www.lemondeinformatique.fr Open in urlscan Pro
13.36.118.92 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Submission: On September 21 via api (September 21st 2021, 2:11:28 pm UTC) from US — Scanned from DE

Summary HTTP 62 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 24 domains to perform 62 HTTP transactions. The main IP is 13.36.118.92, located in Paris, France and belongs to AMAZON-02, US. The main domain is www.lemondeinformatique.fr.
TLS certificate: Issued by Gandi Standard SSL CA 2 on December 2nd 2020. Valid for: a year.

This is the only time www.lemondeinformatique.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	13.36.118.92 13.36.118.92	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
7	51.38.196.120 51.38.196.120	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
6	2600:9000:21f... 2600:9000:21f3:7800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.23.33.160 23.23.33.160	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:12b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:9200:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:20e... 2600:9000:20eb:600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.193.104 13.224.193.104	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
62	29

12 13.36.118.92 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com

www.lemondeinformatique.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.38.196.120 (France)

ASN16276 (OVH, FR)
PTR: ip120.ip-51-38-196.eu

images.itnewsinfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21f3:7800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.33.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-33-160.compute-1.amazonaws.com

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:12b7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.by.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:9200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-104.fra2.r.cloudfront.net

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

measurements-api.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	lemondeinformatique.fr www.lemondeinformatique.fr	83 KB
8	consensu.org quantcast.mgr.consensu.org test.quantcast.mgr.consensu.org audit-tcfv2.quantcast.mgr.consensu.org	187 KB
7	itnewsinfo.com images.itnewsinfo.com	336 KB
4	wonderpush.com cdn.by.wonderpush.com measurements-api.wonderpush.com	105 KB
4	google-analytics.com www.google-analytics.com	59 KB
3	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	119 KB
3	googletagmanager.com www.googletagmanager.com	90 KB
2	facebook.com www.facebook.com	405 B
2	linkedin.com 1 redirects px.ads.linkedin.com www.linkedin.com	1 KB
2	yimg.com s.yimg.com	7 KB
2	facebook.net connect.facebook.net	114 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	86 KB
1	google.de www.google.de	569 B
1	google.com www.google.com	569 B
1	t.co t.co	455 B
1	twitter.com analytics.twitter.com	658 B
1	quantcount.com rules.quantcount.com	377 B
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagservices.com www.googletagservices.com	25 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	trackcmp.net trackcmp.net	385 B
1	licdn.com snap.licdn.com	2 KB
1	quantserve.com secure.quantserve.com	9 KB
1	gstatic.com fonts.gstatic.com	27 KB
62	24

	Domain	Requested by
12	www.lemondeinformatique.fr	www.lemondeinformatique.fr ajax.googleapis.com
7	images.itnewsinfo.com	www.lemondeinformatique.fr
6	quantcast.mgr.consensu.org	www.lemondeinformatique.fr quantcast.mgr.consensu.org
4	www.google-analytics.com	www.lemondeinformatique.fr www.google-analytics.com
3	cdn.by.wonderpush.com	www.lemondeinformatique.fr cdn.by.wonderpush.com
3	www.googletagmanager.com	www.lemondeinformatique.fr www.googletagmanager.com
2	www.facebook.com	www.lemondeinformatique.fr
2	s.yimg.com	www.lemondeinformatique.fr s.yimg.com
2	connect.facebook.net	www.lemondeinformatique.fr connect.facebook.net
1	measurements-api.wonderpush.com	cdn.by.wonderpush.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	www.google.de	www.lemondeinformatique.fr
1	www.google.com	www.lemondeinformatique.fr
1	googleads.g.doubleclick.net	www.googleadservices.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	t.co	www.lemondeinformatique.fr
1	analytics.twitter.com	static.ads-twitter.com
1	rules.quantcount.com	secure.quantserve.com
1	www.linkedin.com	www.lemondeinformatique.fr
1	px.ads.linkedin.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	www.googletagservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.lemondeinformatique.fr
1	trackcmp.net	www.lemondeinformatique.fr
1	snap.licdn.com	www.googletagmanager.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	www.lemondeinformatique.fr
1	fonts.googleapis.com	www.lemondeinformatique.fr
62	31

This site contains links to these domains. Also see Links.

Domain
www.cio-online.com
pubads.g.doubleclick.net
www.facebook.com
twitter.com
www.linkedin.com
techcrunch.com
www.itnewsinfo.com
plus.google.com
www.instagram.com
www.distributique.com
www.it-tour.fr
www.france-entreprise-digital.fr

Subject Issuer	Validity	Valid
www.lemondeinformatique.fr Gandi Standard SSL CA 2	`2020-12-02` - `2022-01-02`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.trackcmp.net Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-01` - `2021-09-29`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-10-27`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
by.wonderpush.com R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2021-07-18` - `2022-01-18`	6 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
measurements-api.wonderpush.com GTS CA 1D4	`2021-08-18` - `2021-11-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Frame ID: C5B3A157C44C245CD9C435E99C9EB153
Requests: 61 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AC53D3BC6C9E9C03FEECAF8032E5A239
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Olympus frappé par le ransomware BlackMatter - Le Monde Informatique

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

100 %
HTTPS

70 %
IPv6

24
Domains

31
Subdomains

29
IPs

4
Countries

1267 kB
Transfer

3296 kB
Size

19
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cio-online.com/etudes/

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5786450092&iu=/21821884434/lmi
Title: Hybrid Workplace

Search URL Search Domain Scan URL

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5785079934&iu=/21821884434/lmi
Title: HP Wolf Security

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Search URL Search Domain Scan URL

URL: https://techcrunch.com/2021/09/12/technology-giant-olympus-hit-by-blackmatter-ransomware/
Title: selon

Search URL Search Domain Scan URL

URL: https://www.itnewsinfo.com/
Title: IT News Info

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Le-Monde-Informatique-103373896380515/?ref=sgm

Search URL Search Domain Scan URL

URL: https://twitter.com/MondeInformatiq

Search URL Search Domain Scan URL

URL: https://plus.google.com/103357175701322909730

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/le-monde-informatique?trk=company_name

