Report - www.cpasbien.zip/recherche/love%20lies

Report Overview

Visited public
2024-04-28 17:07:42
Tags
URL
www.cpasbien.zip/recherche/love%20lies
Finishing URL
www.cpasbien.zip/recherche/love%20lies
IP / ASN
172.67.178.162
#13335 CLOUDFLARENET
Title
love lies - Torrent sur Cpasbien

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-04-28 02:56:57	1.6 kB	147 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-04-27 22:45:16	444 B	17 kB	142.250.74.106
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04 23:39:03	2024-04-28 15:14:25	413 B	87 kB	172.67.180.87
www.cpasbien.zip	unknown	unknown	No data	No data	9.7 kB	300 kB	172.67.178.162
ads2550.bid	unknown	2023-05-10	2023-05-10 16:43:18	2024-04-15 13:25:27	2.0 kB	1.8 kB	199.80.53.161
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27 13:27:45	2024-04-27 10:14:07	415 B	327 B	172.240.108.84
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-04-27 10:14:09	736 B	423 B	192.243.59.13
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-04-27 20:41:05	1.0 kB	172 kB	104.17.25.14
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-04-28 04:49:01	423 B	98 kB	142.250.74.72
specificationfingertip.com	unknown	2024-01-30	2024-01-30 03:43:11	2024-04-18 08:50:02	446 B	29 kB	192.243.59.12
zimages.ws	unknown	2019-12-03	2020-02-11 07:01:56	2024-03-17 23:02:51	4.8 kB	1.1 MB	172.67.138.97
bourrepardale.com	unknown	2024-03-05	2024-03-05 16:01:58	2024-03-06 04:35:58	404 B	1.2 kB	23.109.170.68
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-04-27 19:50:02	433 B	423 B	35.158.46.84

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-28	medium	bourrepardale.com	Sinkholed
2024-04-28	medium	specificationfingertip.com	Sinkholed
2024-04-28	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	capaciousdrewreligion.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-06-22
Pretty URL capaciousdrewreligion.com/advertisers.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-22 03:40 Times Seen5062146 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.cpasbien.zip/themes/default/js/524eba27.js	ScriptElement	37 kB	2023-12-03	2024-08-29
Pretty URL www.cpasbien.zip/themes/default/js/524eba27.js IP 172.67.178.162 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 09:03 Last Seen2024-08-29 18:09 Times Seen255 Hash dd509264e5718497cd67ad65d50a8641 480e2200fd244d68b5f8e1c90c0c6ce61699a7e8 a91b0f105197706c82220fc1485b86fa4be251b09cb6252d6a4c2221a03f86cc Loading...

	specificationfingertip.com/8c/33/72/8c33721f6aa15cc0a61420f50575e334.js	ScriptElement	76 kB	2024-08-20	2024-08-20
Pretty URL specificationfingertip.com/8c/33/72/8c33721f6aa15cc0a61420f50575e334.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 02:09 Last Seen2024-08-20 02:09 Times Seen1 Hash d708118305840a252153c6a3856495bd 5af4fc00b25d0ff96230e18349f72f7e12439a82 322bc75bc28866b970f824a398c0257cb7aa080bc4f290b85a8c7c595038975f Loading...

	www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW	ScriptElement	288 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 02:09 Last Seen2024-08-20 02:09 Times Seen1 Hash 3adba3fb7a3bac8f26f3f00f6158a4ed 0cdfd4e924d8ed77bc95dd009ec866e5133a16f2 8a01b552e0866bc85cfc585efbf7531eb34a5cf0ca29f9440c0b6078a8bb92df Loading...

	unknown	ScriptElement	544 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 02:09 Last Seen2024-08-20 02:09 Times Seen1 Hash 6795891fc246394072953bd75285511c e23ca3c2fa154722d571ce378cbeee306eb077c2 c754781111eb4936f0c296fd5f623880d67bd8a0767fe128a9dcd1b7c9efed80 Loading...

	downstairsnegotiatebarren.com/sfp.js	ScriptElement	86 kB	2024-03-29	2024-08-21
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 172.67.180.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13 Last Seen2024-08-21 22:41 Times Seen2254 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	www.cpasbien.zip/themes/js/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-06-21
Pretty URL www.cpasbien.zip/themes/js/jquery.min.js IP 172.67.178.162 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24 Last Seen2025-06-21 22:43 Times Seen2204 Hash b0dc11d0a434aafe88908c7f33d71095 1327f754ff87d26bced46568543207e9df190aaa de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f Loading...

	www.cpasbien.zip/themes/js/bootstrap.min.js	ScriptElement	37 kB	2023-03-07	2025-06-22
Pretty URL www.cpasbien.zip/themes/js/bootstrap.min.js IP 172.67.178.162 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-22 03:25 Times Seen6114 Hash c5b5b2fa19bd66ff23211d9f844e0131 791aa054a026bddc0de92bad6cf7a1c6e73713d5 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a Loading...

	www.cpasbien.zip/recherche/love%20lies	ScriptElement	153 B	2024-02-15	2025-06-12
Pretty URL www.cpasbien.zip/recherche/love%20lies IP 172.67.178.162 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-15 18:33 Last Seen2025-06-12 13:45 Times Seen94 Hash 81630d0fa87c615651f4e254f82b4d06 51589a6efc263ac6ce5262cbaa07a8fa4a4f5b9a c50325fe0fe59de6c1ed0bd94cb47634640a12715d5531527459f049b6d13618 Loading...

	bourrepardale.com/1clkn/56862	ScriptElement	6 B	2023-03-07	2025-06-22
Pretty URL bourrepardale.com/1clkn/56862 IP 23.109.170.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-22 02:37 Times Seen13292 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

HTTP Transactions (45)

URL IP Response Size

GET www.cpasbien.zip/themes/default/img/animation1.jpg

172.67.178.162

200 OK

7.3 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/animation1.jpg
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2022:02:12 13:05:26], baseline, precision 8, 150x150, components 3
Size
7.3 kB (7306 bytes)
Hash
0573d4afb59612940a3e4823747adff4
82e478eb20d06a30e996ca6c7d52afaf8106e1e4
ca6263642c45acb1d6ee1f646306d393040ac67dd077a4bf07f1280364f6e8b7

HTTP Headers

GET /themes/default/img/animation1.jpg HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/recherche/love%20lies
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 7306
last-modified: Thu, 18 Jan 2024 11:04:47 GMT
etag: "1c8a-60f3654e2294f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0VxqXKltkNLtJztpt3Emk8b8gmAzwduychuqms%2FVgcCuOKibaYwSb5t9z7ltz3xYw8v4XDMzDZV%2FrLteEI9wSAy91Y3Xalw4G7%2BnNAaxnqT3b867B5CUds9vEcu31Dqz7%2Fm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5c56fb056aa-OSL
alt-svc: h3=":443"; ma=86400

