bhcvhhu.cakeitup.org Open in urlscan Pro
217.8.117.39  Public Scan

27 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://blog.leavesofmagic.com/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Page URL
2. https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set / Show response blog.leavesofmagic.com/m/	380 B 1 KB	255ms 241ms	Document text/html	2606:4700:3031::681b:9e8b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://blog.leavesofmagic.com/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol HTTP/1.1 Server 2606:4700:3031::681b:9e8b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86dba16f499c9fcfb896da84087f8f6ebe3edc66715a436f67af91cefa2de8b2 Request headers Host blog.leavesofmagic.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 19 Nov 2020 08:46:17 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d40100958d34b6b86c64f34e21f067c011605775577; expires=Sat, 19-Dec-20 08:46:17 GMT; path=/; domain=.leavesofmagic.com; HttpOnly; SameSite=Lax Vary Accept-Encoding,User-Agent CF-Cache-Status DYNAMIC cf-request-id 068147e952000005b760050000000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lDMkz8SQV9O9Erwk8JvbezdEmmJ8y4vbI25UDiMzKuIJaZLwLacoEJeo25vUhIEFzW9GT4M6r63N89wIpA5fg8bmn89igohkWUaLHs30I2QkQh7WTiLebvO1Wm0DW4z1EDEC"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 5f48a8eee81305b7-FRA Content-Encoding gzip
GET H2	200	rocket-loader.min.js Show response ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/	12 KB 5 KB	28ms 10ms	Script application/javascript	2606:4700::6810:a723 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Requested by Host: blog.leavesofmagic.com URL: http://blog.leavesofmagic.com/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://blog.leavesofmagic.com/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 08:46:17 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to":"cf-nel","max_age":604800} vary Accept-Encoding cf-request-id 068147ea5c000005ccbb99b000000001 last-modified Tue, 17 Nov 2020 09:22:06 GMT server cloudflare x-frame-options DENY etag W/"5fb3963e-3016" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1Iv6hEzNwIP6TTGUaXm32hNapmvSzpZihEe5dxYCJUbD1f53t84pmNk%2BsrooXNbDNJdkPrMk5Nu6vTQCeJccvxPEw3megOuxW4zSDxNa3mMa9ndL21%2Byq3JhCd2YNO3i"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public cf-ray 5f48a8f09d7b05cc-FRA expires Sat, 21 Nov 2020 08:46:17 GMT
GET H/1.1	200 OK	Primary Request / Show response bhcvhhu.cakeitup.org/m/	51 KB 52 KB	585ms 141ms	Document text/html	217.8.117.39 CREXFEXPEX-RUSSIA2
General Check archive.org Show headers Download Go to Full URL https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Requested by Host: blog.leavesofmagic.com URL: http://blog.leavesofmagic.com/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 217.8.117.39 , Russian Federation, ASN47510 (CREXFEXPEX-RUSSIA2, RU), Reverse DNS Software nginx / Resource Hash 806ceff5022cd49c52d7c159bfba6d74c14f411d338b61623b5f8741858c7d44 Request headers Host bhcvhhu.cakeitup.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer http://blog.leavesofmagic.com/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://blog.leavesofmagic.com/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Response headers Content-Type text/html; charset=UTF-8 Date Thu, 19 Nov 2020 08:46:18 GMT Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	eyJ1IjoiNjZlYTJlNmQ4MjI5YzQwYWZkMmVkNmZiMGZmYzVmYmQiLCJnIjoiMTAwNDA2In0= redir.ownpage.fr/mail/6fcbf17a98be422f/	43 B 834 B	234ms 41ms	Image image/gif	54.228.207.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://redir.ownpage.fr/mail/6fcbf17a98be422f/eyJ1IjoiNjZlYTJlNmQ4MjI5YzQwYWZkMmVkNmZiMGZmYzVmYmQiLCJnIjoiMTAwNDA2In0= Requested by Host: bhcvhhu.cakeitup.org URL: https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.228.207.22 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-207-22.eu-west-1.compute.