access-control-allow-origin
*
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"d55278a9b5d90643b38dcc83249ff29b-ssl"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
68e3aa7d780ee525e40dc7723204ce0c
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
main-8115e7097f9b4c1ec60d.js
widget.ausha.co/_next/static/chunks/ Frame 1A84
20 KB
7 KB
Script
General
Full URL
https://widget.ausha.co/_next/static/chunks/main-8115e7097f9b4c1ec60d.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
f0391c3720082310f666cf889c92b480e30befb563f7127764182609f2230dea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZTPX5QJ9JK1ETCVDRD0NT2M
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
766
age
244902
cdn-cachedat
04/04/2022 16:35:39
cdn-pullzone
206564
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"65d3f3a3e43607cc237b04bf2221631f-ssl-df"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
2fdee002d1dfe0db4b06066cc6fd1baa
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
webpack-d51e3c53570fec07dc01.js
widget.ausha.co/_next/static/chunks/ Frame 1A84
2 KB
2 KB
Script
General
Full URL
https://widget.ausha.co/_next/static/chunks/webpack-d51e3c53570fec07dc01.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
dbdd9483c8695d06e336c48189c58d558cf4917b8cd25e967f00a1d47b3bf841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZTPQ76N0S7RY77B5VEDFKJK
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
879
age
269878
cdn-cachedat
04/04/2022 16:32:24
cdn-pullzone
206564
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"8b544f4ed0dbb06216196a347e72e7da-ssl"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
c1e560e0f1f844c0877780a970610233
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
framework.4df82c4704a0136f6a4b.js
widget.ausha.co/_next/static/chunks/ Frame 1A84
126 KB
38 KB
Script
General
Full URL
https://widget.ausha.co/_next/static/chunks/framework.4df82c4704a0136f6a4b.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
2040ce46622941a656fd06926eb8c6b9c455243f7a163e8415969b2648af17ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZTMPV3Z9P4Z1K124RB5X5ZV
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
549
age
141574
cdn-cachedat
04/04/2022 15:57:15
cdn-pullzone
206564
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"0a854df40f9e8754331b2cb444c6250c-ssl-df"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
7bc0b73ed48770d749fda42b3a38fb25
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
05d954cf.9ffbb6fb9bb5756de8e4.js
widget.ausha.co/_next/static/chunks/ Frame 1A84
48 KB
16 KB
Script
General
Full URL
https://widget.ausha.co/_next/static/chunks/05d954cf.9ffbb6fb9bb5756de8e4.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
16c8055d02ea9a87d260acb821a4616a540463ac453fd02f8f74f52fb7dc3cdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZTEK4HATDE0GRTZYKD4JPG4
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
766
age
259630
cdn-cachedat
04/04/2022 14:10:22
cdn-pullzone
206564
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"c10d53658efb1f7503a125bd888dfb8b-ssl-df"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
7d515b88e0b3d7d0c731986ee95f7c19
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
75fc9c18.2ebdbe963ad0d64207af.js
widget.ausha.co/_next/static/chunks/ Frame 1A84
59 KB
19 KB
Script
General
Full URL
https://widget.ausha.co/_next/static/chunks/75fc9c18.2ebdbe963ad0d64207af.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
5256784b155e375ab5df726a7b4482c746a4e68442f952ed956353ee90b0da59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZTPC10TR8E3RVBTWAKV2W14
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
883
age
26931
cdn-cachedat
04/04/2022 16:26:18
cdn-pullzone
206564
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"7c93aedaa5d324262379f00e15d62d58-ssl-df"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
eb6d1827e90c2c72061fd110dd6fff5a
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
commons.c007563ecc7d2c2e273c.js
widget.ausha.co/_next/static/chunks/ Frame 1A84
132 KB
38 KB
Script
General
Full URL
https://widget.ausha.co/_next/static/chunks/commons.c007563ecc7d2c2e273c.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
e0dfd1ea257f486eb30aff0625d98822956fca16506cacea388059bffcf0c89b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZRY0WHZSW00PQ6RCF095ZTP
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
879
age
21251
cdn-cachedat
04/04/2022 00:01:32
cdn-pullzone
206564
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"4a6516945afc2dcf4fdd8ff80d2584ee-ssl-df"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
b937870a259b03e0dee3373db7ebae2a
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
71247caf95475e3ea7f9a0f8a30beb258b23d005.7b34193ade9c3be17051.js
widget.ausha.co/_next/static/chunks/ Frame 1A84
160 KB
42 KB
Script
General
Full URL
https://widget.ausha.co/_next/static/chunks/71247caf95475e3ea7f9a0f8a30beb258b23d005.7b34193ade9c3be17051.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
e23d83cfea64a51f538c71b3312517d2b1ef7afaf9ffb11d92b53b06e0ef80b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZTBTYTT89M0VY1WM1SKQWXT
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
879
age
69040
cdn-cachedat
04/04/2022 13:22:12
cdn-pullzone
206564
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"50fcd4f56f32691a3865491d743b1d69-ssl-df"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
6cb9ea6146e6eb31cf720486cf72e0d8
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
f6078781a05fe1bcb0902d23dbbb2662c8d200b3.bc66b60ebb234774ecfb.js
widget.ausha.co/_next/static/chunks/ Frame 1A84
32 KB
11 KB
Script
General
Full URL
https://widget.ausha.co/_next/static/chunks/f6078781a05fe1bcb0902d23dbbb2662c8d200b3.bc66b60ebb234774ecfb.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
c35f5cd45eec285d5008e18c0eebb2158c74dbe73b4d92ced06e22b21d08b818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZTPY49Z7PK9S33WWF4F7TQJ
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
883
age
260641
cdn-cachedat
04/04/2022 16:36:11
cdn-pullzone
206564
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"31bc162d970a607f3a1e40aeb848d1f3-ssl-df"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
32e3919c707cbb16229386ac97adf465
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
_app-e62e09acdf0838b87542.js
widget.ausha.co/_next/static/chunks/pages/ Frame 1A84
125 KB
36 KB
Script
General
Full URL
https://widget.ausha.co/_next/static/chunks/pages/_app-e62e09acdf0838b87542.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
59b347e6bc211a76d6643c2a2b306d76cf75b64c9e12def2de07c1cc10cbf82b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZSR8M0A4P0J4Q97NDK2JM9C
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
879
age
49158
cdn-cachedat
04/04/2022 07:40:09
cdn-pullzone
206564
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"baf9042a89925b525bd3cbe4a2b48c59-ssl-df"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
52bb514885cad6984a0f887b3d5bacc9
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
index-7c54583d84794e98d4f9.js
widget.ausha.co/_next/static/chunks/pages/ Frame 1A84
199 KB
55 KB
Script
General
Full URL
https://widget.ausha.co/_next/static/chunks/pages/index-7c54583d84794e98d4f9.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
cb2cfa5643974784914b41f906ed76ee4a8a60de8905d33a2010c80eaaf8721e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZSSC6AB77ZYM1N7JM6X54H8
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
879
age
48944
cdn-cachedat
04/04/2022 07:59:34
cdn-pullzone
206564
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"2084e8bc787eddc1cae7492df5d9aa60-ssl-df"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
b51af993d3d2a278825835ccddb010aa
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
ZrWkf8IKWNq3HsOC6UelE4ZYOwHX32PPzd3oB3o0_400x400.jpeg
image.ausha.co/ Frame 1A84
53 KB
53 KB
Image
General
Full URL
https://image.ausha.co/ZrWkf8IKWNq3HsOC6UelE4ZYOwHX32PPzd3oB3o0_400x400.jpeg
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
072c8fb6640ed1dd582ee5306e700c1ef437e3e5d53ce5385c97f8f22278bb11