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lemondeinformatique/

Search URL Search Domain Scan URL

URL: https://www.cio-online.com/

Search URL Search Domain Scan URL

URL: https://www.distributique.com/

Search URL Search Domain Scan URL

URL: https://www.it-tour.fr/

Search URL Search Domain Scan URL

URL: https://www.france-entreprise-digital.fr/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=11474&time=1632233482237&url=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D11474%26time%3D1632233482237%26url%3Dhttps%253A%252F%252Fwww.lemondeinformatique.fr%252Factualites%252Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html%26liSync%3Dtrue

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html Show response
www.lemondeinformatique.fr/actualites/ 65 KB
18 KB 127ms
41ms Document
text/html 13.36.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.118.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: be1f5e1df5d144645b403bdfa59c48392104cfc20a28d526a24d101f5a251bf1

Request headers

:method: GET
:authority: www.lemondeinformatique.fr
:scheme: https
:path: /actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 21 Sep 2021 14:11:21 GMT
content-type: text/html
server: nginx
set-cookie: PHPSESSID=53c79be2803dfddbf7ba49a54e44920a; path=/ idreference=53c79be2803dfddbf7ba49a54e44920a; expires=Sat, 22-Oct-2022 06:41:21 GMT; path=/ box_question_etude=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D; expires=Sun, 20-Mar-2022 14:11:21 GMT; path=/; domain=www.lemondeinformatique.fr
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding,User-Agent

GET
H2 200 css
fonts.googleapis.com/ 4 KB
974 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,600,700

Requested by

Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93f828ab83ad7dd20b33fd2a5821a56ebb4bfcbb3360a199934a14ecc4d37738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 14:11:21 GMT
server: ESF
date: Tue, 21 Sep 2021 14:11:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 14:11:21 GMT

GET
H2 200 normalize-min.css
www.lemondeinformatique.fr/styles/ 2 KB
1 KB 40ms
38ms Stylesheet
text/css 13.36.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lemondeinformatique.fr/styles/normalize-min.css
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.118.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: 2b9dd6f98ec083ab7768ea4d10d7695f8c9016d05d660b576a22542947ac94b7

Request headers

:path: /styles/normalize-min.css
pragma: no-cache
cookie: PHPSESSID=53c79be2803dfddbf7ba49a54e44920a; idreference=53c79be2803dfddbf7ba49a54e44920a; box_question_etude=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.lemondeinformatique.fr
referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:21 GMT
content-encoding: gzip
last-modified: Mon, 28 May 2018 08:43:24 GMT
server: nginx
etag: "80f-56d401c5a7b99-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 914
expires: Tue, 28 Sep 2021 14:11:21 GMT

GET
H2 200 grille-min.css
www.lemondeinformatique.fr/styles/ 9 KB
2 KB 46ms
45ms Stylesheet
text/css 13.36.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lemondeinformatique.fr/styles/grille-min.css
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.118.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: 21a685ffc238ff3f1b8458cc72bf936ae80c3c6f7dd526c085c8370a426f4ae6

Request headers

:path: /styles/grille-min.css
pragma: no-cache
cookie: PHPSESSID=53c79be2803dfddbf7ba49a54e44920a; idreference=53c79be2803dfddbf7ba49a54e44920a; box_question_etude=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.lemondeinformatique.fr
referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:21 GMT
content-encoding: gzip
last-modified: Mon, 28 May 2018 08:43:24 GMT
server: nginx
etag: "25df-56d401c5a7b99-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1744
expires: Tue, 28 Sep 2021 14:11:21 GMT

GET
H2 200 pictos-min.css
www.lemondeinformatique.fr/styles/ 7 KB
2 KB 45ms
43ms Stylesheet
text/css 13.36.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lemondeinformatique.fr/styles/pictos-min.css
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.118.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: 7eec2a5d359ca559cfede424201a005e7690f495c6def15d93b9b916ea9f0184

Request headers

:path: /styles/pictos-min.css
pragma: no-cache
cookie: PHPSESSID=53c79be2803dfddbf7ba49a54e44920a; idreference=53c79be2803dfddbf7ba49a54e44920a; box_question_etude=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.lemondeinformatique.fr
referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:21 GMT
content-encoding: gzip
last-modified: Mon, 28 May 2018 08:43:24 GMT
server: nginx
etag: "1b1c-56d401c5a7b99-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1646
expires: Tue, 28 Sep 2021 14:11:21 GMT

GET
H2 200 template.css
www.lemondeinformatique.fr/styles/ 113 KB
23 KB 50ms
49ms Stylesheet
text/css 13.36.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lemondeinformatique.fr/styles/template.css?v=9
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.118.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: 28e5c4da1714484c674e7dd1be4c79c0081db6e9a81b92492042e84dc0d05a73

Request headers

:path: /styles/template.css?v=9
pragma: no-cache
cookie: PHPSESSID=53c79be2803dfddbf7ba49a54e44920a; idreference=53c79be2803dfddbf7ba49a54e44920a; box_question_etude=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.lemondeinformatique.fr
referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:21 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 22:54:02 GMT
server: nginx
etag: "1c330-5c1b12fff2122-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 22889
expires: Tue, 28 Sep 2021 14:11:21 GMT

GET
H2 200 template-lg.css
www.lemondeinformatique.fr/styles/ 6 KB
2 KB 47ms
46ms Stylesheet
text/css 13.36.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lemondeinformatique.fr/styles/template-lg.css
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.118.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ffc21ee8d42b60799af1b88f77a6fbb1e0ab6457bd6253e8e66ed1767a21505

Request headers

:path: /styles/template-lg.css
pragma: no-cache
cookie: PHPSESSID=53c79be2803dfddbf7ba49a54e44920a; idreference=53c79be2803dfddbf7ba49a54e44920a; box_question_etude=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.lemondeinformatique.fr
referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:21 GMT
content-encoding: gzip
last-modified: Mon, 28 May 2018 08:43:24 GMT
server: nginx
etag: "17b7-56d401c5a7b99-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1510
expires: Tue, 28 Sep 2021 14:11:21 GMT

GET
H2 200 template-xl.css
www.lemondeinformatique.fr/styles/ 1 KB
719 B 48ms
47ms Stylesheet
text/css 13.36.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lemondeinformatique.fr/styles/template-xl.css
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.118.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: a01547e93da2fe87a6a15f4a1bd5a0d1b42bbca927ba95893a3015b9b725653f