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.css

104.17.25.14

200 OK

20 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text
Size
20 kB (19472 bytes)
Hash
e3d3126e93fc1303cf862d5852f56654
357908650e3a2f75f7e77c3e741e8bd0cfa07625
340d09d12141a30f53d870d647f2f4ba93047709331cd441c43db7301bd52d68

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/css/all.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: text/css; charset=utf-8
content-length: 19472
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-4c10"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1511914
expires: Fri, 18 Apr 2025 17:07:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQrdnlocA5Z1Hx2QUC7x9Vnm16A2wbEEVsQIK3OLCmJPHWkkc%2BsBCVpGhP8bSCgwnz1LedTB%2Bx%2B7pwOub00WnvJMG2AIQNVwoweOrhteIXtKsxmwHzGDpXR9bdhqMGi1dcmE42fb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87b8a5c5b83f56c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET zimages.ws/uploads/image/0c4110910ecb4a7a576346b6dac1b94b7d7bbf27.jpg

172.67.138.97

200 OK

76 kB

URL GET HTTP/2
zimages.ws/uploads/image/0c4110910ecb4a7a576346b6dac1b94b7d7bbf27.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x333, components 3
Size
76 kB (76158 bytes)
Hash
edc4dedbb60fa707a9065e5fe9e63e05
c5ad026414b6bf5e7d44870102695838771e154a
3ca460ccae13d2aae5ec2eef03edbb8ce5722359a4cdbc8c96c8c4f0a41993ef

HTTP Headers

GET /uploads/image/0c4110910ecb4a7a576346b6dac1b94b7d7bbf27.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 76158
last-modified: Wed, 15 Feb 2023 12:05:06 GMT
etag: "1297e-5f4bbe4120080"
cache-control: max-age=14400
cf-cache-status: HIT
age: 291755
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dK0oGj5QjSrHViA%2Bdvz0FkgNz%2BYayCVI0vBlpVWoeRWhtCmvNL6NuJbKy6iBfpiTbVyigS2NPyqzRUTt7%2FRLDQ6nMf9HzXcn2iKHUwmUWVDToS0%2FmjNUh%2FjQSEmv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87b8a5c5d83a1c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET zimages.ws/uploads/image/6ff64f279ae49edb2484f5201cfad2a54df6691d.jpg

172.67.138.97

200 OK

67 kB

URL GET HTTP/2
zimages.ws/uploads/image/6ff64f279ae49edb2484f5201cfad2a54df6691d.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 375x500, components 3
Size
67 kB (67401 bytes)
Hash
c48a95268bfe9e922fd3b6916b6dc8bf
00a59dff3d1017725887df9158cf6951e1d45556
316b076ed4cc17d540c7924d3ffa6d5ed4c6808f5f247e9888052452caf790ba

HTTP Headers

GET /uploads/image/6ff64f279ae49edb2484f5201cfad2a54df6691d.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 67401
last-modified: Fri, 13 Oct 2023 08:04:04 GMT
etag: "10749-607947ffb6500"
cache-control: max-age=14400
cf-cache-status: HIT
age: 292223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RDHl7%2B1e7c2d5N9ry00FhHC%2BXmfTNNhlKrfU%2BWWa3w1ahphfV%2BSNVpsk0DjNk3doB3E73OXQANIufus0DGyBOYv9h7ctIkejmUTvqZuMeNJ2HRIOAvdcgP4wQbH6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87b8a5c5d83e1c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET zimages.ws/uploads/image/32b19a8a6504f1b885eaaa316064354398a9d7c5.jpg

172.67.138.97

200 OK

124 kB

URL GET HTTP/2
zimages.ws/uploads/image/32b19a8a6504f1b885eaaa316064354398a9d7c5.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x333, components 3
Size
124 kB (124055 bytes)
Hash
806d6f0ccf77204c447d2018c739fe3f
cb89c091d607e898193a5d998a0d98ce6bd9ede3
1ce19ccfeb62efcc229d11272b685b484878b22d3615349cc2fc45f57f549254

HTTP Headers

GET /uploads/image/32b19a8a6504f1b885eaaa316064354398a9d7c5.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 124055
last-modified: Wed, 15 Feb 2023 12:10:53 GMT
etag: "1e497-5f4bbf8c0cd40"
cache-control: max-age=14400
cf-cache-status: HIT
age: 291755
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PP%2Bbb1jyyyqYVTzc2sdpRvc10%2BX%2BQCY6uUdcCmppZUUyeaJQkfEKJDr3PPLPHnjU5Cx%2FmNr%2BYsqGDxsornWrY4LzQ20a%2FJ3%2BvUfo2DOZaOtMHHy9oOERomrWoiSg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87b8a5c5d83b1c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET zimages.ws/uploads/image/d2bdab22a6bb3d76b6666a8a7360d6d0c5ec1c4a.jpg

172.67.138.97

200 OK

117 kB

URL GET HTTP/2
zimages.ws/uploads/image/d2bdab22a6bb3d76b6666a8a7360d6d0c5ec1c4a.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
117 kB (116925 bytes)
Hash
ba1c08c9a835f1dc5ac0cecd0085b461
d2181027051766074871d3532f257bb99cd65cf0
fe8b7d2ead010a33ebbe1db715aa8415d000b6b150f4a9081a3dba24fde6fa9c

HTTP Headers

GET /uploads/image/d2bdab22a6bb3d76b6666a8a7360d6d0c5ec1c4a.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 116925
last-modified: Wed, 15 Feb 2023 12:35:46 GMT
etag: "1c8bd-5f4bc51be2c80"
cache-control: max-age=14400
cf-cache-status: HIT
age: 292223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2Bvw5KRAuM8R%2BaQ2QY4IztmI0aD0LenuEkTuOQ7sE7n%2FajBYgEGz6nzuOq0Jg0Is1w%2FLPE4VfgMQeIQ5NAXQA2S8gZs8D0iIQruiwSlw5T477mhvWi375QxDI9S9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87b8a5c5d8411c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET zimages.ws/uploads/image/5335258a03cd4effdbaaa2c111a93f4032a25564.jpg

172.67.138.97

200 OK

74 kB

URL GET HTTP/2
zimages.ws/uploads/image/5335258a03cd4effdbaaa2c111a93f4032a25564.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x354, components 3
Size
74 kB (74133 bytes)
Hash
a91bd20ec37e8bd1ea51970eec21c6ee
57e01b613f72318ce6e9d17c6125322cc513138e
f461594c3eb535eff29942163f70d65e77bb08ac2d204ec4410b47adc413d713