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:31 GMT
cdn-edgestorageid
883
x-amz-request-id
TPBYZNFH6PVH47VF
cdn-cachedat
03/10/2022 13:34:31
cdn-pullzone
88427
content-length
53817
x-amz-id-2
NAsaCjPcBUAYUIJMN0hkIP52KB8tAaExfRLZK+O3MPl3IsQN3E6cHxExjuaMalxbur1kmfBIspY=
server
BunnyCDN-AMS1-879
last-modified
Wed, 20 Oct 2021 10:27:08 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"e70b36ee23560e211784a756015b2082"
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=31919000
cdn-requestid
93c68c24907abac10b9755c9dd8b4d70
accept-ranges
bytes
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
6325aa76-9552-4918-a562-ec3d40ecb963
boot.pbstck.com/v1/tag/
1 KB
925 B
Script
General
Full URL
https://boot.pbstck.com/v1/tag/6325aa76-9552-4918-a562-ec3d40ecb963
Requested by
Host: aufeminin-zdnet.cupinteractive.com
URL: https://aufeminin-zdnet.cupinteractive.com/reloaded/esi/ads?device=desktop&render=js&keywords=content_keywords%3Dcyberattaque%3Bcontent_keywords%3Dcybersecurite%3Bcontent_keywords%3Dcybercriminalite%3Bcontent_keywords%3Dransomware%3Bplatform%3Ddesktop%3Bcontent_class%3Drg%3Bcontenttype%3Darticle%3Bdate%3D29-03-2022%3Bstory%3D39939605%3Bsection%3Dactualites%3Bsubsection%3Dinformatique%3Bnew_visitor%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
640ab8ed5a3dad3f300a67182a54aae219714fd69363d05171a0cf4f3c691920

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=120
cf-ray
6f6b7b051a760893-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget_iframe.0af76c3310098d2f8f428367b62351b8.html
platform.twitter.com/widgets/ Frame 1DF9
319 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Fwww.zdnet.fr
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F98) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
334021
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Apr 2022 16:39:31 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 31 Mar 2022 19:49:03 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6F98)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
all.js
connect.facebook.net/fr_FR/
288 KB
82 KB
Script
General
Full URL
https://connect.facebook.net/fr_FR/all.js?hash=0a8868c8cb034c4205b33111a61eda9d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a3e08af4d2b6dc8581ba6f5c8158f6039c832ea3ffb3821c842294d2d0afa84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.zdnet.fr/
Origin
https://www.zdnet.fr
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GuHza5VrPtClr4VqIAd5tQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84234
x-fb-rlafr
0
x-fb-debug
zuvjaubnRUL9Rzxk89YBeZVkubEFZ+nPGjwoQbfrNwIsY9377XguXzHnlxD51Gf5OiQuMi6fk/KNRPB+o0UrAA==
x-fb-content-md5
8f7209cfd5c26c0dd46306d18348e536
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 04 Apr 2022 16:39:31 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"f4b0a616d2faeea1eaeee8b3b51754ea"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 04 Apr 2023 14:34:11 GMT
ui-gdpr-fr.bc8f596cc3e71020263c57dc87e34b53c73987b2.js
sdk.privacy-center.org/
272 KB
55 KB
Script
General
Full URL
https://sdk.privacy-center.org/ui-gdpr-fr.bc8f596cc3e71020263c57dc87e34b53c73987b2.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.bc8f596cc3e71020263c57dc87e34b53c73987b2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:2000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70b55a548e327da5080b258788e15d0141881076b566bf78a6ba822b7cef0393

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 10:08:27 GMT
content-encoding
gzip
last-modified
Mon, 04 Apr 2022 10:03:34 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1649066248/ctime:1649066248/gid:0/gname:root/md5:53804629cb75aecab5bbbe2a51cd9cf9/mode:33188/mtime:1649066248/uid:0/uname:root
age
23465
etag
W/"53804629cb75aecab5bbbe2a51cd9cf9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
HKftyavs3ON0PUu28CirrsxvI3d82fsNsF-OGfL1FUQpCNLaTaygdg==
gpt.js
www.googletagservices.com/tag/js/
83 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.bc8f596cc3e71020263c57dc87e34b53c73987b2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a34d314a360600ba41c7948f4cb0a8ee927912e338e94e419d434e24bdb12b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28268
x-xss-protection
0
server
sffe
etag
"1177 / 674 of 1000 / last-modified: 1649089692"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Apr 2022 16:39:31 GMT
truncated
/ Frame 1A84
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
807179253049c03d62c29b05a8e3565f48d867ed411bb05ecedacae8455855c9