Request headers

:path: /styles/template-xl.css
pragma: no-cache
cookie: PHPSESSID=53c79be2803dfddbf7ba49a54e44920a; idreference=53c79be2803dfddbf7ba49a54e44920a; box_question_etude=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.lemondeinformatique.fr
referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:21 GMT
content-encoding: gzip
last-modified: Mon, 28 May 2018 08:43:24 GMT
server: nginx
etag: "5aa-56d401c5a7b99-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 472
expires: Tue, 28 Sep 2021 14:11:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
85 KB 73ms
16ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 10:52:13 GMT
x-content-type-options: nosniff
age: 271148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86351
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Sep 2022 10:52:13 GMT

GET
H/1.1 200
OK 000000080676.jpg
images.itnewsinfo.com/lmi/dossiers/grande/ 67 KB
67 KB 87ms
14ms Image
image/jpeg 51.38.196.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.itnewsinfo.com/lmi/dossiers/grande/000000080676.jpg
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.196.120 , France, ASN16276 (OVH, FR),
Reverse DNS: ip120.ip-51-38-196.eu
Software: Apache /
Resource Hash: 9787e1b8baed69d4204cc393127a7df8a4990e7bffcb461b4c28b24b0c000733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 14:11:22 GMT
Last-Modified: Tue, 31 Aug 2021 08:55:37 GMT
Server: Apache
ETag: "10b49-5cad71d0b11e0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 68425
Expires: Thu, 21 Oct 2021 14:11:22 GMT

GET
H/1.1 200
OK 000000080906.jpg
images.itnewsinfo.com/lmi/articles/grande/ 51 KB
52 KB 73ms
14ms Image
image/jpeg 51.38.196.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.itnewsinfo.com/lmi/articles/grande/000000080906.jpg
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.196.120 , France, ASN16276 (OVH, FR),
Reverse DNS: ip120.ip-51-38-196.eu
Software: Apache /
Resource Hash: 8c8f912489d42ad9487a50c2a10718731962defb895b1237ba7bf9616e9d5f37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 14:11:22 GMT
Last-Modified: Mon, 13 Sep 2021 08:20:11 GMT
Server: Apache
ETag: "cd90-5cbdc2239a4c0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 52624
Expires: Thu, 21 Oct 2021 14:11:22 GMT

GET
H/1.1 200
OK 000000006958.jpg
images.itnewsinfo.com/idg/auteur/moyen/ 3 KB
4 KB 73ms
14ms Image
image/jpeg 51.38.196.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.itnewsinfo.com/idg/auteur/moyen/000000006958.jpg
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.196.120 , France, ASN16276 (OVH, FR),
Reverse DNS: ip120.ip-51-38-196.eu
Software: Apache /
Resource Hash: 3dbfaa777cb72a540b41a893deba0d3fa1ad6ec03065c400ae06587a7ebcc38d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 14:11:22 GMT
Last-Modified: Wed, 22 Apr 2015 12:35:26 GMT
Server: Apache
ETag: "cfc-5144f65c5ff80"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 3324
Expires: Thu, 21 Oct 2021 14:11:22 GMT

GET
H2 200 unveil.js Show response
www.lemondeinformatique.fr/javascript/ 590 B
615 B 39ms
39ms Script
application/javascript 13.36.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lemondeinformatique.fr/javascript/unveil.js
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.118.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: a4faf82b58ff7c902e83dc051b40c0d4e849bc68706b5a337ed575ebc1eeedb0

Request headers

:path: /javascript/unveil.js
pragma: no-cache
cookie: PHPSESSID=53c79be2803dfddbf7ba49a54e44920a; idreference=53c79be2803dfddbf7ba49a54e44920a; box_question_etude=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.lemondeinformatique.fr
referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:21 GMT
content-encoding: gzip
last-modified: Mon, 28 May 2018 08:43:23 GMT
server: nginx
etag: "24e-56d401c500bc7-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 359
expires: Tue, 28 Sep 2021 14:11:21 GMT

GET
H2 200 template-print.css
www.lemondeinformatique.fr/styles/ 1 KB
676 B 40ms
40ms Stylesheet
text/css 13.36.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lemondeinformatique.fr/styles/template-print.css
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.118.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: bf04985e05e20fbe34e5dd9378278c68c83f33d9661b09c6cac9de7d73772fd6

Request headers

:path: /styles/template-print.css
pragma: no-cache
cookie: PHPSESSID=53c79be2803dfddbf7ba49a54e44920a; idreference=53c79be2803dfddbf7ba49a54e44920a; box_question_etude=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.lemondeinformatique.fr
referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
last-modified: Mon, 28 May 2018 08:43:24 GMT
server: nginx
etag: "5f0-56d401c5a7b99-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 429
expires: Tue, 28 Sep 2021 14:11:22 GMT

GET
H2 200 adtech.php Show response
www.lemondeinformatique.fr/tracking/ 87 B
318 B 87ms
87ms XHR
text/html 13.36.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lemondeinformatique.fr/tracking/adtech.php?id=UNKNOW&ip=3257166868
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.118.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c53e225f252c97548183e1c4ac6eb2825b664200da4f11fb86cbc69237fa46

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: PHPSESSID=53c79be2803dfddbf7ba49a54e44920a; idreference=53c79be2803dfddbf7ba49a54e44920a; box_question_etude=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D
:path: /tracking/adtech.php?id=UNKNOW&ip=3257166868
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.lemondeinformatique.fr
referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding,User-Agent
content-type: text/html
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 97
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 142 KB
52 KB 65ms
29ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJCQ767

Requested by

Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

242d2eb07c13933ce5042146ca5501e6e291c1789cd94a848aa117ff70f226cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52247
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Sep 2021 14:11:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4762
date: Tue, 21 Sep 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 21 Sep 2021 14:52:00 GMT

GET
H/1.1 200
OK sprite_picto.png
images.itnewsinfo.com/cio/site/ 72 KB
73 KB 64ms
15ms Image
image/png 51.38.196.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.itnewsinfo.com/cio/site/sprite_picto.png
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/styles/template.css?v=9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.196.120 , France, ASN16276 (OVH, FR),
Reverse DNS: ip120.ip-51-38-196.eu
Software: Apache /
Resource Hash: 2d8cc21feebe060fb405f9601a32e5d33cd01357ade8c3a142cdfcfaeb469898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 14:11:22 GMT
Last-Modified: Tue, 12 Jan 2016 16:25:31 GMT
Server: Apache
ETag: "12161-52925808ff4c0"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 74081
Expires: Thu, 21 Oct 2021 14:11:22 GMT