HTTP Headers

GET /uploads/image/5335258a03cd4effdbaaa2c111a93f4032a25564.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 74133
last-modified: Wed, 15 Feb 2023 12:15:42 GMT
etag: "12195-5f4bc09fa9780"
cache-control: max-age=14400
cf-cache-status: HIT
age: 291755
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8wKdpdSnofMyzX7cf6eXyL4H%2B7iWzXB4EaE%2BnFG%2B6F0XUbD%2BCOo%2BwnVVzWHaycmkwRfWlpl5NMamMbtXkpPT1mFOYy9mVkxfQcdmctBK8GWI9ynVZU%2FvcmRvcCK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87b8a5c5d83f1c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET zimages.ws/uploads/image/d4a71764e07c7c4bb4e9de4edff37a6f31321ebb.jpg

172.67.138.97

200 OK

132 kB

URL GET HTTP/2
zimages.ws/uploads/image/d4a71764e07c7c4bb4e9de4edff37a6f31321ebb.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
132 kB (131670 bytes)
Hash
5a4b148b104dd47e8fa33a06d3426df2
189fecadb1cb50e659c0a4411b3d8753fb4bda50
64290c97fce79397e0319f64a7534277d19fbf7fd292cf59600cca974f81a705

HTTP Headers

GET /uploads/image/d4a71764e07c7c4bb4e9de4edff37a6f31321ebb.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 131670
last-modified: Wed, 15 Feb 2023 12:36:05 GMT
etag: "20256-5f4bc52e01740"
cache-control: max-age=14400
cf-cache-status: HIT
age: 292223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xOd7dK40ch9BnwC3wFt1kQooMmBt2FZ%2BWsHeFHB%2Fs3Ex1PYc7RqYGVargFlIuk0MSzlxYh2tlFhHPOtm7IdnECAyfGFb7%2FLWEPm62co2q%2FkPTyLfA7FWpB6%2BH4yx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87b8a5c5d8361c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET zimages.ws/uploads/image/cbfa465cb07c90bc29d34678ece707ea68fdd16b.jpg

172.67.138.97

200 OK

115 kB

URL GET HTTP/2
zimages.ws/uploads/image/cbfa465cb07c90bc29d34678ece707ea68fdd16b.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x371, components 3
Size
115 kB (114867 bytes)
Hash
71e1aad661d47e21577c9d9a222539ac
eab872f352ca163c85500411e66a491b692e13b2
5e0567f724971ddd09505979e4ecbafe950174f6317665cdc209c1421834f742

HTTP Headers

GET /uploads/image/cbfa465cb07c90bc29d34678ece707ea68fdd16b.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 114867
last-modified: Wed, 15 Feb 2023 12:34:40 GMT
etag: "1c0b3-5f4bc4dcf1800"
cache-control: max-age=14400
cf-cache-status: HIT
age: 292223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TlWoUC6FKFGJQxe2IZm3OdGkbn0gjxFEd2Zy%2BDNBvjYlzQzcUq%2FoQ0wnbsURDLzTeAyTmsGBLx4IXSi5ckOb3IONzReG5EeSqw%2FI%2FpbZLKx%2F8izUCb6tTUE3EH4L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87b8a5c5d8471c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET zimages.ws/uploads/image/1ebd2148a111a59bb7559ec84f6df9e79c1870d1.jpg

172.67.138.97

200 OK

104 kB

URL GET HTTP/2
zimages.ws/uploads/image/1ebd2148a111a59bb7559ec84f6df9e79c1870d1.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
104 kB (103739 bytes)
Hash
a0c06f59cdf7217df6b720a70fb37394
94b2ef19e1c20f616d62adb5ee871a29ccb354a0
536c49783a1691b6693133c1340317b0b4d5d844f560db60197b04cccce202f4

HTTP Headers

GET /uploads/image/1ebd2148a111a59bb7559ec84f6df9e79c1870d1.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 103739
last-modified: Wed, 15 Feb 2023 12:07:54 GMT
etag: "1953b-5f4bbee157a80"
cache-control: max-age=14400
cf-cache-status: HIT
age: 291755
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2BsGQL4akj7DDgYUwYNbxzYt%2B%2BcIOBX%2BCHVW0tNmQq%2BZTJxMGzApmQM%2B2tXx8DaVDc%2FSP%2FwFv%2FC7hsnRkipp9%2B%2BwMijrNXLZ%2FHH2H6dj%2Bwp7qInl6AltwIugUYtN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87b8a5c5d8491c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET zimages.ws/uploads/image/d144efd8422ce7f79b22fc9a0b43174095024859.jpg

172.67.138.97

200 OK

129 kB

URL GET HTTP/2
zimages.ws/uploads/image/d144efd8422ce7f79b22fc9a0b43174095024859.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
129 kB (128910 bytes)
Hash
81543078469b1b1e7ad995aababdafac
e87e5f76b462fe2f543391423fa1ae719196eba7
b9d2e47ba45438aaeef8a20ddcffe8f98cfb2fb4ca131aef2ab76a2ca97ff2a6

HTTP Headers

GET /uploads/image/d144efd8422ce7f79b22fc9a0b43174095024859.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 128910
last-modified: Wed, 15 Feb 2023 12:35:31 GMT
etag: "1f78e-5f4bc50d94ac0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 292223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T6lXllPy2CPtVR3X26XOS0rYJQqWRzX4jIgRmGHyu8b66Oa1yTgPg1Wc4YwYKIEwb8OStH%2Fv83cGAo%2BAM4NsIbk2IMnO9tWDnp%2BMgeycK1IRmQogitCaM2JrkOuR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87b8a5c5e8511c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET zimages.ws/uploads/image/2b4a13b5a0f54f5e0abb14cec9eb764d7507bd16.jpg

172.67.138.97

200 OK

137 kB

URL GET HTTP/2
zimages.ws/uploads/image/2b4a13b5a0f54f5e0abb14cec9eb764d7507bd16.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
137 kB (137352 bytes)
Hash
24ef5680c3ba27dc345b71e5d9535e53
63adefef302f706424b2200ac04c2f86d8505a93
874528de3b14d4dbfa4b7481aaf2f95943fdf4980acf80526a06996a6ffe6a04

HTTP Headers

GET /uploads/image/2b4a13b5a0f54f5e0abb14cec9eb764d7507bd16.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 137352
last-modified: Wed, 15 Feb 2023 12:09:48 GMT
etag: "21888-5f4bbf4e0fb00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 292223
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yEsujyQn0XXLBEazHuv7E5ksQ6NkH2XpQReI0XUyQBiU6CxLM%2BZOs5kTiLNgxRc5BOrYWNAhWLjSWOpjuTZdsQ5Dkq%2BtmqIF%2BvGwNV6oTKrLGgbfkdafsENShXqN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87b8a5c5d8481c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW

142.250.74.72

200 OK

97 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (3969)
Size
97 kB (97358 bytes)
Hash
3adba3fb7a3bac8f26f3f00f6158a4ed
0cdfd4e924d8ed77bc95dd009ec866e5133a16f2
8a01b552e0866bc85cfc585efbf7531eb34a5cf0ca29f9440c0b6078a8bb92df

HTTP Headers

GET /gtag/js?id=G-TKZGESD6CW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 28 Apr 2024 17:07:15 GMT
expires: Sun, 28 Apr 2024 17:07:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET bourrepardale.com/1clkn/56862

23.109.170.68

200 OK

26 B

URL GET HTTP/1.1
bourrepardale.com/1clkn/56862
IP
23.109.170.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectbourrepardale.com
Fingerprint9C:52:0E:6E:A8:1B:CA:C0:B0:B8:5F:82:75:4C:49:1E:EA:78:A1:93
ValidityTue, 05 Mar 2024 14:00:39 GMT - Mon, 03 Jun 2024 14:00:38 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/56862 HTTP/1.1
Host: bourrepardale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 28 Apr 2024 17:07:15 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Mon, 29-Apr-2024 17:07:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Mon, 29-Apr-2024 17:07:15 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET www.cpasbien.zip/themes/default/img/fond.jpg

172.67.178.162

200 OK

32 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/fond.jpg
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2520x142, components 3
Size
32 kB (32310 bytes)
Hash
56121fe0070d93736b8fe5ea7d3c9524
1c91ca6ed08d9f7bbd20088faf3f401c4f720107
a64aa3531489683535c374c4631338a7ca4ca15e8c3ebf6c7f4ea8ad8005b1d3

HTTP Headers

GET /themes/default/img/fond.jpg HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 32310
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "7e36-605383d51ffb4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bcjB5CFLNzj%2FzzP7N3b%2FvSZOiGMBmlXqQbHjPRDkmNGCYT%2BPQP0BsKyh%2FvJIEw1ASgkI7ozAeiJ7hRAjVaZGUoqmZlF%2FgmcJiwBEJ3N1Mf3%2FNAxkXZ554bLTbijT2iFQZnXy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5c87b4956aa-OSL
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/img/logo.png

172.67.178.162

200 OK

2.9 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/logo.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 280 x 102, 8-bit colormap, non-interlaced
Size
2.9 kB (2863 bytes)
Hash
bbe71e764c32438317b3e7f4785dc3b0
870063ae5643493ac6045608343d24b529355531
2312f04966bcdc4143b4392cea49a917a96be8f1b50f95282cb6d1d1bdd0bd81

HTTP Headers

GET /themes/default/img/logo.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/png
content-length: 2863
last-modified: Wed, 13 Sep 2023 07:09:26 GMT
etag: "b2f-605383d658bb8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJat22dKT60qp8ejgsQJbhqtWIQ88EA5TWoplV1x6RABC4KTIFwPa8sfXuPzSjR%2F4poOI3LipHwGiK3cna7CD9AkwETITXuSvSbu86d3DIGOsTMcR0HZBPmiYhpLs25jAesB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5c87b4f56aa-OSL
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/img/centre.gif

172.67.178.162

200 OK

1.3 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/centre.gif
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
GIF image data, version 89a, 1111 x 7
Size
1.3 kB (1314 bytes)
Hash
e39d9162d6261195559068e10f49e782
d75dfaf34ed95d4eb754d2e7c35fb84a7e2afa30
f57d88ee62eb309ee7567b3d6a7b54a704874c719d6888b8b581bb0dd54327be

HTTP Headers

GET /themes/default/img/centre.gif HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/gif
content-length: 1314
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "522-605383d3d7d96"
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ywda5Khe9BVMZLulKI4thhZXbpgHPegUBwliN2p2zOkk2v8DGAvNwfB%2FITVorF3KVlEG%2FscWzL%2Fug5qw4QkklMdoxzshcxafB60yiVju69rU6OqFOCXBv%2FQdI2kPWe5j3%2F1F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5c87b5356aa-OSL
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/img/btn_recherche.gif

172.67.178.162

200 OK

1.1 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/btn_recherche.gif
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
GIF image data, version 87a, 36 x 43
Size
1.1 kB (1081 bytes)
Hash
60018e565bdd1d7db987a8050552f58a
e07df01a9f332ad1b817e7c685256fa1e7bc5851
c03fa49e2b84a02341b5e0fd22fdccbe05609d94ab6ff1e91212cfcbe51e21fc

HTTP Headers

GET /themes/default/img/btn_recherche.gif HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/gif
content-length: 1081
last-modified: Wed, 13 Sep 2023 07:09:23 GMT
etag: "439-605383d3816be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=elRxuqXG%2FkSjjnlJ%2FCQe4r1Cong91gMdB9Q%2FilBDLrhghzKBb%2F%2Bq%2F%2Fv9rpnwvUHN0KZqwDk96SqZi9xrP0O%2Fy42NrSKTETGsKSMG0twmTAS%2FqCvXjkfogXihrE1gQYn1lgg1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5c87b5256aa-OSL
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/img/checkno.png

172.67.178.162

200 OK

133 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/checkno.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 16 x 16, 4-bit colormap, non-interlaced
Size
133 B (133 bytes)
Hash
87d20c281b11a3df07b0dac6891d43fc
7caf541264070830ae8bf187c2ddf398620a235f
2dbd79ea3382f638d49b0e1c02210b4ea6a57f8f29c1ad7d7eb1b324197353e7

HTTP Headers

GET /themes/default/img/checkno.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/png
content-length: 133
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "85-605383d40b9bb"
cache-control: max-age=14400
cf-cache-status: HIT
age: 510208
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tny4%2FIhSAfYJRwhHW4%2FmPhwrptXm26X8NliZCWY1XlZSiGyvBhi3EqYY67Wxp63khTWhOk9BbDKRbNfmcVqToOUQLpcVJ0t6DMTDKGnpdrmCp3zyXd1%2FefOOVhTyH7TVIgBf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5c87b5656aa-OSL
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/img/download.png

172.67.178.162

200 OK

176 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/download.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 16 x 16, 4-bit colormap, non-interlaced
Size
176 B (176 bytes)
Hash
fe4223aeb017fc82008c4ae1a9e72fe0
e566c7cd650ad5c6a062236dd48d391bd0628f0d
075c54e8957e256ec2a4b1a8db4932722813e32cd3d9f6a95f86b281c4bf23c9

HTTP Headers

GET /themes/default/img/download.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/png
content-length: 176
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "b0-605383d4764cc"
cache-control: max-age=14400
cf-cache-status: HIT
age: 219837
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRzIFZ4zvXQdY%2FqBPHFm3gujvh4obmrLxszcSZxur0JuPUoE3BFF9oz%2B3xNsijnmGiYSSkavCZm11AsEMMlEmLJpFgFnJvpOw6mth%2BP0zxKsSlk2rNtTKUnEA2JhoiPv5UGU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5c88b5756aa-OSL
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/img/checkyes.png