Request headers

Referer
Origin
https://widget.ausha.co
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 1A84
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://widget.ausha.co
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 22:45:30 GMT
x-content-type-options
nosniff
age
496441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:45:30 GMT
_buildManifest.js
widget.ausha.co/_next/static/w9MYURwqNwJkPFO9wMfXh/ Frame 1A84
298 B
805 B
Script
General
Full URL
https://widget.ausha.co/_next/static/w9MYURwqNwJkPFO9wMfXh/_buildManifest.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
bde2856e2b2e0915311761a32b5d03582ef45912aaa7706baca91846c73f3486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZ8FVR30S84WD781FYYJA6F9
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
766
age
9
cdn-cachedat
03/28/2022 14:46:13
cdn-pullzone
206564
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"ca1675da1acd08a56153e19a7a394f0d-ssl"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
6a13afb1b4552d9a8912c029aeb4f9a5
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
_ssgManifest.js
widget.ausha.co/_next/static/w9MYURwqNwJkPFO9wMfXh/ Frame 1A84
76 B
657 B
Script
General
Full URL
https://widget.ausha.co/_next/static/w9MYURwqNwJkPFO9wMfXh/_ssgManifest.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZDS8ZFCRMQG44MVS44FX868
date
Mon, 04 Apr 2022 16:39:31 GMT
x-content-type-options
nosniff
cdn-edgestorageid
879
age
84043
cdn-cachedat
03/30/2022 16:06:56
cdn-pullzone
206564
vary
Accept-Encoding
content-length
76
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"ba4c09bdc22b04be9ef02c542fb2b286-ssl"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
22a7cbd897e6966976ddedb30afeaf1f
accept-ranges
bytes
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
settings
syndication.twitter.com/ Frame 1DF9
230 B
445 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=19aeced32ac02bcde2e36135fcabcbf78af4e36b
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Fwww.zdnet.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
5054a54db3ef08ce6320ae9a8d59ca6e4d6f0c66b5cd92a03caccf9d0448040a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time
105
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
gzip
last-modified
Mon, 04 Apr 2022 16:39:31 GMT
server
tsa_f
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
b3544aa12baaa664d02aad69ace8d315015a311fbd97ebbb6bb915c9fb74b6ea
content-length
164
impl.20220404-2-RELEASE.es5.js
cdn.taboola.com/libtrc/
698 KB
134 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20220404-2-RELEASE.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unify-zdnet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
8db980d4051813f15c254961f906f82c8c6f504a474bb8c1f231699500d8fde5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
4cnS7gR9j02x.bPwbg4qwh30Bc8FxoIz
content-encoding
br
etag
"e5e3632d4c73ed0abb4961cecace58ff"
age
28345
x-cache
HIT
content-length
137189
x-amz-id-2
iEoVok+z1Dg7ZRuToEd8Pf4XFylebxf/sTUK9m+DutnkYXAEL26Iy9VgP1BBnkUxOvPt4zCC9p4=
x-served-by
cache-cdg20753-CDG
last-modified
Mon, 04 Apr 2022 08:46:21 GMT
server
AmazonS3-br
x-timer
S1649090372.590265,VS0,VE0
date
Mon, 04 Apr 2022 16:39:31 GMT
vary
Accept-Encoding
x-amz-request-id
E9J6E3HC9182ER9V
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
96
x-cache-hits
15938
12.e58bb05caf6414844bee.js
widget.ausha.co/_next/static/chunks/ Frame 1A84
14 KB
4 KB
Script
General
Full URL
https://widget.ausha.co/_next/static/chunks/12.e58bb05caf6414844bee.js
Requested by
Host: widget.ausha.co
URL: https://widget.ausha.co/_next/static/chunks/webpack-d51e3c53570fec07dc01.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS1-879 /
Resource Hash
db87c20ae5154f50fc4672bd4072557ef0c32396c7492a1da3f51aebf215d43d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://widget.ausha.co/index.html?showId=bPAr5h5jxxlD&playlist=true&color=%23D11D18&display=vertical&v=2&mode=latest&height=450px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nf-request-id
01FZTNQQH8W76BE7X68E3374GG
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
549
age
23124
cdn-cachedat
04/04/2022 16:15:12
cdn-pullzone
206564
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-AMS1-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"5eba94748ab617ec076d93ecc9422f31-ssl-df"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
b9226244-3d3d-4394-a1f6-ad54527a998e
cache-control
public, max-age=1200
cdn-requestid
f4342cdc59a0507048a721493a69a4eb
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=243265768935&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.zdnet.fr%2Factualites%2Fransomware-le-montant-moyen-des-rancons-augmente-39939605.htm&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/all.js?hash=0a8868c8cb034c4205b33111a61eda9d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Xs+bvJ4THelDD+A7e2un93SwXScSENhNNBoeBHs/bReUPGn2efCdoX4fKMe1pK/C7ru915ETY9uChrZdVEI3bg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Mon, 04 Apr 2022 16:39:31 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zdnet.fr
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
index-monitoring-b34f022.js
cdn.pbstck.com/
181 KB
50 KB
XHR
General
Full URL
https://cdn.pbstck.com/index-monitoring-b34f022.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/6325aa76-9552-4918-a562-ec3d40ecb963
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53b0da82a6ba44e4ca5e7531d5e1c17e6e96ab95408a799d93fb8dbb48a12ad0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
br
cf-cache-status
HIT
age
440574
x-guploader-uploadid
ADPycdtmbqy163L1pV72PcFVM3GIm1CAgiEquWTLyyeO3BXAyWyo9KRDI8zRbNMSZaMQeTkzNgECr4DlgU7AJcVPggdSYqm2Kg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 02 Mar 2022 13:38:57 GMT
server
cloudflare
etag
W/"70df9ac11f5713b7df84dc154d5b3451"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=PFjOEw==, md5=cN+awR9XE7ffhNwVTVs0UQ==
x-goog-generation
1646228337450073
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
49916
cf-ray
6f6b7b083af899ae-CDG
expires
Wed, 06 Apr 2022 13:25:58 GMT
events
api.privacy-center.org/v1/ Frame
0
0
Preflight
General
Full URL
https://api.privacy-center.org/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ea00:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.zdnet.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
date
Mon, 04 Apr 2022 16:39:31 GMT
vary
Access-Control-Request-Headers
via
1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-cf-id
yULu112sdyy8Uhftn073rdFulKPsZHkNJbOyUkBWBhFERdRvtkh6yw==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
x-powered-by
Express
events
api.privacy-center.org/v1/
0
521 B
XHR
General
Full URL
https://api.privacy-center.org/v1/events
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.bc8f596cc3e71020263c57dc87e34b53c73987b2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ea00:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zdnet.fr/
X-Requested-With
XMLHttpRequest
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Apr 2022 16:39:31 GMT
via
1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
surrogate-control
no-store
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
strict-transport-security
max-age=15552000; includeSubDomains
x-xss-protection
1; mode=block
pragma
no-cache
allow
POST
x-frame-options
SAMEORIGIN
etag
W/"4-K+iMpCQsduglOsYkdIUQZQMtaDM"
x-download-options
noopen
vary
Accept
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-amz-cf-id
qobDK6-hfw5IGMfSgSPjbsG9wI46oOhQNePJkvkV7aQPAD2Unrs7kg==
expires
0
logo-cmp.png
www.zdnet.fr/images/base/
5 KB
5 KB
Image
General
Full URL
https://www.zdnet.fr/images/base/logo-cmp.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
968a2c5847985338d6e7958dd027edf8ab2532017dd965da1f138fd0e4ad8fb9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:31 GMT
Via
1.1 varnish
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
Age
1123555
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
274875448 159393160
Connection
keep-alive
Content-Encoding
gzip
pubads_impl_2022032909.js
securepubads.g.doubleclick.net/gpt/
367 KB
126 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032909.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
11992f506398f0ce551a82f7591c0448de7de4b0a84a1fdef72131fd756710ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2069
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128011
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 19:35:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Apr 2023 16:05:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
110 B
731 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zdnet.fr
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c514f0bf1b0bfc87ccafa74abb2ac8489ba9e62bbc2b2c7a4a42a3408a03afde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 16:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Mon, 04 Apr 2022 16:39:31 GMT
card-interference-detector.20220404-2-RELEASE.es5.js
cdn.taboola.com/libtrc/
8 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20220404-2-RELEASE.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unify-zdnet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5e63909a00e4e33e59fbb3d0127db4f0dcd53b4fc7c2d94876b2b0434dc93d7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
.PpcdPx_FKpk1n3lRjAttpdmCuaVmX41
content-encoding
gzip
etag
"bbaf356c7c7e1316ebee16d6dbe5dbf5"
age
27400
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2789
x-amz-id-2
AWd1Uzft1Y5THnZmAHpb/SasORc7M+DShoxj8YL7BEjfRZmy0ku0WjL/l6Wpz4BBU7MeeqrEXCg=
x-served-by
cache-cdg20753-CDG
last-modified
Mon, 04 Apr 2022 09:00:00 GMT
server
AmazonS3
x-timer
S1649090372.918432,VS0,VE0
date
Mon, 04 Apr 2022 16:39:31 GMT
vary
Accept-Encoding
x-amz-request-id
P5Z7VE0V4GMSVQY2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
96
x-cache-hits
4151
button.aa5c8b3b99b08ae2f6493ea7d8cc8590.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.aa5c8b3b99b08ae2f6493ea7d8cc8590.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F85) /
Resource Hash
261cf8e55383415eceda39a856866ffd0b64fbb1a5be243e48b097c475ac7128

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 16:39:31 GMT
Content-Encoding
gzip
Age
334031
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
2293
x-tw-cdn
VZ
Last-Modified
Thu, 31 Mar 2022 19:48:55 GMT
Server
ECS (pab/6F85)
Etag
"d0a23e7e0339812df29e0bc23fe13bd2+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
follow_button.0af76c3310098d2f8f428367b62351b8.fr.html
platform.twitter.com/widgets/ Frame C54E
37 KB
14 KB
Document
General
Full URL
https://platform.twitter.com/widgets/follow_button.0af76c3310098d2f8f428367b62351b8.fr.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F85) /
Resource Hash
69327c9d10deab2c57583278487da61f591049c1017d37e256f552f4c80194d1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
334027
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13862
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Apr 2022 16:39:31 GMT
Etag
"897d3b1647ce2080faa830f9a8142f1b+gzip"
Last-Modified
Thu, 31 Mar 2022 19:48:56 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6F85)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
truncated
/ Frame C54E
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
in.js
platform.linkedin.com/
507 KB
159 KB
Script
General
Full URL
https://platform.linkedin.com/in.js?async=true
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F7B) /
Resource Hash
32ee07d3e03cb425623d6da6f6eb30bc2da1e42fc8f656a6425cff093741b015