GET
H/1.1 200
OK sprite_logo.png
images.itnewsinfo.com/cio/site/ 88 KB
88 KB 64ms
15ms Image
image/png 51.38.196.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.itnewsinfo.com/cio/site/sprite_logo.png
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/styles/template.css?v=9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.196.120 , France, ASN16276 (OVH, FR),
Reverse DNS: ip120.ip-51-38-196.eu
Software: Apache /
Resource Hash: eac79294eec7b070d0f4f6294ebc0c3ea2864f1cfab44ed5806c8858c1571e1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 14:11:22 GMT
Last-Modified: Wed, 30 Mar 2016 14:00:57 GMT
Server: Apache
ETag: "15e85-52f44932c7840"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 89733
Expires: Thu, 21 Oct 2021 14:11:22 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v7/ 27 KB
27 KB 35ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.lemondeinformatique.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 08:53:13 GMT
x-content-type-options: nosniff
age: 537489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27240
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:06:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 08:53:13 GMT

GET
H/1.1 200
OK sprite_logo-XL.png
images.itnewsinfo.com/lmi/site/ 50 KB
51 KB 57ms
14ms Image
image/png 51.38.196.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.itnewsinfo.com/lmi/site/sprite_logo-XL.png
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/styles/template.css?v=9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.196.120 , France, ASN16276 (OVH, FR),
Reverse DNS: ip120.ip-51-38-196.eu
Software: Apache /
Resource Hash: 1f3fad5030e4f4259713b500da6db34b6101abb4e383251df525710149b42119

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 14:11:22 GMT
Last-Modified: Thu, 12 Jan 2017 16:06:06 GMT
Server: Apache
ETag: "c8b5-545e7e50ab780"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 51381
Expires: Thu, 21 Oct 2021 14:11:22 GMT

GET
H2 200 fontello.woff
www.lemondeinformatique.fr/polices/ 32 KB
32 KB 40ms
39ms Font
application/font-woff 13.36.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lemondeinformatique.fr/polices/fontello.woff?9724684
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/styles/pictos-min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.118.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: 4c60c3fccfc80b31a1dc1531181114d86ef692887e904e44704aa74f2e3ca661

Request headers

sec-fetch-mode: cors
origin: https://www.lemondeinformatique.fr
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=53c79be2803dfddbf7ba49a54e44920a; idreference=53c79be2803dfddbf7ba49a54e44920a; box_question_etude=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D
:path: /polices/fontello.woff?9724684
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.lemondeinformatique.fr
referer: https://www.lemondeinformatique.fr/styles/pictos-min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.lemondeinformatique.fr/styles/pictos-min.css
Origin: https://www.lemondeinformatique.fr
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
last-modified: Mon, 28 May 2018 08:43:24 GMT
server: nginx
etag: "7fdc-56d401c5a6bf9-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=7200
accept-ranges: bytes
content-length: 32714
expires: Tue, 21 Sep 2021 16:11:22 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/jV8Na_R3FcJaX/www.lemondeinformatique.fr/ 11 KB
3 KB 54ms
16ms Script
application/javascript 2600:9000:21f3:7800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/jV8Na_R3FcJaX/www.lemondeinformatique.fr/choice.js
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ead43c8fcb7c73dd39b4644a5f883eeab9d9f469589372bf52bde2b5be572f64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 02:52:34 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: W/"5d6cfe06d1fd7eb69499c05aadd58d5e"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: PAqJMryUq3ZhcyJ3_wZ4j66S1wX8lEIPg5zp_bsVonnqGCwGLwQSTQ==

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 98 KB
39 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MQJJNLC&cid=1185111617.1632233482

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a704c9a5f3bf1c1f5f87357651aafc190a0f5c89ecd175c944f288a6713303e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39687
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Sep 2021 14:11:22 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 63ms
14ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/jV8Na_R3FcJaX/www.lemondeinformatique.fr/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 28 Sep 2021 14:11:22 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 179 KB
44 KB 10ms
10ms Script
text/javascript 2600:9000:21f3:7800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.lemondeinformatique.fr
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/jV8Na_R3FcJaX/www.lemondeinformatique.fr/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7289837e876c7bbbf1afc71abc4c5383e7f56692abeaa0a72b82e4e721ceba26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:10:58 GMT
content-encoding: br
age: 24
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 02 Sep 2021 17:09:42 GMT
server: AmazonS3
etag: W/"9deb1d626be8c031919272577f54eb7e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Ujqls0cY3l1bzbCM3JhXsASC33kh5L417iSlCGSKMEL4fxJxABTwrQ==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 62ms
14ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJCQ767
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 14:11:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=33080
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 visit Show response
trackcmp.net/ 0
385 B 2940ms
2721ms Script
text/javascript 23.23.33.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/visit?actid=798777371&e=&r=&u=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.33.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-33-160.compute-1.amazonaws.com
Software: Apache/2.4.48 (Amazon) / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:25 GMT
server: Apache/2.4.48 (Amazon)
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type: text/javascript;charset=UTF-8
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: t3du5w93TocVL1p09GXN2ndTxjfh8zp+DiXb/P78w20KH51+7lOU6EfCpxTeN96Hnx3UiPwj/ihjMiWJDZyS/A==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 21 Sep 2021 14:11:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 6 KB
2 KB 65ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 16:20:44 GMT
etag: "934b8997f9fc81b2d0e16fca4cd0b8bb+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra: DE-NW
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 2119
x-served-by: cache-iad-kcgs7200030-IAD, cache-hhn11580-HHN

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 81ms
23ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 21 Sep 2021 13:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1521
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5639
x-amz-id-2: +AxTKpDniNqat4Nsy9pNKRKF2EcK/NVaguCt3Gn56KB6hub5xnypZc2bJfxmgJvz6FK24SdGmHA=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 6CGQD526AN9E2ET4
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-944144139

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJCQ767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1db2f93cc594120c576b697fc6a9856bda784c70a11fbb4cb1d2c9ebe5267d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39015
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Sep 2021 14:11:22 GMT