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Encoding gzip X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none Content-Transfer-Encoding binary Content-Disposition attachment; filename="mail.gif"; filename*=UTF-8''mail.gif Connection keep-alive Content-Length 62 X-XSS-Protection 1; mode=block X-Request-Id 8a25404d-2381-4d4e-833c-4718bfe5caac X-Runtime 0.002158 Referrer-Policy strict-origin-when-cross-origin X-Frame-Options SAMEORIGIN X-Download-Options noopen Vary Origin,Accept-Encoding Content-Type image/gif Pragma no-cache Cache-Control no-cache, no-store, post-check=0, pre-check=0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	logo-nl2.png assets.ownpage.fr/marianne/	32 KB 32 KB	192ms 86ms	Image image/png	54.192.229.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ownpage.fr/marianne/logo-nl2.png Requested by Host: bhcvhhu.cakeitup.org URL: https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.192.229.74 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-229-74.waw50.r.cloudfront.net Software AmazonS3 / Resource Hash 3c5c27fcf9a235e011a189475f559b915dd7e023dce1b985dc3b28320f7e7958 Request headers Referer https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 19 Nov 2020 08:42:37 GMT Via 1.1 8a90372b0bc378a280335b1e5010d8c4.cloudfront.net (CloudFront) Last-Modified Tue, 19 Dec 2017 15:38:04 GMT Server AmazonS3 Age 221 ETag "eb539a89061c354ff7f9dc5202eca803" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive X-Amz-Cf-Pop WAW50-C1 Accept-Ranges bytes Content-Length 32702 X-Amz-Cf-Id BIWUXpU1fk_ow4E-8aPp7Rw3NbKJs_cFVAY-UYhrywNFP2HTkYRx0Q==
GET H2	200	plan-relance-marianne.jpg media.marianne.net/sites/default/files/	67 KB 67 KB	137ms 41ms	Image image/jpeg	54.38.10.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://media.marianne.net/sites/default/files/plan-relance-marianne.jpg Requested by Host: bhcvhhu.cakeitup.org URL: https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.10.213 , France, ASN16276 (OVH, FR), Reverse DNS marianne.net Software TW / Resource Hash 22e3303451da8b214b270a9362dad189b2f5cbcc86caf2e94372e261c03599b9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 08:46:18 GMT x-content-type-options nosniff last-modified Thu, 23 Jul 2020 14:24:58 GMT server TW access-control-allow-methods GET, POST, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 68267 expires Thu, 03 Dec 2020 08:46:18 GMT
GET H/1.1	200 OK	56fd3742600f63f7.jpeg assets.ownpage.fr/marianne/image/	276 KB 261 KB	199ms 99ms	Image image/jpeg	54.192.229.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ownpage.fr/marianne/image/56fd3742600f63f7.jpeg Requested by Host: bhcvhhu.cakeitup.org URL: https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.192.229.74 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-229-74.waw50.r.cloudfront.net Software AmazonS3 / Resource Hash 0c761015de271d7af4c74f1c4b8cc43200776fda6d88220833f0087c82a4c5c4 Request headers Referer https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 19 Nov 2020 08:45:34 GMT Content-Encoding gzip Last-Modified Thu, 16 Jul 2020 15:16:34 GMT Server AmazonS3 Age 45 ETag "1d5e9d4bf336b81427b96641d9418601" X-Cache Hit from cloudfront Content-Type image/jpeg Via 1.1 70d111e01220d4724cfea727fa9dfb91.cloudfront.net (CloudFront) Connection keep-alive X-Amz-Cf-Pop WAW50-C1 Accept-Ranges bytes Content-Length 266784 X-Amz-Cf-Id mZlmN-2HWCAjfi9NzBYfO0zYq6t1HGlbMSfn56F8BIm393fPlUqhkQ==
GET H2	200	castex-technos-marianne.jpg media.marianne.net/sites/default/files/	46 KB 46 KB	134ms 42ms	Image image/jpeg	54.38.10.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://media.marianne.net/sites/default/files/castex-technos-marianne.jpg Requested by Host: bhcvhhu.cakeitup.org URL: https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.10.213 , France, ASN16276 (OVH, FR), Reverse DNS marianne.net Software TW / Resource Hash 4f476baf733b85b39ce7b84ed554db8c5d96f0c21ede3d81c51593491a1439fb Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 08:46:18 GMT x-content-type-options nosniff last-modified Thu, 23 Jul 2020 13:23:30 GMT server TW access-control-allow-methods GET, POST, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 46891 expires Thu, 03 Dec 2020 08:46:18 GMT