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:32 GMT
content-encoding
gzip
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
2780
x-cache
HIT
x-cdn-proto
HTTP2
content-length
162376
x-li-uuid
AAXb1iApJ1pLyD5U0i9oNg==
server
ECAcc (paa/6F7B)
last-modified
Mon, 04 Apr 2022 15:53:12 GMT
x-li-pop
prod-lva1-x
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
accept-ranges
bytes
x-li-proto
http/1.1
x-li-fabric
prod-lva1
expires
Mon, 4 Apr 2022 16:53:12 GMT
sprites-share-bar.png
www.zdnet.fr/images/base/
19 KB
18 KB
Image
General
Full URL
https://www.zdnet.fr/images/base/sprites-share-bar.png
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.42.33 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
not.updated.oxalide.net
Software
nginx /
Resource Hash
ea2db7b74eb4356946052dc274848f1b8e9a47dbdf1f66ab3c67ef91cd76b75b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/min-css/scaffolding.css?v=202203251740
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Whois-Cache
neweb.cbs.infra-cache-01.adm
Date
Mon, 04 Apr 2022 16:39:32 GMT
Via
1.1 varnish
Last-Modified
Mon, 21 Mar 2022 13:14:43 GMT
Server
nginx
Age
1123562
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
image/png
Cache-Control
max-age=31556952, public
Transfer-Encoding
chunked
X-Varnish
274875469 159392360
Connection
keep-alive
Content-Encoding
gzip
share_button.php
www.facebook.com/plugins/ Frame 9B8C
43 KB
13 KB
Document
General
Full URL
https://www.facebook.com/plugins/share_button.php?app_id=243265768935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc81b8b167d534%26domain%3Dwww.zdnet.fr%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdnet.fr%252Ff1169665526c704%26relation%3Dparent.parent&container_width=0&height=21&href=https%3A%2F%2Fwww.zdnet.fr%2Factualites%2Fransomware-le-montant-moyen-des-rancons-augmente-39939605.htm&layout=button_count&locale=fr_FR&sdk=joey&size=small&width=55
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/all.js?hash=0a8868c8cb034c4205b33111a61eda9d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83c5de5e91361187a1d28ecfc0e220e28305da428ca0ee3f0ae1f46a5e37d861
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 16:39:32 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
jSeRv+57kDMkG6IVtHoZMsY7h2lCxQu1YVNiZcyv9SH1bK5ud5c2zWKbCXjcMu2tIne+S7hmi5O90BMEBILIsA==
x-fb-rlafr
0
x-xss-protection
0
share_button.php
www.facebook.com/plugins/ Frame 882A
43 KB
13 KB
Document
General
Full URL
https://www.facebook.com/plugins/share_button.php?app_id=243265768935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a209c290bcf3c%26domain%3Dwww.zdnet.fr%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdnet.fr%252Ff1169665526c704%26relation%3Dparent.parent&container_width=0&height=21&href=https%3A%2F%2Fwww.zdnet.fr%2Factualites%2Fransomware-le-montant-moyen-des-rancons-augmente-39939605.htm&layout=button_count&locale=fr_FR&sdk=joey&size=small&width=55
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/all.js?hash=0a8868c8cb034c4205b33111a61eda9d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce17275e787a6ed481e644ca2858c8f447db172a8066cee36927df58cb95668e
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 16:39:32 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Ne11LfIGhK9XX+DHGH7vYi4KHZTS+qp2xLYrbvqf8EMXMz8jO2Tb0Jh9lje0qhDyNoS8Vn1OWaQ3dFjn5j4KZA==
x-fb-rlafr
0
x-xss-protection
0
like.php
www.facebook.com/plugins/ Frame 25CE
34 KB
13 KB
Document
General
Full URL
https://www.facebook.com/plugins/like.php?app_id=243265768935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35819c7e75c2ac%26domain%3Dwww.zdnet.fr%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdnet.fr%252Ff1169665526c704%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.facebook.com%2Fzdnet.fr&layout=button_count&locale=fr_FR&sdk=joey&send=false&show_faces=false&width=83
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/all.js?hash=0a8868c8cb034c4205b33111a61eda9d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
339715a96321a36dcca2e864700297b30f5f0a29f0028f4773977b4b3c9c63c5
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 04 Apr 2022 16:39:32 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
W4zjINCbfUdhUnj4mh43rFYuIgZu6ytsW5oD5lbov85FB0k1vs9HiOm/SBNVnl1uGuLfhD0LPr33MRJUA3VFpg==
x-fb-rlafr
0
x-xss-protection
0
page
intake.pbstck.com/v1/intake/
0
65 B
XHR
General
Full URL
https://intake.pbstck.com/v1/intake/page?sId=6645c9d6&tId=6325aa76-9552-4918-a562-ec3d40ecb963&c=1&ctr=FR
Requested by
Host: www.zdnet.fr
URL: https://www.zdnet.fr/actualites/ransomware-le-montant-moyen-des-rancons-augmente-39939605.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zdnet.fr/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 04 Apr 2022 16:39:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f6b7b09ff1199ae-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
tweet_button.0af76c3310098d2f8f428367b62351b8.fr.html
platform.twitter.com/widgets/ Frame 13C4
33 KB
13 KB
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.0af76c3310098d2f8f428367b62351b8.fr.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F85) /
Resource Hash
e4dfb1340185f167231ac02f6cc72cd6f703f50d33e1936d88ac71b190f59540

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
334032
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12483
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Apr 2022 16:39:32 GMT
Etag
"491ac9c4677a4b18355e536755a65e81+gzip"
Last-Modified
Thu, 31 Mar 2022 19:48:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6F85)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
tweet_button.0af76c3310098d2f8f428367b62351b8.fr.html
platform.twitter.com/widgets/ Frame 2BB2
33 KB
13 KB
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.0af76c3310098d2f8f428367b62351b8.fr.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F85) /
Resource Hash
e4dfb1340185f167231ac02f6cc72cd6f703f50d33e1936d88ac71b190f59540