GET
H2 200 trackService.php Show response
www.lemondeinformatique.fr/tracking/ 0
246 B 41ms
41ms Script
text/html 13.36.118.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lemondeinformatique.fr/tracking/trackService.php?co=53c79be2803dfddbf7ba49a54e44920a&ur=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html&re=&th=Intrusion%2C%20Hacking%20et%20Pare-feu%7CS%C3%A9curit%C3%A9%23Malware%7CS%C3%A9curit%C3%A9
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.36.118.92 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-36-118-92.eu-west-3.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /tracking/trackService.php?co=53c79be2803dfddbf7ba49a54e44920a&ur=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html&re=&th=Intrusion%2C%20Hacking%20et%20Pare-feu%7CS%C3%A9curit%C3%A9%23Malware%7CS%C3%A9curit%C3%A9
pragma: no-cache
cookie: PHPSESSID=53c79be2803dfddbf7ba49a54e44920a; idreference=53c79be2803dfddbf7ba49a54e44920a; box_question_etude=a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D; adcomp=01ae2e552c349bd5608af0f670f8ebc2; _ga=GA1.2.1185111617.1632233482; _gid=GA1.2.1595404031.1632233482; ac_enable_tracking=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.lemondeinformatique.fr
referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding,User-Agent
content-type: text/html
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 25
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 73 KB
25 KB 93ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJCQ767

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d787d4ee6b3b73aae9ea1ce8aeabb759a3038a2ec9e0fae901a958fa5edbd679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "993 / 52 of 1000 / last-modified: 1632222456"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25044
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Sep 2021 14:11:22 GMT

GET
H2 200 wonderpush-loader.min.js Show response
cdn.by.wonderpush.com/sdk/1.1/ 881 B
1 KB 94ms
19ms Script
application/javascript 2606:4700::6812:12b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f96c0cddad39439fa182341a54c8612ca7b7d6c2ca23ee74bf9476478d9ea7db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 27170
x-cache: Hit from cloudfront
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 493
access-control-allow-origin: *
last-modified: Wed, 11 Aug 2021 10:32:55 GMT
server: cloudflare
etag: "7872b069d0115fb1e20d2fd0c876550fed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
cache-control: public,max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6923e1dffd6442fd-FRA
x-amz-cf-id: Nx654D73Y11CpP7jUGuRg7IwVuuZpKVWELuUGb5rJx41M3BlBczmFg==

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 8 KB
3 KB 54ms
8ms XHR
application/json 2600:9000:21f3:9200:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.lemondeinformatique.fr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e471b6efa3a2b682b7057a68f7826651f7c932c91f65542cf31bd162270f2cbf

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.lemondeinformatique.fr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 03:00:38 GMT
content-encoding: gzip
age: 40245
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
access-control-max-age: 86400
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 06 Sep 2021 19:52:29 GMT
server: AmazonS3
etag: W/"47f3f3ad0905922709490823450c6feb"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: AlP0zBEKPJPlZb6yVaUvANOTp9Jly4TY
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA2-C2
content-type: application/json
x-amz-cf-id: aSehkb61bnR45jdWx9_CEJtftZGSK27PiZi6iMLzBLIp1G5How73dg==

GET
H2 200 1138992812809306 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 51ms
50ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1138992812809306?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa83a9ff8e050a07887fd33495e94c067a064cd3e0aa8a7f593c358297c87e11

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: iN/TMWyxBxbZr0/xU3S4R/PMn8qMQ6PUHr6uaxrvViIy7vp7TWiEKRSi5jILHPXP0ZTKlcl0wab45Q0K37ptbg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 21 Sep 2021 14:11:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
190 B 21ms
21ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=391200030&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html&ul=en-us&de=windows-1252&dt=Olympus%20frapp%C3%A9%20par%20le%20ransomware%20BlackMatter%20-%20Le%20Monde%20Informatique&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADQAAAAC~&jid=957667969&gjid=79684450&cid=1185111617.1632233482&tid=UA-16629140-1&_gid=1595404031.1632233482&_r=1&_slc=1&z=1177256724

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lemondeinformatique.fr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 14:11:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lemondeinformatique.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 46ms
24ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-944144139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

c9b2f25f41b7ff545aff01bca8720881b1f87a4a39980d6ce014fa00969d9c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14064
x-xss-protection: 0
server: cafe
etag: 13250159043023796785
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Sep 2021 14:11:22 GMT

GET
H2

429

li_sync
www.linkedin.com/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=11474&time=1632233482237&url=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D11474%26time%3D1632233482237%26url%3Dhttps%253A%252F%252Fwww.lemondeinformatique....

0
288 B

138ms
120ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D11474%26time%3D1632233482237%26url%3Dhttps%253A%252F%252Fwww.lemondeinformatique.fr%252Factualites%252Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html%26liSync%3Dtrue
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 14:11:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B18A043ED6E94D9CB9356BF1BC538463 Ref B: FRAEDGE1408 Ref C: 2021-09-21T14:11:23Z
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
cache-control: no-cache, no-store
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXMgfjzuRm198OACfqVfQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Tue, 21 Sep 2021 14:11:22 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D11474%26time%3D1632233482237%26url%3Dhttps%253A%252F%252Fwww.lemondeinformatique.fr%252Factualites%252Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html%26liSync%3Dtrue
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: PcJDW7TbphbwtdDKDSsAAA==

GET
H2 200 rules-p-jV8Na_R3FcJaX.js Show response
rules.quantcount.com/ 2 B
377 B 50ms
8ms Script
application/javascript 2600:9000:20eb:600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-jV8Na_R3FcJaX.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:48:35 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
server: AmazonS3
age: 1367
x-edge-origin-shield-skipped: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-length: 2
x-amz-cf-id: xW3_QVZG-8EjlVLoWsWX9ufnofqNL5DRty5moA8J1gyQyiWhP7GX9w==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
658 B 216ms
172ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=nw277&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Tue, 21 Sep 2021 14:11:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: cc13de4390dee7f9c207c3b6f79fde6e3a959eed197b7ec613427ba5d12f3e30
x-transaction: 67f97b97a7cf5ed2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
455 B 228ms
192ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=nw277&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Requested by

Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Tue, 21 Sep 2021 14:11:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d22d554a5187e02f9d4a66455433250c98710652bf8cce356177dd35ea13cef7
x-transaction: 0599a309a446f90f
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 287 KB
37 KB 29ms
12ms XHR
application/json 2600:9000:21f3:7800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.lemondeinformatique.fr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7137149c434905bf668231ae60c779cd0943bbf599cfb16e4b7f424725da8d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 03:00:39 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 40244
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 21 Sep 2021 03:00:31 GMT
server: AmazonS3
etag: W/"e84ccd5ab9975e9b0d2c21478b756371"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: bttkTh6DLEn1B_WttrK1yDJughpMiAITNc1YEA2BrfoxtTT31_HE4g==