172.67.178.162

200 OK

312 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/checkyes.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
312 B (312 bytes)
Hash
1580b2345aa2ed83572ea9726ae21588
7cf57dd01a4a06b8c8a7d8e4caba32a381a1f1a6
fde759a4e535560a2d78c6f59b7e0f7988fb93f8d567c69ee2deaac0d2cad02e

HTTP Headers

GET /themes/default/img/checkyes.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/png
content-length: 312
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "138-605383d426b55"
cache-control: max-age=14400
cf-cache-status: HIT
age: 510208
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NpaDVRFsZv7zZ4Af%2FrCel0yu6A%2BFCsNTeZ4lB%2FpXDUjVlFPBG2EIQANfGAK9k21n023IUaIvv1ypNa3AkylTmeX1B8aU32OrsDSNEJCOoDzuylO6zYGnLctimItqNZIrX1SM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5c87b5556aa-OSL
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/img/up.png

172.67.178.162

200 OK

296 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/up.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 15 x 16, 8-bit colormap, non-interlaced
Size
296 B (296 bytes)
Hash
fb656ac10987ff66eef6484030c461a0
15dbd2de657d4ae83cbafe6209b5b5b15dc534ea
95b748fd9ba6902a8ea51bca013970170d5c54b5427b54f942ca1fe4eded9dc4

HTTP Headers

GET /themes/default/img/up.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/png
content-length: 296
last-modified: Wed, 13 Sep 2023 07:09:27 GMT
etag: "128-605383d6fff90"
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lReZi0wmwEZLJDAlVPt90sSh4br3nrlTbpuukOnYqsLEYxPflkV8lOOCP%2F%2FtV3PTTHBhTSiHTghD8YgVI4Dp2c%2FQTFiYHKUdBUz25aNfHEnxgty9l2y%2Fjdv%2F7DiTTcGEJE2H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5c88b5e56aa-OSL
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/img/h3.jpg

172.67.178.162

200 OK

6.3 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/h3.jpg
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x56, components 3
Size
6.3 kB (6279 bytes)
Hash
70352c1e036103909bc6751a72d05ba0
8b2d2bab788deba16f07dc5c5460a6981d9d7f51
796f1144081fdd9cc14606ce97d2c0494f9231a547b6e31ee175bd76e17bc4bf

HTTP Headers

GET /themes/default/img/h3.jpg HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 6279
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "1887-605383d565902"
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8QWPBxmYHdD%2FdRWGWHO%2Bu9CL6iA%2FNM%2B23RZ5mZ9II0gMl5c9mb2pSx%2FbdFBabZbJKGY6ix9Nf1e2%2FMq6llEsjeCCyVKkMr4QH9qV71B9xTi%2F61XNOYK15doUzrgXh7YKEkNt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5c88b6156aa-OSL
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/img/down.png

172.67.178.162

200 OK

297 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/down.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 13 x 16, 8-bit colormap, non-interlaced
Size
297 B (297 bytes)
Hash
4b96bdc869168ccdc1b1ae853121897b
395ea2f64be755455835d3b7bdf7b3f7b801844f
7b69189c5806a7b185517cc49e0fdf943da67409157185f789af1f5fb736e84b

HTTP Headers

GET /themes/default/img/down.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/png
content-length: 297
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "129-605383d44f7b1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2LgwPfrUf4TJcPZl%2BIcpOY52b3xOrkuI3RdKoldMeegET1GRlfEISjQQrKyoTDcFHxpPUnpPF3jo8N7j3avFLmktPKi182e72UYrWOjG16zbJaGZGb4idTy7Cyj7Pwo5Pybb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5c88b5f56aa-OSL
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/img/footer.jpg

172.67.178.162

200 OK

37 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/footer.jpg
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2520x177, components 3
Size
37 kB (36753 bytes)
Hash
c0766070776e0c559c47298d6bee215f
822129afebf0bc3dfd15d862e22e14e3611f6456
d2ce4b28b0865f996c7a2e24ab7ca168f6bf601c2f17508362e57bf1e06fbf6a

HTTP Headers

GET /themes/default/img/footer.jpg HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: image/jpeg
content-length: 36753
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "8f91-605383d569783"
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2Fn9x2li0M%2FnARZ0kGFtSyEMRrkUH3xkw6XAy0cSBop6biJSyEISLGxaSQe2OD1Ps6Oa6TGPYapGMe4xp5dgStW23uStaYXNV%2BAw%2FdHJNVO%2BLymHQ6kKD1Y%2BcomU49ogJh6E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5c88b6b56aa-OSL
alt-svc: h3=":443"; ma=86400

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

150 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150472, version 770.256
Size
150 kB (150472 bytes)
Hash
3e50e269ee627bb2279f91d18c085167
a7fca574d24e9ffa5ee0e0589ffe17277ae4ec27
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150472
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "630e6e62-24bc8"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 333228
expires: Fri, 18 Apr 2025 17:07:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q4bYNxU0kdtsNTGZMxU7jh%2BQumueruDfGWNTqynhHDHOhdEFwJ0pHe64K1i%2BKnXQ3rfsyuSykKRyD7Y3kVPgWDh7wrdVTBk748w6pUyW6e0c6%2BFLSvDBOierJJ6fB5FdBdiWN8%2BL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87b8a5c8ba54b51b-OSL
alt-svc: h3=":443"; ma=86400

GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:35:00 GMT
expires: Fri, 25 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 311535
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:35:00 GMT
expires: Fri, 25 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 311535
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:35:00 GMT
expires: Fri, 25 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 311535
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET specificationfingertip.com/8c/33/72/8c33721f6aa15cc0a61420f50575e334.js

192.243.59.12

200 OK

28 kB

URL GET HTTP/1.1
specificationfingertip.com/8c/33/72/8c33721f6aa15cc0a61420f50575e334.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectspecificationfingertip.com
Fingerprint56:24:CB:6D:8F:D0:EB:4A:8A:7C:22:ED:FA:A2:0E:7F:77:5D:A1:26
ValiditySat, 30 Mar 2024 03:48:02 GMT - Fri, 28 Jun 2024 03:48:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
28 kB (28341 bytes)
Hash
d708118305840a252153c6a3856495bd
5af4fc00b25d0ff96230e18349f72f7e12439a82
322bc75bc28866b970f824a398c0257cb7aa080bc4f290b85a8c7c595038975f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8c/33/72/8c33721f6aa15cc0a61420f50575e334.js HTTP/1.1
Host: specificationfingertip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 28 Apr 2024 17:07:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 50be1d01397cf558d4b7e39cf048ba54
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET www.cpasbien.zip/themes/default/css/jquery.tooltip.css