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
334032
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12483
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Apr 2022 16:39:32 GMT
Etag
"491ac9c4677a4b18355e536755a65e81+gzip"
Last-Modified
Thu, 31 Mar 2022 19:48:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6F85)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
truncated
/ Frame 13C4
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 25CE
400 B
451 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=243265768935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35819c7e75c2ac%26domain%3Dwww.zdnet.fr%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdnet.fr%252Ff1169665526c704%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.facebook.com%2Fzdnet.fr&layout=button_count&locale=fr_FR&sdk=joey&send=false&show_faces=false&width=83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:32 GMT
x-content-type-options
nosniff
content-md5
uF0RL4E+h23ClLQmPOTTMw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
400
x-fb-rlafr
0
x-fb-debug
FDDx/pH7M5XNZ8JJy9aBnlmSblW9+HNmzMj1tFdAXNKZUymCAnoLIJ6JGfUHPTRQjNRG0cg3knTeejJPa2IrHw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 02 Apr 2023 02:05:43 GMT
hO3BA8a1wP0.js
static.xx.fbcdn.net/rsrc.php/v3iZPf4/yY/l/fr_FR/ Frame 25CE
522 KB
136 KB
XHR
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iZPf4/yY/l/fr_FR/hO3BA8a1wP0.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=243265768935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35819c7e75c2ac%26domain%3Dwww.zdnet.fr%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdnet.fr%252Ff1169665526c704%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.facebook.com%2Fzdnet.fr&layout=button_count&locale=fr_FR&sdk=joey&send=false&show_faces=false&width=83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e61daebcc01a269c2e459234c29e1ba75d4a90ed86684277e5fd59e35ea3fddd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:32 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
V2aQyIkLoT+jTLMvULeh0Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
139257
x-fb-rlafr
0
x-fb-debug
TsvWp5JJ50O8aqHIrVSHDdSQ7oCkFt215WQQvh5fIzvHbb8Em24VPor4DMoGlgeXQkkHExOL09O1Y6H1Un0kjw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sun, 02 Apr 2023 03:31:56 GMT
truncated
/ Frame 2BB2
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
zSKZHMh8mXU.png
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 9B8C
388 B
443 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/zSKZHMh8mXU.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=243265768935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc81b8b167d534%26domain%3Dwww.zdnet.fr%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdnet.fr%252Ff1169665526c704%26relation%3Dparent.parent&container_width=0&height=21&href=https%3A%2F%2Fwww.zdnet.fr%2Factualites%2Fransomware-le-montant-moyen-des-rancons-augmente-39939605.htm&layout=button_count&locale=fr_FR&sdk=joey&size=small&width=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:32 GMT
x-content-type-options
nosniff
content-md5
mLIKfuTnwd0c8uA9BXg4cQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
388
x-fb-rlafr
0
x-fb-debug
7eI+ITzytwDRDxnBjo9UiphTHdKxR7O8bX6S+/eyaWJEOOaAXGqtNA+RSY1kRC7DMjwnmpfwY2tetAqvxqfvGg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 25 Mar 2023 15:47:50 GMT
zSKZHMh8mXU.png
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 882A
388 B
440 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/zSKZHMh8mXU.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=243265768935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a209c290bcf3c%26domain%3Dwww.zdnet.fr%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdnet.fr%252Ff1169665526c704%26relation%3Dparent.parent&container_width=0&height=21&href=https%3A%2F%2Fwww.zdnet.fr%2Factualites%2Fransomware-le-montant-moyen-des-rancons-augmente-39939605.htm&layout=button_count&locale=fr_FR&sdk=joey&size=small&width=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:32 GMT
x-content-type-options
nosniff
content-md5
mLIKfuTnwd0c8uA9BXg4cQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
388
x-fb-rlafr
0
x-fb-debug
7eI+ITzytwDRDxnBjo9UiphTHdKxR7O8bX6S+/eyaWJEOOaAXGqtNA+RSY1kRC7DMjwnmpfwY2tetAqvxqfvGg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 25 Mar 2023 15:47:50 GMT
hO3BA8a1wP0.js
static.xx.fbcdn.net/rsrc.php/v3iZPf4/yY/l/fr_FR/ Frame 9B8C
522 KB
136 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iZPf4/yY/l/fr_FR/hO3BA8a1wP0.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=243265768935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc81b8b167d534%26domain%3Dwww.zdnet.fr%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdnet.fr%252Ff1169665526c704%26relation%3Dparent.parent&container_width=0&height=21&href=https%3A%2F%2Fwww.zdnet.fr%2Factualites%2Fransomware-le-montant-moyen-des-rancons-augmente-39939605.htm&layout=button_count&locale=fr_FR&sdk=joey&size=small&width=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e61daebcc01a269c2e459234c29e1ba75d4a90ed86684277e5fd59e35ea3fddd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:32 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
V2aQyIkLoT+jTLMvULeh0Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
139257
x-fb-rlafr
0
x-fb-debug
TsvWp5JJ50O8aqHIrVSHDdSQ7oCkFt215WQQvh5fIzvHbb8Em24VPor4DMoGlgeXQkkHExOL09O1Y6H1Un0kjw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 02 Apr 2023 03:31:56 GMT
hO3BA8a1wP0.js
static.xx.fbcdn.net/rsrc.php/v3iZPf4/yY/l/fr_FR/ Frame 882A
522 KB
136 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iZPf4/yY/l/fr_FR/hO3BA8a1wP0.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=243265768935&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a209c290bcf3c%26domain%3Dwww.zdnet.fr%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdnet.fr%252Ff1169665526c704%26relation%3Dparent.parent&container_width=0&height=21&href=https%3A%2F%2Fwww.zdnet.fr%2Factualites%2Fransomware-le-montant-moyen-des-rancons-augmente-39939605.htm&layout=button_count&locale=fr_FR&sdk=joey&size=small&width=55
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e61daebcc01a269c2e459234c29e1ba75d4a90ed86684277e5fd59e35ea3fddd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:32 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
V2aQyIkLoT+jTLMvULeh0Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
139257
x-fb-rlafr
0
x-fb-debug
TsvWp5JJ50O8aqHIrVSHDdSQ7oCkFt215WQQvh5fIzvHbb8Em24VPor4DMoGlgeXQkkHExOL09O1Y6H1Un0kjw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 02 Apr 2023 03:31:56 GMT
FollowCompany.js
www.linkedin.com/pages-extensions/
1 KB
2 KB
Script
General
Full URL
https://www.linkedin.com/pages-extensions/FollowCompany.js?version=0.1.159
Requested by
Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js?async=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
content-length
487
x-li-uuid
AAXb1sXbNktlTajZ1/d3ZA==
pragma
no-cache
last-modified
Fri, 01 Feb 1980 00:00:00 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 8210CA84614F4BCC9B54EC5575D59CCC Ref B: VIEEDGE2221 Ref C: 2022-04-04T16:39:32Z
date
Mon, 04 Apr 2022 16:39:31 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store
etag
"9d91727f7fa8073a644f7ce6015a5913420a5f83"
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
accept-ranges
bytes
x-li-proto
http/2
x-li-fabric
prod-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
jot.html
platform.twitter.com/ Frame C853
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
80 B
633 B
Document
General
Full URL
https://platform.twitter.com/jot.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F85) /
Resource Hash
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Accept-Language
fr-FR,fr;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://www.zdnet.fr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
334030
Cache-Control
public, max-age=315360000
Content-Length
80
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Apr 2022 16:39:32 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Thu, 31 Mar 2022 19:50:28 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (pab/6F85)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ

Redirect headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Mon, 04 Apr 2022 16:39:32 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Mon, 04 Apr 2022 16:39:32 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_f
status
302 Found
strict-transport-security
max-age=631138519
x-connection-hash
b3544aa12baaa664d02aad69ace8d315015a311fbd97ebbb6bb915c9fb74b6ea
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
111
x-transaction
be094196fff052d4
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0
FollowCompany
www.linkedin.com/pages-extensions/ Frame 4645
0
0