GET
H2 200 10044798.json Show response
s.yimg.com/wi/config/ 2 B
448 B 62ms
25ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10044798.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 13:50:13 GMT
x-content-type-options: nosniff
age: 1269
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 0PD9SR1H1TTXR9X2
x-amz-id-2: k0vWGtccxbQOQGFMChfIe1QbY1MJ0HtbbQmIEIr/xUEFKcv/nh8YABqB2/BrbMX40BL9FLyGrQE=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
418 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-16629140-1&cid=1185111617.1632233482&jid=957667969&gjid=79684450&_gid=1595404031.1632233482&_u=aGBAAEACQAAAAC~&z=1924564125

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lemondeinformatique.fr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 21 Sep 2021 14:11:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.lemondeinformatique.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wonderpush.min.js Show response
cdn.by.wonderpush.com/sdk/1.1.30.1/ 426 KB
102 KB 19ms
19ms Script
application/javascript 2606:4700::6812:12b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1.30.1/wonderpush.min.js
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9065a47b11277b0113f5122adbaead9f5d0fd314417e04556cdd7ec7a62162f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2464661
x-cache: Hit from cloudfront
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 104139
access-control-allow-origin: *
last-modified: Wed, 11 Aug 2021 10:32:48 GMT
server: cloudflare
etag: "558e03562dd0e6a797f98306e7b40fc0ed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,stale-while-revalidate=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6923e1e02db542fd-FRA
x-amz-cf-id: byjfN6Oz-gHrW2gpzMVS7HWMbVUDMb9SHGAL-Xe18XFfrliiOaZgJg==

GET
H2 200 pubads_impl_2021091504.js Show response
securepubads.g.doubleclick.net/gpt/ 332 KB
117 KB 61ms
16ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091504.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

f42f55dabbb15175140e8f22510310cbeefe9d766975ce806a9d6f8d9444e66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118865
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 18:36:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Sep 2021 14:11:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 24ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1138992812809306&ev=PageView&dl=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html&rl=&if=false&ts=1632233482289&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1632233482288.193852248&it=1632233482202&coo=false&exp=p1&rqm=GET

Requested by

Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 21 Sep 2021 14:11:22 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/944144139/ 3 KB
2 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/944144139/?random=1632233482292&cv=9&fst=1632233482292&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html&tiba=Olympus%20frapp%C3%A9%20par%20le%20ransomware%20BlackMatter%20-%20Le%20Monde%20Informatique&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

868fd320a977d8814af7224807954e0ba311dc214691760cb24cbae70d80801f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1127
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 purposes-FR.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 39 KB
5 KB 8ms
7ms XHR
application/json 2600:9000:21f3:7800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/purposes-FR.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.lemondeinformatique.fr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bbca0bc623f7eda4cdab6a99734a8519c7678e9f1b72af6b692f317a257555b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 03:00:34 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 40249
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 21 Sep 2021 03:00:31 GMT
server: AmazonS3
etag: W/"5282ad58c0c728cc27147c897bc0050a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: sr4vuoSqcm7sYDfjgg9ALlyRF4B5kOEYiqB4z5Mn1meV8KR24xBpGw==

GET
H2 200 cmp2ui-fr.js Show response
quantcast.mgr.consensu.org/tcfv2/34/ 223 KB
57 KB 8ms
8ms Script
text/javascript 2600:9000:21f3:7800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/34/cmp2ui-fr.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.lemondeinformatique.fr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc5eb8675592ffcef2ca927faa08d4fc9a041efc7accd1115a16cec6a3059465

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 05:29:10 GMT
content-encoding: gzip
age: 117733
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 02 Sep 2021 17:09:27 GMT
server: AmazonS3
etag: W/"0ffb9b1afa226b51a9a88b35b75a345d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: WhlQTF_9xEEAA7MoI1a7U42zZLeytfK2c8ru3_pkBQ8UpY0YBUmwHw==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 153 KB
37 KB 8ms
8ms XHR
application/json 2600:9000:21f3:7800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.lemondeinformatique.fr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb2b63b497d71d75f729a77b9a708e3e9079ed04981d8b720abf9192a908c55e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.lemondeinformatique.fr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 03:01:30 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 40193
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 21 Sep 2021 03:01:27 GMT
server: AmazonS3
etag: W/"6411f7c4b8aac8a1ec589472574e423e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: AXScVG6boBuwBz0zTF5_i1U3_ujwzikbjfoIisjeOQlG6pUokSHzyQ==

GET
H2 200 /
www.google.com/pagead/1p-user-list/944144139/ 42 B
569 B 63ms
24ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/944144139/?random=1632233482292&cv=9&fst=1632232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html&tiba=Olympus%20frapp%C3%A9%20par%20le%20ransomware%20BlackMatter%20-%20Le%20Monde%20Informatique&async=1&fmt=3&is_vtc=1&random=379298331&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 14:11:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/944144139/ 42 B
569 B 62ms
26ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/944144139/?random=1632233482292&cv=9&fst=1632232800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html&tiba=Olympus%20frapp%C3%A9%20par%20le%20ransomware%20BlackMatter%20-%20Le%20Monde%20Informatique&async=1&fmt=3&is_vtc=1&random=379298331&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 14:11:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f34f63d1a25fd18f2b4583221674fdb6a5c7cdaebc08613d25076ecbf9f20dc0 Show response
cdn.by.wonderpush.com/config/webkeys/ 2 KB
1 KB 35ms
16ms Fetch
application/json 2606:4700::6812:12b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/config/webkeys/f34f63d1a25fd18f2b4583221674fdb6a5c7cdaebc08613d25076ecbf9f20dc0?_=1632233482333
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.30.1/wonderpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af38c4c7cd31f206f34f85d112cd28be91ffdf5b0240e1e10d4eea2a10f1f1c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:11:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1219
x-cache: Miss from cloudfront
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 749
access-control-allow-origin: *
last-modified: Mon, 22 Mar 2021 08:57:13 GMT
server: cloudflare
etag: "e2d6ee896ce56363409e1f0bb45a663fed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET
content-type: application/json
via: 1.1 1ce2e02518867b6d4fdccf32e95ab8e4.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: MUC51-C1
accept-ranges: bytes
cf-ray: 6923e1e0bd8a4e79-FRA
x-amz-cf-id: zjTjgNeZFpsrRb0Y_9Y1C_0bKC9oLAwbGPKgvzEVdLOt2xq9BLyZZA==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
506 B 45ms
8ms XHR
text/html 13.224.193.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22jV8Na_R3FcJaX%22%2C%22domain%22%3A%22www.lemondeinformatique.fr%22%2C%22publisher%22%3A%22Le%20Monde%20Informatique%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.34%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%220FJOtXMRNxmTinnj%2BW5ocw%22%2C%22clientTimestamp%22%3A1632233482363%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-rhq8kmumcpxiiw7mn8r6%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/34/cmp2ui-fr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-104.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.lemondeinformatique.fr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 06:08:13 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
age: 28990
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
vary: Origin
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: AVb3VzmkO61Q4pGmPxSjNDrIeerQxXTdRME31gYxhC9E7xrS7YnCxg==

