Submitted URL: http://agencyfilesmj.cf/
Effective URL: https://agencyfilesmj.cf/
Submission: On September 14 via api from US

Summary

This website contacted 12 IPs in 6 countries across 14 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3034::681f:4c2b, located in United States and belongs to CLOUDFLARENET, US. The main domain is agencyfilesmj.cf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 22nd 2020. Valid for: a year.
This is the only time agencyfilesmj.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 23.111.9.35 33438 (HIGHWINDS2)
3 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 151.101.112.193 54113 (FASTLY)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 185.46.229.165 199758 (NEXYLAN)
1 184.86.251.145 20940 (AKAMAI-ASN1)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 88.99.134.39 24940 (HETZNER-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 89.44.120.75 5588 (GTSCE GTS...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
17 12
Domain Requested by
3 images.sftcdn.net
3 agencyfilesmj.cf 1 redirects agencyfilesmj.cf
2 cpasbien.tf 1 redirects
2 stackpath.bootstrapcdn.com agencyfilesmj.cf
1 cpasbientorrent.org
1 cpasbientorrent.fr 1 redirects
1 s1.1zoom.me
1 bnetcmsus-a.akamaihd.net
1 www.telechargerjeuxpc.fr
1 www.jetelecharge.com
1 www.youtube.com agencyfilesmj.cf
1 youtube.com 1 redirects
1 code.jquery.com agencyfilesmj.cf
1 i.imgur.com agencyfilesmj.cf
1 use.fontawesome.com agencyfilesmj.cf
17 15
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-22 -
2021-07-22
a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2019-10-28 -
2020-12-23
a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA
2020-01-15 -
2022-03-16
2 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
*.google.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
telechargerjeuxpc.fr
Let's Encrypt Authority X3
2020-08-02 -
2020-10-31
3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1
2020-07-15 -
2021-09-13
a year crt.sh
s4-san.cloudinary.com
Let's Encrypt Authority X3
2020-08-26 -
2020-11-24
3 months crt.sh
s1.1zoom.me
Sectigo RSA Domain Validation Secure Server CA
2019-05-21 -
2021-05-20
2 years crt.sh
cpasbien.tf
cPanel, Inc. Certification Authority
2020-07-19 -
2020-10-17
3 months crt.sh

This page contains 2 frames:

Primary Page: https://agencyfilesmj.cf/
Frame ID: A3B3B82803237829EA7574FDB2DAAFA3
Requests: 16 HTTP requests in this frame

Frame: https://www.youtube.com/embed/zC60SOmpN9w?rel=0
Frame ID: A548A7DD1FC22DB1300D175602654223
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://agencyfilesmj.cf/ HTTP 301
    https://agencyfilesmj.cf/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

100 %
HTTPS

57 %
IPv6

14
Domains

15
Subdomains

12
IPs

6
Countries

1202 kB
Transfer

1451 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://agencyfilesmj.cf/ HTTP 301
    https://agencyfilesmj.cf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://youtube.com/embed/zC60SOmpN9w?rel=0 HTTP 301
  • https://www.youtube.com/embed/zC60SOmpN9w?rel=0
Request Chain 12
  • https://cpasbientorrent.fr/wp-content/uploads/2016/08/1471815426_okladka.png HTTP 301
  • https://cpasbien.tf/wp-content/uploads/2016/08/1471815426_okladka.png HTTP 301
  • https://cpasbien.tf/

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
agencyfilesmj.cf/
Redirect Chain
  • http://agencyfilesmj.cf/
  • https://agencyfilesmj.cf/
16 KB
6 KB
Document
General
Full URL
https://agencyfilesmj.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681f:4c2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13834bb8fb902035d4f13fdf6bc611720e35a468d3a5e2381bfcd814f41cb0d

Request headers

:method
GET
:authority
agencyfilesmj.cf
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d8ec329dd00a0d90b863620e4e53ddb4c1600117881
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 14 Sep 2020 21:11:21 GMT
content-type
text/html; charset=UTF-8
expires
Mon, 21 Sep 2020 21:11:21 GMT
cache-control
max-age=691200
cf-cache-status
MISS
cf-request-id
05300e518d000063cb16326200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5d2d1995a81663cb-FRA
content-encoding
br

Redirect headers

Date
Mon, 14 Sep 2020 21:11:21 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d8ec329dd00a0d90b863620e4e53ddb4c1600117881; expires=Wed, 14-Oct-20 21:11:21 GMT; path=/; domain=.agencyfilesmj.cf; HttpOnly; SameSite=Lax
Location
https://agencyfilesmj.cf/
Expires
Mon, 21 Sep 2020 21:11:21 GMT
Cache-Control
max-age=691200
CF-Cache-Status
MISS
cf-request-id
05300e514d0000d6c5d8264200000001
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5d2d19954c6fd6c5-FRA
all.css
use.fontawesome.com/releases/v5.0.13/css/
40 KB
10 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by
Host: agencyfilesmj.cf
URL: https://agencyfilesmj.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