FollowCompany
www.linkedin.com/pages-extensions/ Frame 1A42
2 KB
1 KB
Document
General
Full URL
https://www.linkedin.com/pages-extensions/FollowCompany?id=3044984&counter=&xdOrigin=https%3A%2F%2Fwww.zdnet.fr&xdChannel=ed6bcd56-e46e-4734-be77-342de2410979&xd_origin_host=https%3A%2F%2Fwww.zdnet.fr
Requested by
Host: platform.linkedin.com
URL: https://platform.linkedin.com/in.js?async=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bd851d85f68b66406d321546f981048a3eba0d93ec08bf78ec70e5bf3b7b4972
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.zdnet.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
799
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; child-src blob: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com www.google-analytics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; report-uri /security/csp?e=p&f=nf
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 16:39:32 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-li-fabric
prod-ltx1
x-li-pop
afd-prod-ltx1-x
x-li-proto
http/2
x-li-uuid
AAXb1sXf7LtJ2wO+7MKpKA==
x-msedge-ref
Ref A: 42D7888FE617404C920E5B8AAEAA227C Ref B: VIEEDGE2221 Ref C: 2022-04-04T16:39:32Z
asef5zpqshk8afqp5ux70c91
static-exp1.licdn.com/sc/h/ Frame 1A42
98 KB
16 KB
Stylesheet
General
Full URL
https://static-exp1.licdn.com/sc/h/asef5zpqshk8afqp5ux70c91
Requested by
Host: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=3044984&counter=&xdOrigin=https%3A%2F%2Fwww.zdnet.fr&xdChannel=ed6bcd56-e46e-4734-be77-342de2410979&xd_origin_host=https%3A%2F%2Fwww.zdnet.fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F46) /
Resource Hash
56e28f949cc2cf14b05eade6932b10d116a5641b1bab1918a5d11c459400200d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:33 GMT
content-encoding
br
content-type
text/css
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
426706
x-cache
HIT
x-cdn-proto
HTTP2
content-length
15873
x-li-uuid
AAXbc2w+A70rdjUDJX1U2Q==
server
ECAcc (paa/6F46)
timing-allow-origin
*
last-modified
Mon, 05 Nov 2012 04:00:51 GMT
x-li-pop
prod-lva1-x
cache-control
max-age=31536000, immutable
vary
Accept-Encoding
x-li-fabric
prod-lva1
access-control-allow-origin
*
access-control-expose-headers
X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-proto
http/1.1
x-li-static-content
1
x-fs-uuid
0005db736c3e03bd2b763503257d54d9
expires
Thu, 30 Mar 2023 18:07:47 GMT
in.js
platform.linkedin.com/xdoor/scripts/ Frame 1A42
507 KB
159 KB
Script
General
Full URL
https://platform.linkedin.com/xdoor/scripts/in.js
Requested by
Host: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=3044984&counter=&xdOrigin=https%3A%2F%2Fwww.zdnet.fr&xdChannel=ed6bcd56-e46e-4734-be77-342de2410979&xd_origin_host=https%3A%2F%2Fwww.zdnet.fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F29) /
Resource Hash
ffba93f3ccf1e4616e82313c8a45d8616056cec83b7331076e8baddf0d8b42b1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:32 GMT
content-encoding
gzip
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
675
x-cache
HIT
x-cdn-proto
HTTP2
content-length
162376
x-li-uuid
AAXb1p2eNvlXTr4BpqhufA==
server
ECAcc (paa/6F29)
last-modified
Mon, 04 Apr 2022 16:28:17 GMT
x-li-pop
prod-lor1-x
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
accept-ranges
bytes
x-li-proto
http/1.1
x-li-fabric
prod-lor1
expires
Mon, 4 Apr 2022 17:28:17 GMT
cwphtfsvdwm4k6n91alllgs6q
static-exp1.licdn.com/sc/h/ Frame 1A42
4 KB
2 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/cwphtfsvdwm4k6n91alllgs6q
Requested by
Host: www.linkedin.com
URL: https://www.linkedin.com/pages-extensions/FollowCompany?id=3044984&counter=&xdOrigin=https%3A%2F%2Fwww.zdnet.fr&xdChannel=ed6bcd56-e46e-4734-be77-342de2410979&xd_origin_host=https%3A%2F%2Fwww.zdnet.fr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F24) /
Resource Hash
e3474d77e56176d1b865553eee382eaeea05dd8ab5c6579d1b2412988c530506

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.linkedin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:39:33 GMT
content-encoding
br
content-type
text/javascript
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
5262011
x-cache
HIT
x-cdn-proto
HTTP2
content-length
1408
x-li-uuid
AAXXDZ2cdgDK3aBOqmHjGQ==
server
ECAcc (paa/6F24)
timing-allow-origin
*
last-modified
Mon, 05 Nov 2012 04:00:51 GMT
x-li-pop
prod-ltx1-x
cache-control
max-age=31536000, immutable
vary
Accept-Encoding
x-li-fabric
prod-ltx1
access-control-allow-origin
*
access-control-expose-headers
X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-proto
http/1.1
x-li-static-content
1
x-fs-uuid
0005d70d9d9c7600cadda04eaa61e319
expires
Thu, 02 Feb 2023 18:59:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.linkedin.com
URL
https://www.linkedin.com/pages-extensions/FollowCompany?id=3044984&counter=&xdOrigin=https%3A%2F%2Fwww.zdnet.fr&xdChannel=ed6bcd56-e46e-4734-be77-342de2410979&xd_origin_host=https%3A%2F%2Fwww.zdnet.fr

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails boolean| gdprAppliesGlobally function| __tcfapi object| didomiOnReady object| dmpData object| unify_dataSlayer function| $ function| jQuery object| html5 object| Modernizr function| yepnope boolean| envDev object| players string| sas_dfpPageId string| sas_formatIds number| sas_pageId string| sas_target object| afAdQueue number| runCallbackRetries function| runCallback number| esiAdsInitNbFiles function| esiAdsInit function| esiAdsloadScript string| cacheBustingId function| EventTracker function| CRMGAPush function| Cmp object| CBSI function| debug object| jQuery1710019401915647379475 object| adblockDetector object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| google_tag_manager object| _taboola string| placement object| Kicksend function| af_getHashParams function| af_getUrlParameter function| af_setUrlParameters function| af_isEmpty function| af_getCookie function| af_setCookie function| af_setSessionCookie function| af_setPermCookie function| af_cleanCookie function| af_guid function| af_bind function| af_push function| af_clone function| af_addEvent function| af_windowSize function| af_findPos object| af_cssUtils function| af_percentInViewport function| af_isInViewport undefined| _isIOS function| af_isIOS function| af_findAncestor object| af_userAgent function| af_isMobile function| af_isTablet function| af_refreshAds function| afAd_removeFromFormatIds function| af_setValueToDatalayer function| af_getValueFromDatalayer function| af_obfuscateLink function| af_obfuscateText function| af_addClickZone function| af_addClickZoneEvent object| Aflog function| AufSession object| AufPrebid object| googletag object| pbjs function| defclass function| extend object| AufAds function| AfStickyCol function| AfSticky function| AufSticky function| af_nativeAd function| af_nativeAdGlobalV2 function| af_nativeAdHomepage object| PubSub object| bowser function| pbjsChunk object| _pbjsGlobals object| invibes object| afSession object| afLogger number| aufAdStartTime object| aufAdtechParams object| afAd object| aufbidjsParams object| aufbidjs object| didomiEventListeners object| __twttrll object| twttr object| __twttr object| FB object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| DidomiSanitizing object| adsbygoogle object| didomiState object| TRC object| _tblConsole undefined| msg object| regeneratorRuntime object| ggeac object| google_js_reporting_queue function| _classCallCheck function| _defineProperties function| _createClass function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| pbstck object| pbstckQ object| Pubstack function| _typeof function| _possibleConstructorReturn function| _assertThisInitialized function| _getPrototypeOf function| _inherits function| _setPrototypeOf undefined| google_measure_js_timing object| Sslac object| IN

9 Cookies

Domain/Path Name / Value
.zdnet.fr/ Name: zdnet_fr%3Aproduction%3Asid
Value: 45c60f3098d1eb1ecfca54a1c9030690
www.zdnet.fr/ Name: af_cntckt
Value: %5B%7B%22Cybers%C3%A9curit%C3%A9%22%3A1%7D%5D
.zdnet.fr/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTdmZjU3MjEtZjBlZS02ZjdkLWIyNGEtMzI0Yjc3MDY5MjE5IiwiY3JlYXRlZCI6IjIwMjItMDQtMDRUMTY6Mzk6MzEuMzk1WiIsInVwZGF0ZWQiOiIyMDIyLTA0LTA0VDE2OjM5OjMxLjM5NVoiLCJ2ZXJzaW9uIjpudWxsfQ==
.linkedin.com/ Name: lang
Value: v=2&lang=fr-fr
.linkedin.com/ Name: bcookie
Value: "v=2&d4850d6a-5566-46b1-8f1e-15af6d11ce1d"
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220404163932bcd3a826-9a7e-4cd5-803e-4d3f905fb886AQHLFIQDp9G6CYIQ6xGyhgG-QkJ_xFfz"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDkwOTAzNzI7MjswMjFFk9fgQhBL3qrspgRUUpHbV5KW0VF4N3rb9F84K0LcHw==
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2266:u=1:x=1:i=1649090372:t=1649176772:v=2:sig=AQGRS51I1Hw7SJX_c41-tRaNRQ3B3PRj"
.www.linkedin.com/ Name: JSESSIONID
Value: ajax:0832469527984301147