GET H/1.1	200 OK	7d925cd294c93845.jpeg assets.ownpage.fr/marianne/image/	441 KB 441 KB	174ms 75ms	Image image/jpeg	54.192.229.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ownpage.fr/marianne/image/7d925cd294c93845.jpeg Requested by Host: bhcvhhu.cakeitup.org URL: https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.192.229.74 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-229-74.waw50.r.cloudfront.net Software AmazonS3 / Resource Hash 33334829a13e702ac93dd4cf56f53a1412d8bd2d1d2bd0b0fca5128458ae2251 Request headers Referer https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 19 Nov 2020 08:45:34 GMT Content-Encoding gzip Last-Modified Fri, 24 Jul 2020 16:04:32 GMT Server AmazonS3 Age 45 ETag "d03b2eb08e9e31ff77e60ce1799dae7b" X-Cache Hit from cloudfront Content-Type image/jpeg Via 1.1 aa9873ca0eff886ad72852b2bde57831.cloudfront.net (CloudFront) Connection keep-alive X-Amz-Cf-Pop WAW50-C1 Accept-Ranges bytes Content-Length 451159 X-Amz-Cf-Id kA9JqkmgvYNMGuAEXbApsEygrAqPusPyJjgi5FCyCRhzLZMxrtWNow==
GET H2	200	famille-enfants-llustration.jpg media.marianne.net/sites/default/files/	472 KB 476 KB	128ms 42ms	Image image/jpeg	54.38.10.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://media.marianne.net/sites/default/files/famille-enfants-llustration.jpg Requested by Host: bhcvhhu.cakeitup.org URL: https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.10.213 , France, ASN16276 (OVH, FR), Reverse DNS marianne.net Software TW / Resource Hash 2d3a259db4fc8ecd3677378cf804076026ac6fb03fde6b0830a97cb88f0c9e9f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 08:46:18 GMT x-content-type-options nosniff last-modified Thu, 23 Jul 2020 14:51:18 GMT server TW access-control-allow-methods GET, POST, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 483736 expires Thu, 03 Dec 2020 08:46:18 GMT
GET H2	200	000_sapa981009890050.jpg media.marianne.net/sites/default/files/	69 KB 70 KB	67ms 42ms	Image image/jpeg	54.38.10.213 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://media.marianne.net/sites/default/files/000_sapa981009890050.jpg Requested by Host: bhcvhhu.cakeitup.org URL: https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.10.213 , France, ASN16276 (OVH, FR), Reverse DNS marianne.net Software TW / Resource Hash d034da3475a17c04d46727e0a8f2d3972e2a42b76c9dbf18bda8cf19700520fe Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 19 Nov 2020 08:46:18 GMT x-content-type-options nosniff last-modified Wed, 22 Jul 2020 14:52:13 GMT server TW access-control-allow-methods GET, POST, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes content-length 70749 expires Thu, 03 Dec 2020 08:46:18 GMT
GET H/1.1	200 OK	0435181c9edd3f51.jpeg assets.ownpage.fr/marianne/image/	44 KB 41 KB	180ms 98ms	Image image/jpeg	54.192.229.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ownpage.fr/marianne/image/0435181c9edd3f51.jpeg Requested by Host: bhcvhhu.cakeitup.org URL: https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.192.229.74 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-229-74.waw50.r.cloudfront.net Software AmazonS3 / Resource Hash 77165a8ddf0148f6acd7bd2fa0201a243a7df9bfd1245c4906b76313bb0467ae Request headers Referer https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 19 Nov 2020 08:43:01 GMT Content-Encoding gzip Last-Modified Tue, 02 Jun 2020 16:58:45 GMT Server AmazonS3 Age 198 ETag "2ff853eeebd711795666cd8cdac2dfe2" X-Cache Hit from cloudfront Content-Type image/jpeg Via 1.1 8a90372b0bc378a280335b1e5010d8c4.cloudfront.net (CloudFront) Connection keep-alive X-Amz-Cf-Pop WAW50-C1 Accept-Ranges bytes Content-Length 41846 X-Amz-Cf-Id 5MVnPWavIZbdLis5WQBbQ6L9fDRO4W4khi14B6uP5z1XbXFfSt_iiw==