172.67.178.162

200 OK

656 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/css/jquery.tooltip.css
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
ASCII text, with no line terminators
Size
656 B (656 bytes)
Hash
4f6f3546c7bf233c269c2700cccdfbec
bdc42910e0694401ec25bc70712ba8501a2cf151
19ce96116690970bf4303812fe245a8fcb1747922e85c045960a93db6b158080

HTTP Headers

GET /themes/default/css/jquery.tooltip.css HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/recherche/love%20lies
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=309
etag: W/"135-605383d213725-gzip"
last-modified: Wed, 13 Sep 2023 07:09:22 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvIQSEjzgLNPNEpcxAhE3KmKcuZVoM5Lbtlb%2BSyvrnuFuAAFlwgwTRxr3E2FEKXH%2B9uJeDIurcj2EMxTvd7omBLdMk1D6NVdDdmiFycTlq9fzgdh%2Fw8Jth1IpZkVzOGEoFAF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87b8a5c54f8056aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET proftrafficcounter.com/stats

35.158.46.84

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
35.158.46.84:443
ASN
#16509 AMAZON-02

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
416dd893510ac59899cb46a09cf2ea59
165ef4d2084f23c090bcb80ca67425cd819c3049
638c5c903ee35158fc1b77d39f58b2a74cc2bd0897b95c988ea8d405e4a56968

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.cpasbien.zip
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f9862169-a88e-4168-9d92-233ee265e865:3:1; expires=Wed, 26 Apr 2034 17:07:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

POST ads2550.bid/zlkvk57RlKSXC9x3eumdEurx961Y_j1bJCfpmoJzeP4bxAES9NamcRSIT6xe1UvCjyB4INRxQT5Jx5sI1psG09vy9skW5XzxtBuWanI8cuyDSX28StUbnOq07wweTfE9UJ1T2fspdYm3mLk7fm44NiXhYyTXWmJKXb2u46yy4io7P-YfoxDM1EV6wG0kEho19ixEtNB6xVxIdMBxnS60OhiyzPTYRLZI1ov5Fsawkm0W0Zh2Tdu8rkvAA8NhsJPo_jVyHBY_dSDlL3rKdUTIm4yT5naGfToz5axeoIHYLhZgG0aQZoRhLpkWIW0qiNQwFTV9u1GDVrD_DtPz_qQmoPkiEuXqgcoZSo3W-44qKhGOItzZdRDuMjZAsJdgkvNyelIXSEwI9FPaPgqVOi3LNRc_Kuo9sobrERdR3hS8ao-EKi8WuX6LSbf14ERAYJsHMdCGflyNT9CCCCxhQtj9blGzD9ysLUdINZK5_Sj-8FHHp5EskcbtwlP5anAFWOVkkmNfSn1FXtSwkt_teQGeUNhtMR7aV6evOtXtIQkG8Jas8-Tu_Nq0FQAhW6gZTQEYN?

199.80.53.161

200

710 B

URL POST HTTP/1.1
ads2550.bid/zlkvk57RlKSXC9x3eumdEurx961Y_j1bJCfpmoJzeP4bxAES9NamcRSIT6xe1UvCjyB4INRxQT5Jx5sI1psG09vy9skW5XzxtBuWanI8cuyDSX28StUbnOq07wweTfE9UJ1T2fspdYm3mLk7fm44NiXhYyTXWmJKXb2u46yy4io7P-YfoxDM1EV6wG0kEho19ixEtNB6xVxIdMBxnS60OhiyzPTYRLZI1ov5Fsawkm0W0Zh2Tdu8rkvAA8NhsJPo_jVyHBY_dSDlL3rKdUTIm4yT5naGfToz5axeoIHYLhZgG0aQZoRhLpkWIW0qiNQwFTV9u1GDVrD_DtPz_qQmoPkiEuXqgcoZSo3W-44qKhGOItzZdRDuMjZAsJdgkvNyelIXSEwI9FPaPgqVOi3LNRc_Kuo9sobrERdR3hS8ao-EKi8WuX6LSbf14ERAYJsHMdCGflyNT9CCCCxhQtj9blGzD9ysLUdINZK5_Sj-8FHHp5EskcbtwlP5anAFWOVkkmNfSn1FXtSwkt_teQGeUNhtMR7aV6evOtXtIQkG8Jas8-Tu_Nq0FQAhW6gZTQEYN?
IP
199.80.53.161:443
ASN
#40824 WZ-US-40824

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectads2550.bid
FingerprintCD:F9:6F:CD:B2:57:0D:67:A2:9D:CF:3C:ED:18:62:2A:0B:F7:9A:73
ValidityWed, 06 Mar 2024 08:04:30 GMT - Tue, 04 Jun 2024 08:04:29 GMT

File type
JSON text data
Size
710 B (710 bytes)
Hash
b588b63b59cf617319f2e2783085eb99
4acb370fc1bae2109546049f423691599f81cfcf
a7e2e5c2e5519f908476e5bf72c32c997d14948c3e009328d90a1af63e5a0d39

HTTP Headers

POST /zlkvk57RlKSXC9x3eumdEurx961Y_j1bJCfpmoJzeP4bxAES9NamcRSIT6xe1UvCjyB4INRxQT5Jx5sI1psG09vy9skW5XzxtBuWanI8cuyDSX28StUbnOq07wweTfE9UJ1T2fspdYm3mLk7fm44NiXhYyTXWmJKXb2u46yy4io7P-YfoxDM1EV6wG0kEho19ixEtNB6xVxIdMBxnS60OhiyzPTYRLZI1ov5Fsawkm0W0Zh2Tdu8rkvAA8NhsJPo_jVyHBY_dSDlL3rKdUTIm4yT5naGfToz5axeoIHYLhZgG0aQZoRhLpkWIW0qiNQwFTV9u1GDVrD_DtPz_qQmoPkiEuXqgcoZSo3W-44qKhGOItzZdRDuMjZAsJdgkvNyelIXSEwI9FPaPgqVOi3LNRc_Kuo9sobrERdR3hS8ao-EKi8WuX6LSbf14ERAYJsHMdCGflyNT9CCCCxhQtj9blGzD9ysLUdINZK5_Sj-8FHHp5EskcbtwlP5anAFWOVkkmNfSn1FXtSwkt_teQGeUNhtMR7aV6evOtXtIQkG8Jas8-Tu_Nq0FQAhW6gZTQEYN? HTTP/1.1
Host: ads2550.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
permissions-policy: *
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true
access-control-allow-origin: https://www.cpasbien.zip
set-cookie: UUID=a5422175-f779-5bdd-9035-7ae658bf7920; Domain=ads2550.bid; Expires=Mon, 02 Jun 2025 17:07:16 GMT; Path=/; Secure; SameSite=None
content-type: application/json;charset=UTF-8
content-length: 710
date: Sun, 28 Apr 2024 17:07:15 GMT