GET
H/1.1 200
OK nobell.png
images.itnewsinfo.com/lmi/site/ 2 KB
2 KB 14ms
14ms Image
image/png 51.38.196.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.itnewsinfo.com/lmi/site/nobell.png
Requested by: Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/styles/template.css?v=9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.196.120 , France, ASN16276 (OVH, FR),
Reverse DNS: ip120.ip-51-38-196.eu
Software: Apache /
Resource Hash: a9ca1218573b44b3b38b220aec964d17e5dcea47f7e84f7eeac6757ad178de4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 14:11:22 GMT
Last-Modified: Fri, 30 Mar 2018 13:05:27 GMT
Server: Apache
ETag: "7d7-568a0e4d873c0"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Content-Length: 2007
Expires: Thu, 21 Oct 2021 14:11:22 GMT

POST
H2 202 events Show response
measurements-api.wonderpush.com/v1/ 94 B
279 B 95ms
49ms XHR
application/json 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://measurements-api.wonderpush.com/v1/events
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.30.1/wonderpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: a8d068f91b59300668b7f3711f807dace9dae95b149b805a2cefedbcf76cd03b

Request headers

Referer: https://www.lemondeinformatique.fr/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.lemondeinformatique.fr
x-cloud-trace-context: 63379d47fdd64036aae88a8410975bc7
access-control-allow-credentials: true
server: Google Frontend
date: Tue, 21 Sep 2021 14:11:22 GMT
content-length: 94
content-type: application/json

POST
H2 200 / Show response
www.facebook.com/tr/ Frame AC53 0
92 B 8ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.lemondeinformatique.fr
URL: https://www.lemondeinformatique.fr/actualites/lire-olympus-frappe-par-le-ransomware-blackmatter-84141.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 3553
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.lemondeinformatique.fr
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.lemondeinformatique.fr/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.lemondeinformatique.fr
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.lemondeinformatique.fr
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Tue, 21 Sep 2021 14:11:22 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
129 B 14ms
14ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=391200030&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.lemondeinformatique.fr%2Factualites%2Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html&ul=en-us&de=windows-1252&dt=Olympus%20frapp%C3%A9%20par%20le%20ransomware%20BlackMatter%20-%20Le%20Monde%20Informatique&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AdBlock&ea=Detection&_u=aGBAAEADQAAAAC~&jid=&gjid=&cid=1185111617.1632233482&tid=UA-16629140-1&_gid=1595404031.1632233482&z=1770569349

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 13:59:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 686
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 a
www.googletagmanager.com/ 0
128 B 27ms
27ms Image
image/gif 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-MQJJNLC&cv=4&t=ol&s=h1&h=206&g=86&p=ga&o=4000&l=207&q=240&f=38&e=40&i=22&d=106&c=-38&hc=0&sr=0.050000&ps=0.005665184884307672&cb=1187523665

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.lemondeinformatique.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 14:11:25 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lemondeinformatique.fr/actualites	1969-12-31 23:59:59	Name: _dlt Value: 1
www.lemondeinformatique.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: 53c79be2803dfddbf7ba49a54e44920a
www.lemondeinformatique.fr/	1970-01-20 01:43:05	Name: idreference Value: 53c79be2803dfddbf7ba49a54e44920a
.www.lemondeinformatique.fr/	1970-01-20 01:43:05	Name: box_question_etude Value: a%3A3%3A%7Bs%3A2%3A%22id%22%3Bs%3A4%3A%221046%22%3Bs%3A6%3A%22nombre%22%3Bi%3A1%3Bs%3A7%3A%22attente%22%3Bs%3A10%3A%220000-00-00%22%3B%7D
www.lemondeinformatique.fr/	1970-01-19 21:44:03	Name: adcomp Value: 01ae2e552c349bd5608af0f670f8ebc2
.lemondeinformatique.fr/	1970-01-20 14:55:05	Name: _ga Value: GA1.2.1185111617.1632233482
.lemondeinformatique.fr/	1970-01-19 21:25:19	Name: _gid Value: GA1.2.1595404031.1632233482
www.lemondeinformatique.fr/	1970-01-19 22:07:05	Name: ac_enable_tracking Value: 1
.lemondeinformatique.fr/	1970-01-19 21:23:53	Name: _gat Value: 1
.lemondeinformatique.fr/	1970-01-19 23:33:29	Name: _gcl_au Value: 1.1.787818494.1632233482
.lemondeinformatique.fr/	1970-01-19 23:33:29	Name: _fbp Value: fb.1.1632233482288.193852248
.doubleclick.net/	1970-01-19 21:23:54	Name: test_cookie Value: CheckForPermission
.twitter.com/	1970-01-20 14:55:05	Name: personalization_id Value: "v1_zNR6rVPs+fGYT4h156gQFA=="
.linkedin.com/	1970-01-19 22:07:05	Name: UserMatchHistory Value: AQLYcoBjf1FFcQAAAXwIsmqlzmvu0TQrqcXLC2stHMybRrWij2_ish6Zxva7bmUu_qHHKI3fc49qDw
.linkedin.com/	1970-01-19 22:07:05	Name: AnalyticsSyncHistory Value: AQLHaVP0RIF-5wAAAXwIsmqlrROmtcLr016LHNbEygS9zK6UQi4aDrh7HAH5n7shxejoeseVjYmnABjHbkj0Mw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:55:47	Name: bcookie Value: "v=2&ae6e02ee-1ff5-4acc-8448-45bcc43c073d"
.linkedin.com/	1970-01-19 21:25:19	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2115:u=1:x=1:i=1632233482:t=1632319882:v=2:sig=AQE5AVr9tEfMSkQ983HO1YUDzFxMaJF1"
trackcmp.net/	1970-01-19 22:07:05	Name: cmp798777371 Value: 8603b3471bd101b1196df8e2e04233d7