GET H/1.1	200 OK	social-facebook.png assets.ownpage.fr/marianne/icons/	1 KB 1 KB	165ms 71ms	Image image/png	54.192.229.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ownpage.fr/marianne/icons/social-facebook.png Requested by Host: bhcvhhu.cakeitup.org URL: https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.192.229.74 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-229-74.waw50.r.cloudfront.net Software AmazonS3 / Resource Hash 67c2a0fbbe4acc716275dbd02ef63d17ed6a47d141b9d421f70aea33c36bede1 Request headers Referer https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 19 Nov 2020 08:42:37 GMT Via 1.1 89b8117bd9270d922b4549a30cd5ce50.cloudfront.net (CloudFront) Last-Modified Tue, 12 Sep 2017 15:32:45 GMT Server AmazonS3 Age 221 ETag "bacbfb64ce267396fc556954bee0df03" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive X-Amz-Cf-Pop WAW50-C1 Accept-Ranges bytes Content-Length 1043 X-Amz-Cf-Id VBQDe_8OQ_653ywjXZBonVd9g8eSAGR4ezMKGbYHcWP6HE-UB4viQA==
GET H/1.1	200 OK	social-twitter.png assets.ownpage.fr/marianne/icons/	1 KB 2 KB	181ms 75ms	Image image/png	54.192.229.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ownpage.fr/marianne/icons/social-twitter.png Requested by Host: bhcvhhu.cakeitup.org URL: https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.192.229.74 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-229-74.waw50.r.cloudfront.net Software AmazonS3 / Resource Hash 37806bffd61910ebff89cb37b6772f5ccad4f18903c2eb099a119014475899b0 Request headers Referer https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 19 Nov 2020 08:46:18 GMT Via 1.1 50004ba6b399efd7e9feb3e04887ccc1.cloudfront.net (CloudFront) Last-Modified Tue, 12 Sep 2017 15:32:45 GMT Server AmazonS3 X-Amz-Cf-Pop WAW50-C1 ETag "0bd83c2fa978daaab93c0d64d95419d7" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1266 X-Amz-Cf-Id vJbVMxzzOWpVzHqwNt0ghaoVyL0PYGMA92u_gQ8Upfso6OohlHjPFQ==
GET H/1.1	200 OK	social-instagram.png assets.ownpage.fr/marianne/icons/	1 KB 2 KB	160ms 100ms	Image image/png	54.192.229.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ownpage.fr/marianne/icons/social-instagram.png Requested by Host: bhcvhhu.cakeitup.org URL: https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.192.229.74 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-229-74.waw50.r.cloudfront.net Software AmazonS3 / Resource Hash b00f44d933d7f128e9fce5d7dd89aa72b8fc79168bdbbf1d6cc41486c84bc34b Request headers Referer https://bhcvhhu.cakeitup.org/m/?1h5ktss0bu7gp4svssxmotive=Gi&Soucis=289b9kpcezzmc8777dgbi User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 19 Nov 2020 08:42:38 GMT Via 1.1 c60880d44880ad913f911851a63aacdf.cloudfront.net (CloudFront) Last-Modified Tue, 12 Sep 2017 15:32:45 GMT Server AmazonS3 Age 221 ETag "4805c4a52853d8384e25f814bed6f33e" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive X-Amz-Cf-Pop WAW50-C1 Accept-Ranges bytes Content-Length 1272 X-Amz-Cf-Id BFbMXozVjWykZzPz_iiDLm1HGb6D-xdeeqQC7JNVo0daLcmETXb8uA==

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
assets.ownpage.fr
bhcvhhu.cakeitup.org
blog.leavesofmagic.com
media.marianne.net
redir.ownpage.fr
217.8.117.39
2606:4700:3031::681b:9e8b
2606:4700::6810:a723
54.192.229.74
54.228.207.22
54.38.10.213
0c761015de271d7af4c74f1c4b8cc43200776fda6d88220833f0087c82a4c5c4
22e3303451da8b214b270a9362dad189b2f5cbcc86caf2e94372e261c03599b9
2d3a259db4fc8ecd3677378cf804076026ac6fb03fde6b0830a97cb88f0c9e9f
33334829a13e702ac93dd4cf56f53a1412d8bd2d1d2bd0b0fca5128458ae2251
37806bffd61910ebff89cb37b6772f5ccad4f18903c2eb099a119014475899b0
3c5c27fcf9a235e011a189475f559b915dd7e023dce1b985dc3b28320f7e7958
4f476baf733b85b39ce7b84ed554db8c5d96f0c21ede3d81c51593491a1439fb
67c2a0fbbe4acc716275dbd02ef63d17ed6a47d141b9d421f70aea33c36bede1
77165a8ddf0148f6acd7bd2fa0201a243a7df9bfd1245c4906b76313bb0467ae
806ceff5022cd49c52d7c159bfba6d74c14f411d338b61623b5f8741858c7d44
86dba16f499c9fcfb896da84087f8f6ebe3edc66715a436f67af91cefa2de8b2
b00f44d933d7f128e9fce5d7dd89aa72b8fc79168bdbbf1d6cc41486c84bc34b
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d034da3475a17c04d46727e0a8f2d3972e2a42b76c9dbf18bda8cf19700520fe