Origin
https://agencyfilesmj.cf
Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 21:11:21 GMT
content-encoding
gzip
last-modified
Thu, 10 May 2018 15:10:14 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"d61bfe9b56c13ecff5313ee3abb45e8b"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/
138 KB
21 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Requested by
Host: agencyfilesmj.cf
URL: https://agencyfilesmj.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 21:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:10 GMT
status
200
etag
"1544639650"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
21089
jquery.min.js
agencyfilesmj.cf/js/
9 KB
3 KB
Script
General
Full URL
https://agencyfilesmj.cf/js/jquery.min.js
Requested by
Host: agencyfilesmj.cf
URL: https://agencyfilesmj.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681f:4c2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e69b3940e68a85750e4cc5ce73577f27cfcb6fe297f7ccfc29e2cbc6a067f8

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Sep 2020 21:11:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 14 Sep 2020 21:11:22GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=691200
cf-ray
5d2d199939e863cb-FRA
cf-request-id
05300e53c7000063cb16339200000001
expires
Mon, 21 Sep 2020 21:11:22 GMT
G552PV1.gif
i.imgur.com/
16 KB
17 KB
Image
General
Full URL
https://i.imgur.com/G552PV1.gif
Requested by
Host: agencyfilesmj.cf
URL: https://agencyfilesmj.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 21:11:21 GMT
x-content-type-options
nosniff
age
2202907
x-cache
HIT, HIT
status
200
content-length
16770
x-served-by
cache-bwi5136-BWI, cache-hhn4059-HHN
last-modified
Wed, 31 Oct 2018 22:51:12 GMT
server
cat factory 1.0
x-timer
S1600117882.953855,VS0,VE1
etag
"a3e34b4775ae5409b5b84ff56f7676c0"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
jquery-3.3.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: agencyfilesmj.cf
URL: https://agencyfilesmj.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 21:11:21 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2018 17:26:44 GMT
server
nginx
status
200
etag
W/"5a637bd4-1538f"
vary
Accept-Encoding
x-hw
1600117881.dop212.fr8.t,1600117881.cds273.fr8.hc,1600117881.cds057.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/
50 KB
14 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
Requested by
Host: agencyfilesmj.cf
URL: https://agencyfilesmj.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 21:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:53 GMT
status
200
etag
"1544639633"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
14049
zC60SOmpN9w
www.youtube.com/embed/ Frame A548
Redirect Chain
  • https://youtube.com/embed/zC60SOmpN9w?rel=0
  • https://www.youtube.com/embed/zC60SOmpN9w?rel=0
0
0
Document
General
Full URL
https://www.youtube.com/embed/zC60SOmpN9w?rel=0
Requested by
Host: agencyfilesmj.cf
URL: https://agencyfilesmj.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/zC60SOmpN9w?rel=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://agencyfilesmj.cf/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://agencyfilesmj.cf/

Response headers

status
200
cache-control
no-cache
content-length
10813
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-type
text/html; charset=utf-8
date
Mon, 14 Sep 2020 21:11:22 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=5n2piVtXDFk; path=/; domain=.youtube.com; secure; expires=Sat, 13-Mar-2021 21:11:22 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=5n2piVtXDFk; path=/; domain=.youtube.com; secure; expires=Sat, 13-Mar-2021 21:11:22 GMT; httponly; samesite=None YSC=WBV8wX39KtY; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 14-Sep-2020 21:41:22 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
301
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
0
location
https://www.youtube.com/embed/zC60SOmpN9w?rel=0
date
Mon, 14 Sep 2020 21:11:22 GMT
content-type
text/html
server
YouTube Frontend Proxy
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1.jpg
www.jetelecharge.com/ficheimg/6/9099/
34 KB
34 KB
Image
General
Full URL
https://www.jetelecharge.com/ficheimg/6/9099/1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f86e59729113dcf5e947ee542b5c3ee65e808cdeeaa8c39fa1fe39c70e7ba1

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 21:11:22 GMT
cf-cache-status
HIT
age
101784
x-varnish-action
FETCH (deliver - static)
x-cache
uncached
status
200
x-cache-hits
0
content-type
image/jpeg
content-length
34613
cf-request-id
05300e55ed00002c0178848200000001
last-modified
Sun, 23 Apr 2017 19:57:49 GMT
server
cloudflare
x-req-ttl
-1.000
etag
"58fd073d-8735"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
48940084
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5d2d199cab722c01-FRA
cf-bgj
h2pri
starcraft2-1.jpg
www.telechargerjeuxpc.fr/wp-content/uploads/2016/02/
521 KB
521 KB
Image
General
Full URL
https://www.telechargerjeuxpc.fr/wp-content/uploads/2016/02/starcraft2-1.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.46.229.165 , France, ASN199758 (NEXYLAN, FR),
Reverse DNS
nc1165.nexylan.net
Software
Apache /
Resource Hash
cd8820072c4fe7983194c22d1c07075b87ee6bc9516b780d59b4ce200a72b09f

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Mon, 14 Sep 2020 21:11:22 GMT
Referrer-Policy
Last-Modified
Sat, 25 Mar 2017 02:17:39 GMT
Server
Apache
ETag
"823fc-54b84b6e28c12"
Vary
Accept-Encoding,User-Agent
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Connection
close
Accept-Ranges
bytes
Content-Length
533500
Expires
Tue, 14 Sep 2021 21:11:22 GMT
O0QL1BQP345T1478741064335.jpg
bnetcmsus-a.akamaihd.net/cms/blog_header/o0/
151 KB
151 KB
Image
General
Full URL
https://bnetcmsus-a.akamaihd.net/cms/blog_header/o0/O0QL1BQP345T1478741064335.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.86.251.145 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-86-251-145.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0a89eda5cb18785a5f66335973e957514b0cce76f615492bd5d0eba5aec72861
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 21:11:23 GMT
last-modified
Thu, 10 Nov 2016 01:24:24 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,h3-Q048=":443"; ma=93600,h3-Q046=":443"; ma=93600,h3-Q043=":443"; ma=93600,quic=":443"; ma=93600; v="50,48,46,43"
content-length
154184
expires
Mon, 21 Sep 2020 21:11:23 GMT
starcraft-ii-edition-decouverte-screenshot.png
images.sftcdn.net/images/t_app-cover-l,f_auto/p/2f50bc94-96d8-11e6-8215-00163ed833e7/3969673736/
128 KB
129 KB
Image
General
Full URL
https://images.sftcdn.net/images/t_app-cover-l,f_auto/p/2f50bc94-96d8-11e6-8215-00163ed833e7/3969673736/starcraft-ii-edition-decouverte-screenshot.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:295::29cc , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Cloudinary /
Resource Hash
fa0e72fe87635a0941765ef77bc6d05fe50e9636a6ed1daf93ab6b860f65fd49
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 21:11:22 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline; filename="3969673736.webp"
server-timing
akam;dur=218;cpu=38;start=2020-09-14T21:11:22.339Z;desc=miss,rtt;dur=4,cloudinary;dur=96;start=2020-09-14T21:11:22.413Z
vary
Accept,User-Agent
content-length
131192
last-modified
Mon, 24 Dec 2018 21:46:37 GMT
server
Cloudinary
etag
"f217261abecfdd2ab2f6ab227350a7a2"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
388056.jpg
s1.1zoom.me/prev2/389/
18 KB
18 KB
Image
General
Full URL
https://s1.1zoom.me/prev2/389/388056.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.134.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.134.99.88.clients.your-server.de
Software
nginx/1.15.12 /
Resource Hash
acd8955f52eeb8ef6aa9da30a58a4377e571f27bbd230fbbaa530fa093092e28

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 21:11:22 GMT
last-modified
Thu, 23 Mar 2017 22:57:20 GMT
server
nginx/1.15.12
etag
"58d452d0-4639"
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
17977
expires
Tue, 14 Sep 2021 21:11:22 GMT
/
cpasbien.tf/
Redirect Chain
  • https://cpasbientorrent.fr/wp-content/uploads/2016/08/1471815426_okladka.png
  • https://cpasbien.tf/wp-content/uploads/2016/08/1471815426_okladka.png
  • https://cpasbien.tf/
0
0
Image
General
Full URL
https://cpasbien.tf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.44.120.75 , Romania, ASN5588 (GTSCE GTS Central Europe / Antel Germany, CZ),
Reverse DNS
mta01.bearcorp.top
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

pragma
public
date
Mon, 14 Sep 2020 21:11:22 GMT
server
nginx
status
301
x-frame-options
ALLOW
content-type
text/html; charset=UTF-8
location
https://cpasbien.tf
cache-control
max-age=5184000
content-length
0
expires
Fri, 13 Nov 2020 21:11:22 GMT
xStarcraft-2016-600x300.jpg.pagespeed.ic.pEaolou1R2.jpg
cpasbientorrent.org/wp-content/uploads/2016/08/
44 KB
45 KB
Image
General
Full URL
https://cpasbientorrent.org/wp-content/uploads/2016/08/xStarcraft-2016-600x300.jpg.pagespeed.ic.pEaolou1R2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6812:3462 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83076e3c349f3316de4dec0d236dcd7f7af5db02bdc1a8321b0612a3f76cab7b