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 5) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D11474%26time%3D1632233482237%26url%3Dhttps%253A%252F%252Fwww.lemondeinformatique.fr%252Factualites%252Flire-olympus-frappe-par-le-ransomware-blackmatter-84141.html%26liSync%3Dtrue Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
audit-tcfv2.quantcast.mgr.consensu.org
cdn.by.wonderpush.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.itnewsinfo.com
measurements-api.wonderpush.com
px.ads.linkedin.com
quantcast.mgr.consensu.org
rules.quantcount.com
s.yimg.com
secure.quantserve.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
test.quantcast.mgr.consensu.org
trackcmp.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.lemondeinformatique.fr
www.linkedin.com
104.244.42.131
104.244.42.69
13.224.193.104
13.36.118.92
142.250.185.194
142.250.185.226
199.232.136.157
2001:4860:4802:36::15
23.23.33.160
2600:9000:20eb:600:6:44e3:f8c0:93a1
2600:9000:21f3:7800:9:46dc:4700:93a1
2600:9000:21f3:9200:3:a4cd:8380:93a1
2606:4700::6812:12b7
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1288:80:800::7000
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:808::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c04::9d
2a02:26f0:6c00:2b0::25ea
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
51.38.196.120
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f3fad5030e4f4259713b500da6db34b6101abb4e383251df525710149b42119
1ffc21ee8d42b60799af1b88f77a6fbb1e0ab6457bd6253e8e66ed1767a21505
21a685ffc238ff3f1b8458cc72bf936ae80c3c6f7dd526c085c8370a426f4ae6
242d2eb07c13933ce5042146ca5501e6e291c1789cd94a848aa117ff70f226cc
28e5c4da1714484c674e7dd1be4c79c0081db6e9a81b92492042e84dc0d05a73
2b9dd6f98ec083ab7768ea4d10d7695f8c9016d05d660b576a22542947ac94b7
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2d8cc21feebe060fb405f9601a32e5d33cd01357ade8c3a142cdfcfaeb469898
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
3dbfaa777cb72a540b41a893deba0d3fa1ad6ec03065c400ae06587a7ebcc38d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c60c3fccfc80b31a1dc1531181114d86ef692887e904e44704aa74f2e3ca661
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bbca0bc623f7eda4cdab6a99734a8519c7678e9f1b72af6b692f317a257555b
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7289837e876c7bbbf1afc71abc4c5383e7f56692abeaa0a72b82e4e721ceba26
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea
7eec2a5d359ca559cfede424201a005e7690f495c6def15d93b9b916ea9f0184
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
868fd320a977d8814af7224807954e0ba311dc214691760cb24cbae70d80801f
8a704c9a5f3bf1c1f5f87357651aafc190a0f5c89ecd175c944f288a6713303e
8c8f912489d42ad9487a50c2a10718731962defb895b1237ba7bf9616e9d5f37
9065a47b11277b0113f5122adbaead9f5d0fd314417e04556cdd7ec7a62162f3
93f828ab83ad7dd20b33fd2a5821a56ebb4bfcbb3360a199934a14ecc4d37738
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
9787e1b8baed69d4204cc393127a7df8a4990e7bffcb461b4c28b24b0c000733
a01547e93da2fe87a6a15f4a1bd5a0d1b42bbca927ba95893a3015b9b725653f
a4faf82b58ff7c902e83dc051b40c0d4e849bc68706b5a337ed575ebc1eeedb0
a7137149c434905bf668231ae60c779cd0943bbf599cfb16e4b7f424725da8d9
a8d068f91b59300668b7f3711f807dace9dae95b149b805a2cefedbcf76cd03b
a9ca1218573b44b3b38b220aec964d17e5dcea47f7e84f7eeac6757ad178de4d
aa83a9ff8e050a07887fd33495e94c067a064cd3e0aa8a7f593c358297c87e11
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af38c4c7cd31f206f34f85d112cd28be91ffdf5b0240e1e10d4eea2a10f1f1c2
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bb2b63b497d71d75f729a77b9a708e3e9079ed04981d8b720abf9192a908c55e
be1f5e1df5d144645b403bdfa59c48392104cfc20a28d526a24d101f5a251bf1
bf04985e05e20fbe34e5dd9378278c68c83f33d9661b09c6cac9de7d73772fd6
c1db2f93cc594120c576b697fc6a9856bda784c70a11fbb4cb1d2c9ebe5267d4
c9b2f25f41b7ff545aff01bca8720881b1f87a4a39980d6ce014fa00969d9c40
cc5eb8675592ffcef2ca927faa08d4fc9a041efc7accd1115a16cec6a3059465
d787d4ee6b3b73aae9ea1ce8aeabb759a3038a2ec9e0fae901a958fa5edbd679
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e471b6efa3a2b682b7057a68f7826651f7c932c91f65542cf31bd162270f2cbf
eac79294eec7b070d0f4f6294ebc0c3ea2864f1cfab44ed5806c8858c1571e1d
ead43c8fcb7c73dd39b4644a5f883eeab9d9f469589372bf52bde2b5be572f64
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c53e225f252c97548183e1c4ac6eb2825b664200da4f11fb86cbc69237fa46
f42f55dabbb15175140e8f22510310cbeefe9d766975ce806a9d6f8d9444e66f
f96c0cddad39439fa182341a54c8612ca7b7d6c2ca23ee74bf9476478d9ea7db
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb

www.lemondeinformatique.fr Open in urlscan Pro 13.36.118.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

70 %IPv6

24 Domains

31 Subdomains

29 IPs

4 Countries

1267 kBTransfer

3296 kBSize

19 Cookies

17 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.lemondeinformatique.fr Open in urlscan Pro
13.36.118.92 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

70 %
IPv6

24
Domains

31
Subdomains

29
IPs

4
Countries

1267 kB
Transfer

3296 kB
Size

19
Cookies

62 HTTP transactions
0 data transactions