GET ads2550.bid/z5Qrv14P2dGrdrvipTZWlsJMi8PQEc6P37lrarZPMsBEtQy-LngwFBUEdNWDEh239DqbyYOH1tYEcake2Dc-JZWZTgUgF0w_ek20EfFcJHUcTS9xr0rVyizWUuXUPbfC0tbrYLe4WrMZwpaENEjYhcq9HDNqAxVQd7Wm_yOZBqZgQrNYbC5bRAi3KseDQdxcpzayiKcRa6ip88ZgKs3shRT_LM5abd6Q7RwyoQCNWMpAIk-tmBrO_5TDdjF9o5Lt-5Zt9rzoNtHn3ID4CEg8MtUk7_gwnSKXXat6K4QuYV-VcCjQ3VY1ExdyXNhnUZIS1aGYrv-XN6mTx3i_U4hvr2Wtu7wuM3BHilry1zh1ZyYbE8REcP2J9BaxfsZwlUKNUNevKxNVcqeAT8XJbyBrfuTI97UqyZDleOtidPowWe_lnmHKw6GjL5aWGXGqVVz2an_k_SgQO79fujj6ja17ILLw2ZNdPKlOLkgvbK8YXrAp9ljPN?DC=WZ

199.80.53.161

200

49 B

URL GET HTTP/1.1
ads2550.bid/z5Qrv14P2dGrdrvipTZWlsJMi8PQEc6P37lrarZPMsBEtQy-LngwFBUEdNWDEh239DqbyYOH1tYEcake2Dc-JZWZTgUgF0w_ek20EfFcJHUcTS9xr0rVyizWUuXUPbfC0tbrYLe4WrMZwpaENEjYhcq9HDNqAxVQd7Wm_yOZBqZgQrNYbC5bRAi3KseDQdxcpzayiKcRa6ip88ZgKs3shRT_LM5abd6Q7RwyoQCNWMpAIk-tmBrO_5TDdjF9o5Lt-5Zt9rzoNtHn3ID4CEg8MtUk7_gwnSKXXat6K4QuYV-VcCjQ3VY1ExdyXNhnUZIS1aGYrv-XN6mTx3i_U4hvr2Wtu7wuM3BHilry1zh1ZyYbE8REcP2J9BaxfsZwlUKNUNevKxNVcqeAT8XJbyBrfuTI97UqyZDleOtidPowWe_lnmHKw6GjL5aWGXGqVVz2an_k_SgQO79fujj6ja17ILLw2ZNdPKlOLkgvbK8YXrAp9ljPN?DC=WZ
IP
199.80.53.161:443
ASN
#40824 WZ-US-40824

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectads2550.bid
FingerprintCD:F9:6F:CD:B2:57:0D:67:A2:9D:CF:3C:ED:18:62:2A:0B:F7:9A:73
ValidityWed, 06 Mar 2024 08:04:30 GMT - Tue, 04 Jun 2024 08:04:29 GMT

File type
GIF image data, version 89a, 1 x 1
Size
49 B (49 bytes)
Hash
56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

HTTP Headers

GET /z5Qrv14P2dGrdrvipTZWlsJMi8PQEc6P37lrarZPMsBEtQy-LngwFBUEdNWDEh239DqbyYOH1tYEcake2Dc-JZWZTgUgF0w_ek20EfFcJHUcTS9xr0rVyizWUuXUPbfC0tbrYLe4WrMZwpaENEjYhcq9HDNqAxVQd7Wm_yOZBqZgQrNYbC5bRAi3KseDQdxcpzayiKcRa6ip88ZgKs3shRT_LM5abd6Q7RwyoQCNWMpAIk-tmBrO_5TDdjF9o5Lt-5Zt9rzoNtHn3ID4CEg8MtUk7_gwnSKXXat6K4QuYV-VcCjQ3VY1ExdyXNhnUZIS1aGYrv-XN6mTx3i_U4hvr2Wtu7wuM3BHilry1zh1ZyYbE8REcP2J9BaxfsZwlUKNUNevKxNVcqeAT8XJbyBrfuTI97UqyZDleOtidPowWe_lnmHKw6GjL5aWGXGqVVz2an_k_SgQO79fujj6ja17ILLw2ZNdPKlOLkgvbK8YXrAp9ljPN?DC=WZ HTTP/1.1
Host: ads2550.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Cookie: UUID=a5422175-f779-5bdd-9035-7ae658bf7920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
permissions-policy: *
p3p: CP="CAO PSA OUR"
accept-ranges: bytes
etag: W/"49-1710406818000"
last-modified: Thu, 14 Mar 2024 09:00:18 GMT
content-type: image/gif
content-length: 49
date: Sun, 28 Apr 2024 17:07:16 GMT

GET capaciousdrewreligion.com/advertisers.js

172.240.108.84

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC
ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 28 Apr 2024 17:07:16 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4958f4e4b8be0bf800cedc618d6376d1
Strict-Transport-Security: max-age=0; includeSubdomains

GET unseenreport.com/pxf.gif?uuid=f9862169-a88e-4168-9d92-233ee265e865&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=8c33721f6aa15cc0a61420f50575e334&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=f9862169-a88e-4168-9d92-233ee265e865&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=8c33721f6aa15cc0a61420f50575e334&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=f9862169-a88e-4168-9d92-233ee265e865&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=8c33721f6aa15cc0a61420f50575e334&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 28 Apr 2024 17:07:17 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0d2f262a9a37e607b7e1b85f7ef30fe0
Strict-Transport-Security: max-age=0; includeSubdomains

GET fonts.googleapis.com/css?family=Open+Sans:400,600,700

142.250.74.106

200 OK

17 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,600,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (1572)
Size
17 kB (16791 bytes)
Hash
85797b9763526c7b157f499ebe2044a5
e832fdcf940d9bfb2763982c37bf43d83495ea9f
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404

HTTP Headers

GET /css?family=Open+Sans:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 Apr 2024 17:07:15 GMT
date: Sun, 28 Apr 2024 17:07:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.cpasbien.zip/themes/default/img/favicon.ico

172.67.178.162

200 OK

1.2 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/favicon.ico
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
730f19e40d8bc2a05b5d9418ed6d024e
27f4146350e935b83783164858fc3a41016e64fb
7798ef17288a5134d37d5aa28845eee32b62721e9e32d152f8c50c5f2f1b347c

HTTP Headers

GET /themes/default/img/favicon.ico HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/recherche/love%20lies
Cookie: _ga_TKZGESD6CW=GS1.1.1714324036.1.0.1714324036.0.0.0; _ga=GA1.1.692218773.1714324036; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f9862169-a88e-4168-9d92-233ee265e865%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:16 GMT
content-type: image/x-icon
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: W/"47e-605383d4c71cc-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4n3GemweT%2Fsvjhyj1YhFzjS3UL9hP6JVbSDXFWoEjafnifW4a1W%2BEGR9BvEl4jgPdW7a4dexy0KoMhQlwLUKULiq9tPyjk5Xh5gpdpssXSu9zutzgeUXvI5U05BgoXb%2FW2GN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87b8a5cbef3b56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/css/bootstrap.min.css