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 21:11:22 GMT
cf-cache-status
MISS
last-modified
Tue, 30 Aug 2016 07:05:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5d2d199cbeeb2be9-FRA
content-length
45406
cf-request-id
05300e55f600002be9178b2200000001
expires
Mon, 21 Sep 2020 21:11:22 GMT
starcraft-2-screenshot.png
images.sftcdn.net/images/t_app-cover-l,f_auto/p/dddf5d66-96d2-11e6-9b73-00163ed833e7/1866604482/
98 KB
98 KB
Image
General
Full URL
https://images.sftcdn.net/images/t_app-cover-l,f_auto/p/dddf5d66-96d2-11e6-9b73-00163ed833e7/1866604482/starcraft-2-screenshot.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:295::29cc , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Cloudinary /
Resource Hash
99f7c1d4486b27fdc3d4b8f0a03af2d4eed63aeea79e16aac0a2dcc4e22f5c4d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 21:11:22 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline; filename="1866604482.webp"
server-timing
akam;dur=291;cpu=47;start=2020-09-14T21:11:22.343Z;desc=miss,rtt;dur=4,cloudinary;dur=161;start=2020-09-14T21:11:22.429Z
vary
Accept,User-Agent
content-length
99976
last-modified
Thu, 22 Nov 2018 16:28:23 GMT
server
Cloudinary
etag
"1e4a1008d3d202023ce1365a6e611b09"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
starcraft-2-screenshot.png
images.sftcdn.net/images/t_app-cover-l,f_auto/p/dddf5d66-96d2-11e6-9b73-00163ed833e7/167725339/
105 KB
106 KB
Image
General
Full URL
https://images.sftcdn.net/images/t_app-cover-l,f_auto/p/dddf5d66-96d2-11e6-9b73-00163ed833e7/167725339/starcraft-2-screenshot.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:295::29cc , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Cloudinary /
Resource Hash
f1ee9d5a7404d374e874d0b6702ce730d0619f28823c7ec2324037ef136cda6c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://agencyfilesmj.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 21:11:22 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline; filename="167725339.webp"
server-timing
akam;dur=233;cpu=38;start=2020-09-14T21:11:22.349Z;desc=miss,rtt;dur=4,cloudinary;dur=111;start=2020-09-14T21:11:22.427Z
vary
Accept,User-Agent
content-length
107564
last-modified
Thu, 22 Nov 2018 16:28:27 GMT
server
Cloudinary
etag
"4a89bb3336b23c8bd6d2fa267c18c273"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes string| q string| t string| s object| YWd string| ref function| $ function| jQuery object| bootstrap

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: WBV8wX39KtY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 5n2piVtXDFk
.agencyfilesmj.cf/ Name: __cfduid
Value: d8ec329dd00a0d90b863620e4e53ddb4c1600117881

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agencyfilesmj.cf
bnetcmsus-a.akamaihd.net
code.jquery.com
cpasbien.tf
cpasbientorrent.fr
cpasbientorrent.org
i.imgur.com
images.sftcdn.net
s1.1zoom.me
stackpath.bootstrapcdn.com
use.fontawesome.com
www.jetelecharge.com
www.telechargerjeuxpc.fr
www.youtube.com
youtube.com
151.101.112.193
184.86.251.145
185.46.229.165
2001:4de0:ac19::1:b:3b
23.111.9.35
2606:4700:20::681a:1b1
2606:4700:3033::6812:3462
2606:4700:3034::681c:1ffd
2606:4700:3034::681f:4c2b
2a00:1450:4001:820::200e
2a00:1450:4001:824::200e
2a02:26f0:6c00:295::29cc
88.99.134.39
89.44.120.75
0a89eda5cb18785a5f66335973e957514b0cce76f615492bd5d0eba5aec72861
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
40f86e59729113dcf5e947ee542b5c3ee65e808cdeeaa8c39fa1fe39c70e7ba1
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
75e69b3940e68a85750e4cc5ce73577f27cfcb6fe297f7ccfc29e2cbc6a067f8
83076e3c349f3316de4dec0d236dcd7f7af5db02bdc1a8321b0612a3f76cab7b
88d99dfa644c8b1739d293400b58dcd2bd155b0fcd3fc3dea13a9f49f09994c5
99f7c1d4486b27fdc3d4b8f0a03af2d4eed63aeea79e16aac0a2dcc4e22f5c4d
acd8955f52eeb8ef6aa9da30a58a4377e571f27bbd230fbbaa530fa093092e28
c13834bb8fb902035d4f13fdf6bc611720e35a468d3a5e2381bfcd814f41cb0d
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
cd8820072c4fe7983194c22d1c07075b87ee6bc9516b780d59b4ce200a72b09f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ee9d5a7404d374e874d0b6702ce730d0619f28823c7ec2324037ef136cda6c
fa0e72fe87635a0941765ef77bc6d05fe50e9636a6ed1daf93ab6b860f65fd49