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.privacy-center.org
aufeminin-zdnet.cupinteractive.com
boot.pbstck.com
cdn.cupinteractive.com
cdn.pbstck.com
cdn.taboola.com
connect.facebook.net
d1fmx1rbmqrxrr.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
image.ausha.co
intake.pbstck.com
p.typekit.net
platform.linkedin.com
platform.twitter.com
sdk.privacy-center.org
securepubads.g.doubleclick.net
static-exp1.licdn.com
static.afcdn.com
static.xx.fbcdn.net
syndication.twitter.com
use.typekit.net
widget.ausha.co
www.facebook.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.zdnet.com
www.zdnet.fr
www.linkedin.com
104.244.42.200
13.224.189.91
13.225.80.19
142.250.186.98
146.185.42.33
151.101.129.44
2600:9000:21f3:a00:c:61a0:4ac0:93a1
2600:9000:21f3:ea00:d:2044:5c40:93a1
2600:9000:224a:2000:5:b7cc:d3c0:93a1
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:233:6a53:4ac1:3bc8:ee4e:5990
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:5d
2606:4700:10::ac43:1997
2620:1ec:22::14
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a02:26f0:3500:7::17d8:4dcb
2a02:26f0:3500:7::17d8:4dcd
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:200::649
2a04:4e42:4c::666
84.17.46.53
002ee65ae795a1986f393955e35b2b0b61fc82de9934285ba24f49cc205e62aa
03a0b944094a8f23ee61644f0f070eb5ec308aa83dbdae7fe1f9387906fab2b6
064fb7e380e06e8590a9ead7bad5a2d6185d2213001f857e732691866b8990e9
072c8fb6640ed1dd582ee5306e700c1ef437e3e5d53ce5385c97f8f22278bb11
0a3e08af4d2b6dc8581ba6f5c8158f6039c832ea3ffb3821c842294d2d0afa84
0c5c5ab22e50f61886bb8b7f66f9d534ec8c4cd5032579cc68b9f7d2155f5d70
0df9deef4800ae1afcc0cfd4b7bd93a20c18b0e73336c8ff7ef96ed7f0138294
11992f506398f0ce551a82f7591c0448de7de4b0a84a1fdef72131fd756710ff
125f7b53d89003c4125749e2d3015e2e7af8dbee8f3c24f834e430ddaec7dead
144d20ece69fff33d50900fed9032ab1996eb4d1353345abfe9f7be4857096c6
14acd54d0e5bad38d1cec8e225512e2a287d4cf728e4e3e4f43d7158359497f8
15e2c89578630ea9461de3f976fde31c625945110db78415d99bf77b90d4ef38
16c8055d02ea9a87d260acb821a4616a540463ac453fd02f8f74f52fb7dc3cdf
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cc7a5a5107d822616f4f8ea14ae8aa0bb61b0a1b2fa435774b7e15bd423641f
1f05405484b223fec29af6fef020ba568376220fa756f95d3b4b680b87a96e64
2040ce46622941a656fd06926eb8c6b9c455243f7a163e8415969b2648af17ee
2120b923dd53f846c75b42ef36f8f31f66b7e496ffeb4de12adeb96156bac77e
218209b8146e19b61fa10507e20f7230b327ad1168b07bb21d207090df2380fd
2585edbf5a835e516889cf9e44c744cb48c09db55f17121297c2d6229e5e9516
25c18ac67b63e1ffd4ef45f2843c9bc916229bd950414ab315f9d242395200a8
261cf8e55383415eceda39a856866ffd0b64fbb1a5be243e48b097c475ac7128
26b9a37e02e9c1ca41bb08f40ff4481c1c96799a8bde301303ab91632b3202eb
275fb4a7bdeab3c59caff1c0ea88bf1adc9f4cfc377a9bec7b28517d13e2fd37
2b832fc6f2eb0422aec9d94364c82e13675895b703ac976ec43a8528af8f53f7
30a47886883ee878489813c7d56e47d47f93064e672fa32487e212366996d73c
32ee07d3e03cb425623d6da6f6eb30bc2da1e42fc8f656a6425cff093741b015
331543e5c2598fde744040adf1794cd31dbbdcdaab762d48b120d8a644a7c95a
337c700d6936b2d29dfd1a823cf25554b981428a1d600a57f774c39b83de3abc
339715a96321a36dcca2e864700297b30f5f0a29f0028f4773977b4b3c9c63c5
36f7b921acbbb900f42caf61c058df0d20bb172acae50e69f9f90b90f27bc387
3e726f7a02c86c482f839b00f417db7a4080ba8628927e84b4731a4c455af22f
475cb8beeb2ef890b1f917a22fdf8f4b036cf5696a76cf2e167da7548181ec86
4f47a3117706c6402b92ae4f26852792ca4a5143a68f7dda4368b9afd3e6025a
5054a54db3ef08ce6320ae9a8d59ca6e4d6f0c66b5cd92a03caccf9d0448040a
5256784b155e375ab5df726a7b4482c746a4e68442f952ed956353ee90b0da59
53b0da82a6ba44e4ca5e7531d5e1c17e6e96ab95408a799d93fb8dbb48a12ad0
544d0c7beb963c9d6e23db102eed01d55a1cd0824fc3d94e0829118666acc69b
5485410c1824e6b9b04f823a98372b3efa8bf8b61e39d4a9fc501264e73af121
56e28f949cc2cf14b05eade6932b10d116a5641b1bab1918a5d11c459400200d
57e512f49d41c97524eeaea461d0be199e04919baf14bef5c4b5ed1370de9d5c
59b347e6bc211a76d6643c2a2b306d76cf75b64c9e12def2de07c1cc10cbf82b
5bd46a2f7ba43368675b26b975cbf2e07c20026ac62a657087faae7e142229a9
612860b706dfdb09cf794fa6dc80387c335cfcf9109a74775be272eb00d1115f
62f2f3e642ef54a52909525af5a51cec84a1543d3899bee8d169095c2bc73287
6372db370b1ccea2ef4a780846825fafd36dfe8d7229172eb0cd466e912a9011
640ab8ed5a3dad3f300a67182a54aae219714fd69363d05171a0cf4f3c691920
64ca07269a30c9f879a227b5a84e57d7a96bc7faa2f14d9e23d11fc61b078500
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
69327c9d10deab2c57583278487da61f591049c1017d37e256f552f4c80194d1
6d011ad422c46a00b8c71c1b6a335bd0328822571be04ef74e69a678dcfb6c85
70b55a548e327da5080b258788e15d0141881076b566bf78a6ba822b7cef0393
7401a0f2c75f73821d31d115c83ce950ed14421ef9fe9eee9ee9666228fc0e3f
7712ea4fa045ae61e81848941491523b380696162a1c5d6a830dd02c5825d638
807179253049c03d62c29b05a8e3565f48d867ed411bb05ecedacae8455855c9
83c5de5e91361187a1d28ecfc0e220e28305da428ca0ee3f0ae1f46a5e37d861
857922ea5cd073cde884eb387009fd8ce4afa615c04000fcdc658f77af8226a5
867428200b8be4bcc0e1cfabb00c0655173877ec4db0da1ae94994b14eb6e1c4
869ea07282b2a05406025a4953581a35442e011253faa88b6a6d89cb159672eb
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8db980d4051813f15c254961f906f82c8c6f504a474bb8c1f231699500d8fde5
8ef0c3ce30ca5afb475a5bcfcb8206a6187a9ab2d30b94b72b9ad5d76604c7b3
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
90c78fab00c6d59edc15458ee39e30807dcb273937f0e4e92e936f279ab48feb
968a2c5847985338d6e7958dd027edf8ab2532017dd965da1f138fd0e4ad8fb9
9a34d314a360600ba41c7948f4cb0a8ee927912e338e94e419d434e24bdb12b0
9d5dd2d063697d318abb4a5d99d8bc4f1c0f7685ccfa97043e0e5a540452edf7
a0641c825bde216ce776e7c75be98eb46be6c50581ffefe56c93f0d4664a8295
a5765d3c40c025f57e1c9230566613e79dffac37f492f11771a5be771f8b496d
a5e63909a00e4e33e59fbb3d0127db4f0dcd53b4fc7c2d94876b2b0434dc93d7
a6eb52642f67703edf31ddcc6dcb7f25eacb7518d756fb7408992f1f6624073c
a8d13c147d1533917d0768126bff5d28ac78613da10cfb60bd6469456a7a9cbb
b0fc13a4c61f42edc3bf146e9209f90e3af9606cc5f6eb1e246e81db0ac6ad09
b16b8df9b270a40c2a6dc597f3b26053c129a5e6ab27afa66d9dbf195aba60ba
b5e2a04c9b2f56add70dccd216791675454695966bee0fe86f48d48d3ee02fa2
bcb063e3fd44eb2451d6c84f5bb5669f79e2c5e578d9ade3f3e9db2f9abc2b21
bd851d85f68b66406d321546f981048a3eba0d93ec08bf78ec70e5bf3b7b4972
bde2856e2b2e0915311761a32b5d03582ef45912aaa7706baca91846c73f3486
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c35f5cd45eec285d5008e18c0eebb2158c74dbe73b4d92ced06e22b21d08b818
c514f0bf1b0bfc87ccafa74abb2ac8489ba9e62bbc2b2c7a4a42a3408a03afde
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c76ebbf1355e3d20e870fa272f296f2022d61aeb5a770c47017275346df866ac
c80e37d48cc13c3e562415f83f6abe598f443a7b649df445c61ce60880f624f3
c8b6d1ad6ba5f74457aef4be4ac339e0ff92f4be51efcaab0fc4908692e2f826
ca6306b9a7596779af02f9b097a9bd36837022f84f1e95c5b2f790c8e1c02fa0
cb2cfa5643974784914b41f906ed76ee4a8a60de8905d33a2010c80eaaf8721e
ce17275e787a6ed481e644ca2858c8f447db172a8066cee36927df58cb95668e
ceb6cc726bf245411d759fd943fb3538a63d1e5dd387371211f8ff398216a029
cf6c73d88d239866e761ed1fc01a103d112a9be0e10719a07eb7afc04e329aaa
d02246e37ff54502748d6a20a0562443952c82afcf15b248ebec1aa4e44737b9
d44f7f587251c7a69704ce10dbc9fa68986f16f58e968c19aa8cddbaf1392172
d5f074c9a727c8725a45d10debe8c31b06cb68373ff9f4925e58c87c75b331da
d7bd2a2f4fc2cb1e0ccf80bd8a90aa593b6c48bc54555b1c3719a44d573ef3f6
d87419b7136c5046ae019b9156517d6b461bd99078518fe7001c8102cec24871
d910f74e196a2c4658ec26cefc3903036a098cc827fe9b58cebbee96f190022c
da7ae7eec9c1f857161ad9356669f90a20a3e1bd18c8124b53cc2e367e04780b
db87c20ae5154f50fc4672bd4072557ef0c32396c7492a1da3f51aebf215d43d
dbdd9483c8695d06e336c48189c58d558cf4917b8cd25e967f00a1d47b3bf841
e0dfd1ea257f486eb30aff0625d98822956fca16506cacea388059bffcf0c89b
e23d83cfea64a51f538c71b3312517d2b1ef7afaf9ffb11d92b53b06e0ef80b2
e3474d77e56176d1b865553eee382eaeea05dd8ab5c6579d1b2412988c530506
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4dfb1340185f167231ac02f6cc72cd6f703f50d33e1936d88ac71b190f59540
e61daebcc01a269c2e459234c29e1ba75d4a90ed86684277e5fd59e35ea3fddd
e808c6bdf214c8f45c13511ea01c38d7ff9d70ffa8f1039c92d1f5839e045268
e95a7a3af64cc1d0740fbe69ee3067d7c47e22f82c754e2e1743feadcd8eeb00
ea2db7b74eb4356946052dc274848f1b8e9a47dbdf1f66ab3c67ef91cd76b75b
eba1d000c5370f9b4378005ecd4f0ac6841d2e7ef833010b85f8348c500700df
ed5fd48b8a3fbd101370141db8de92408a3f6cce03c8b5c3a9c429a88d44a680
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee7630e35f5ad9cb3bb7ccb08194b61423a1517747cc938eda392f9819c6a8e1
f0391c3720082310f666cf889c92b480e30befb563f7127764182609f2230dea
f164bdbacb350dc889373e5069cd4edc2ba84bb7c7f1f40537679016012231c2
f25ac4ac5e72689fda03cb5a2c9787b74a85a75b5b7477d9615adea11fb4588d
f2ff3cfaa9ea0fe4a66e4eb5eb664e3e39ddfc5850fa7f82e63329305660519c
f751c64a1a1f398769c834dbaed024e367ffff27ddbd1f8ea2a68f0bfcd98bae
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
fabc5fc020d9072023449a3679f0200dc9783e54e22856eacb14459101a0600a
fe91745890f69b5bb0bed30da28871305352f6de188efdade64818b7f3a0e797
fec59a477c5e4ab7503acd8a5ff4d9696407509b543aac12040e6509b7424276
ffba93f3ccf1e4616e82313c8a45d8616056cec83b7331076e8baddf0d8b42b1