172.67.178.162

200 OK

12 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/css/bootstrap.min.css
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
ASCII text, with very long lines (6975)
Size
12 kB (12119 bytes)
Hash
8edc1252b1927ba540118240b286b086
0770853663196773fc2a317f85284ae4e3b59185
4b2eb540285db604dd0a75399ea7cffac5b71c1faf4f5d840137220cf0c0cdf1

HTTP Headers

GET /themes/default/css/bootstrap.min.css HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/recherche/love%20lies
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: text/css
last-modified: Wed, 13 Sep 2023 07:09:21 GMT
etag: W/"2f57-605383d164a35-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 512386
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52IuCnNyNNjem9S7puNaGr3ykanM88UP19DXMd%2BKqxc9aue92MC90du7kbM5N2ynvD26FeKJp13EQip0Oqo41Jo5B53sR69yPKBdxq0w7UwzU9QCqkBkfagCveuTfXKTbVoq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87b8a5c54f8356aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/js/bootstrap.min.js

172.67.178.162

200 OK

37 kB

URL GET HTTP/3
www.cpasbien.zip/themes/js/bootstrap.min.js
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JavaScript source, ASCII text, with very long lines (32003)
Size
37 kB (36868 bytes)
Hash
c5b5b2fa19bd66ff23211d9f844e0131
791aa054a026bddc0de92bad6cf7a1c6e73713d5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

HTTP Headers

GET /themes/js/bootstrap.min.js HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/recherche/love%20lies
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: application/javascript
last-modified: Wed, 13 Sep 2023 07:09:01 GMT
etag: W/"9004-605383bdee980-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 512386
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35ptOE7bqZTeMCTNyVlZlCY54A1IEBvRBLaDJnxC5pHFkp7ZKOwP149NFP%2F%2Bk4wKF34tR7MJvpvRYgLG43HHXT8mD6SkL9Dbv5J%2F9YPwnFPV3PBKlWTr0%2Bvwphb4%2BkYs4d6G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87b8a5c55f9656aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/css/style.css

172.67.178.162

200 OK

12 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/css/style.css
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
ASCII text, with very long lines (12297), with no line terminators
Size
12 kB (12297 bytes)
Hash
88925c79a9ae2e296ea3904a40cc306c
e9997f05f3042aa3043962f7158a378a08208a5f
fc26dff232f86f6b94c7c0a9fcffd4890163292a4d5d2a092bf0896d1ef291d2

HTTP Headers

GET /themes/default/css/style.css HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/recherche/love%20lies
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=16422
etag: W/"4026-616b327fd8069-gzip"
last-modified: Mon, 22 Apr 2024 17:56:26 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nR0Lnmc6IhPJ3Kw%2FNap5KLG%2F0Pf11czpWc27bktm2j7RJWmz4tKYpjopHo3zyW3w1TIwCTCqmnXi%2FzXxbbMKuEwx27OiNCQyyVfaRdmUEtfRv5H6QJ%2FbkBzbsG99KFZr3Hkx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87b8a5c54f8256aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/themes/default/js/524eba27.js

172.67.178.162

200 OK

37 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/js/524eba27.js
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JavaScript source, ASCII text, with very long lines (37386), with no line terminators
Size
37 kB (37386 bytes)
Hash
dd509264e5718497cd67ad65d50a8641
480e2200fd244d68b5f8e1c90c0c6ce61699a7e8
a91b0f105197706c82220fc1485b86fa4be251b09cb6252d6a4c2221a03f86cc

HTTP Headers

GET /themes/default/js/524eba27.js HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/recherche/love%20lies
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=37394
etag: W/"9212-609f439ba84ca-gzip"
last-modified: Sun, 12 Nov 2023 13:06:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 512388
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmye%2BHkLRM8j7FCb2w5hiEXIGupbh0ZA5xkfqB5Lo37ssP739T6hmP8IeF3dkLDSBD39dh6lZ4Av48XGddGLSHfyrSqiN8EB03%2BEDbuQvNe3ZJHYW%2B2jtTOUFTf%2F7DGAAt6E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87b8a5c55f9856aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET www.cpasbien.zip/recherche/love%20lies

172.67.178.162

200 OK

12 kB

URL User Request GET HTTP/2
www.cpasbien.zip/recherche/love%20lies
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type

Size
12 kB (12083 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recherche/love%20lies HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=14400, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Sun, 28 Apr 2024 17:07:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njC%2FfuTgUos4LKoGQigkjEMwgDfCDCjx9%2FTMsiVs92JELa8eYfDoGXoRejUTI%2FqCux6oxkXa%2FnESmN0963AbWfkNTYx3aJoZM5uIyuNvcuPlGlTL3FceVnHY9ECX%2BM1oS53O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87b8a5c31b24b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.cpasbien.zip/themes/js/jquery.min.js

172.67.178.162

200 OK

84 kB

URL GET HTTP/3
www.cpasbien.zip/themes/js/jquery.min.js
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators
Size
84 kB (84349 bytes)
Hash
b0dc11d0a434aafe88908c7f33d71095
1327f754ff87d26bced46568543207e9df190aaa
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f

HTTP Headers

GET /themes/js/jquery.min.js HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/recherche/love%20lies
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 28 Apr 2024 17:07:15 GMT
content-type: application/javascript
last-modified: Wed, 13 Sep 2023 07:09:01 GMT
etag: W/"1497d-605383bdf9179-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 512386
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Neui9T57NFH%2FFnDK%2BJfjDZS%2F7H5GULdl3snGMRb0WmSVb3nOVOFVHvYksPSOPMr5YvAd0mHB1Vs9OIPGgb6fuIueq%2FavVHR7f5fslB571Aef%2F9dcwav6mDTVTpPFtlQYCmv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87b8a5c55f8f56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET downstairsnegotiatebarren.com/sfp.js

172.67.180.87

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
172.67.180.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/recherche/love%20lies
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 Apr 2024 17:07:16 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f1ffe54539a9b41ceff7bde6d7b0f6ac
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 28 Apr 2024 17:07:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o6aE0nh%2FO3bEWOHwzs6chX9JfnI9VD1z1%2FgvePe%2FsruyrIcuMAM437d6yScaY5BeFLfx5bscV6Q4bff2b6g8JR%2BmE01m%2BhWQxQZd6FAs5T2Ibq6OCE%2BfNdNeCSYYfernI2yuOiIfrbCzcXnWZxDhlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87b8a5caf8da1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash