Report - cpasbien.zip

Report Overview

Submitted URL
cpasbien.zip
IP
104.21.31.165
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 03:21:00
Access
public
Website Title
Torrent a telecharger sur Cpasbien / Cestpasbien Officiel
Final URL
www.cpasbien.zip/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
bourrepardale.com	unknown	2024-03-05	2024-03-05	2024-03-06	404 B	1.2 kB	23.109.170.113
ads2550.bid	unknown	2023-05-10	2023-05-10	2024-02-28	1.9 kB	1.8 kB	74.117.182.84
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	1.1 kB	98 kB	216.58.207.227
accounts.google.com	81	1997-09-15	2016-03-20	2024-05-06	3.7 kB	11 kB	64.233.163.84
cpasbien.zip	unknown	unknown	No data	No data	469 B	42 kB	172.67.178.162
pogothere.xyz	unknown	2022-08-22	2022-09-04	2024-05-07	852 B	104 kB	172.67.220.203
www.cpasbien.zip	unknown	unknown	No data	No data	11 kB	160 kB	172.67.178.162
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-07	423 B	99 kB	142.250.74.168
habovethecit.info	unknown	unknown	No data	No data	977 B	1.8 kB	143.204.55.89
tigainareputaon.info	unknown	unknown	No data	No data	1.0 kB	11 kB	104.21.18.115
o.pki.goog	unknown	2016-06-13	2024-04-24	2024-05-06	650 B	1.4 kB	142.250.74.131
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-06	1.0 kB	172 kB	104.17.24.14
zimages.ws	unknown	2019-12-03	2020-02-11	2024-04-05	4.8 kB	1.1 MB	172.67.138.97
d2t47qpr8mdhkz.cloudfront.net	unknown	unknown	No data	No data	1.1 kB	56 kB	54.230.241.146
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	444 B	17 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	bourrepardale.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	www.cpasbien.zip/themes/default/js/524eba27.js	37 kB	2023-12-03	2024-05-19
Pretty URL www.cpasbien.zip/themes/default/js/524eba27.js IP 172.67.178.162 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 09:03:12 Last Seen2024-05-19 19:51:37 Times Seen297 Hash dd509264e5718497cd67ad65d50a8641 480e2200fd244d68b5f8e1c90c0c6ce61699a7e8 a91b0f105197706c82220fc1485b86fa4be251b09cb6252d6a4c2221a03f86cc Loading...

	d2t47qpr8mdhkz.cloudfront.net/?rpqtd=1047757	168 kB	2024-05-08	2024-05-08
Pretty URL d2t47qpr8mdhkz.cloudfront.net/?rpqtd=1047757 IP 54.230.241.146 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 05:21:07 Last Seen2024-05-08 05:21:07 Times Seen2 Hash eb735919e85d412e7cfc3e052fd2db37 1fd081b1f6857bea28380b5cdb76a22134c26d77 cb9e742f81d2cb66d51a3af6b8f0b1df08d1fe37b2016276859703ce41bff7c5 Loading...

	www.cpasbien.zip/	153 B	2024-02-15	2024-05-19
Pretty URL www.cpasbien.zip/ IP 172.67.178.162 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-15 18:33:39 Last Seen2024-05-19 19:51:37 Times Seen38 Hash 81630d0fa87c615651f4e254f82b4d06 51589a6efc263ac6ce5262cbaa07a8fa4a4f5b9a c50325fe0fe59de6c1ed0bd94cb47634640a12715d5531527459f049b6d13618 Loading...

	bourrepardale.com/1clkn/56862	6 B	2023-03-07	2024-05-19
Pretty URL bourrepardale.com/1clkn/56862 IP 23.109.170.113 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-05-19 22:01:39 Times Seen15244 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW	292 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 05:21:07 Last Seen2024-05-08 05:21:07 Times Seen2 Hash 13d3b2096911bac1f115323bb8312373 ec93e10b524350b34610b98da015ebbb14b53a93 88d0f8656f7b64e8afe548c7e8276be8786c72011fabd64a8f93b4c28f815ff0 Loading...

	unknown	544 B	2024-05-08	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 05:21:07 Last Seen2024-05-08 05:21:07 Times Seen1 Hash 45bda59cd848315b4c0e935862226a8d 063fbeb8b91f8433698837ccb516075e1c8c809d 434f7ff8bd68461f72a91e4fab39574affc46ab71c07bab63e6be60b011453d4 Loading...

HTTP Transactions (59)

URL IP Response Size

www.cpasbien.zip/

172.67.178.162

301 Moved Permanently

167 B

URL User Request GET HTTP/1.1
www.cpasbien.zip/
IP
172.67.178.162:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET / HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 May 2024 03:20:33 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 May 2024 04:20:33 GMT
Location: https://www.cpasbien.zip/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8iMGGv%2BxoHzOgL8VGp0e8PTQ4YWocppFkK4LmSlFeYGO4zusOxLaIQE3NBZT81KAOtQUmyZPDe9FYiH%2Fgfan6Tn4xJvw8vyOXNSQrah3z1Sdtedw%2FsPTD1FlQqklasc%2BDYgq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8806508a1baa1c16-OSL
alt-svc: h2=":443"; ma=60

www.cpasbien.zip/themes/default/img/films.png

172.67.178.162

200 OK

469 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/films.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 24 x 26, 8-bit colormap, non-interlaced
Size
469 B (469 bytes)
Hash
3cec3dfcf1e873704f28e7d2384dff3a
f5c415574f934f94b10c6bc9781fbb3d1d7a0e76
38edf74ebff9c4dc743a29aadf0ea20bd98091e719550febf6f5d571156c000a

HTTP Headers

GET /themes/default/img/films.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 469
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "1d5-605383d4d92dd"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=94UyHwfcPV1%2F%2BmxnApwh%2FyXqA94b%2BFGjiNSHatCgzjfD5dW%2BTj1ewharV366otJg4feKkdIFcH21%2BUrpOdQ9eJ8lsHztxyOELFLrl7V5po31jRWQn9o2yiXlPykzTYoYWrOE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806508c8afb56b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/series.png

172.67.178.162

200 OK

403 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/series.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 27 x 26, 8-bit colormap, non-interlaced
Size
403 B (403 bytes)
Hash
2bddfe85c98143e5bb6519183336f87c
bc9fa56eb909ece774baa928df76a3ce4039c49d
94ddb07e30c66b9d96eec666d57029fc348c72db4760dd8034cc734dfb858785

HTTP Headers

GET /themes/default/img/series.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 403
last-modified: Wed, 13 Sep 2023 07:09:26 GMT
etag: "193-605383d6a71a8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hi5zhrr6FuzWp%2FehZoUDnt2FdZMEP9msHD%2B4MolwqLCn79Hp4kgZh%2FglZ1byBjXNa6mRYn7JYJatzRf8OpOf612Gv4Pj4Po1r8r0RKiMcq0jMFkUeuNgqGS73rolxWvr%2FBg1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806508c8afe56b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/musiques.png

172.67.178.162

200 OK

382 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/musiques.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 27 x 26, 8-bit colormap, non-interlaced
Size
382 B (382 bytes)
Hash
9c56b3a25a6284e52f9cd1158be5e303
25e21d5b4c5a6b09f5862996ca3f15a8401769cc
08edd9c0a6855b70327a4d722af084bad70470ef6df8f8c3a3487295493c5147

HTTP Headers

GET /themes/default/img/musiques.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 382
last-modified: Wed, 13 Sep 2023 07:09:26 GMT
etag: "17e-605383d676c33"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYe5c4Czlv2tF2zXazgAnEyyQ0F7xfimJkXp1NnSWZabfwZcwp%2FQNso7aqS0i65VH3o5xzd%2BHt7wSLxq2gQr%2FwqlObecivI%2BdD6TMoTmEOcfd%2Bf1QYkf8ZIyVqYOVEZhtfF7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806508c9b0056b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/jeux-pc.png

172.67.178.162

200 OK

409 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/jeux-pc.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 27 x 26, 8-bit colormap, non-interlaced
Size
409 B (409 bytes)
Hash
49c64c3c882cc7c19fc719da2f0020b4
4e00d078885b483e4d42392df21a8877a6b966a3
865e029efe6602571066859335eaedbc8d35e90cdb48284a2b04f2bbca316090

HTTP Headers

GET /themes/default/img/jeux-pc.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 409
last-modified: Wed, 13 Sep 2023 07:09:26 GMT
etag: "199-605383d5ee877"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNaZWe0IJS6OV9KubQg0AZ0l4w6wPn9xtJNtETLgOSPD2ehdDVI%2B87jHKWFD0yKTxUJfOfeeqJW%2FBEsD%2BIcRPKn21Fi6HDG4zFxzEL%2FXGhs7AKGVGRkn4AsFybO5Inl%2BrbmS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806508c9b0156b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/jeux-consoles.png

172.67.178.162

200 OK

409 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/jeux-consoles.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 27 x 26, 8-bit colormap, non-interlaced
Size
409 B (409 bytes)
Hash
49c64c3c882cc7c19fc719da2f0020b4
4e00d078885b483e4d42392df21a8877a6b966a3
865e029efe6602571066859335eaedbc8d35e90cdb48284a2b04f2bbca316090

HTTP Headers

GET /themes/default/img/jeux-consoles.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 409
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "199-605383d5b892a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zrvA1m8ZdQdesDmMoSynlRFtcTkGpxyAPp%2FIllcVCriLKJmfR%2BRx84MRBtcLQrUQiDAZ6wZJJolXoZLEkVUIXsc%2BOT%2FwjvCGa4MSke2%2BtKgPDcEkOT%2BB%2BEjk3aoNBFALjF5f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806508c9b0256b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/animes.png

172.67.178.162

200 OK

403 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/animes.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 27 x 26, 8-bit colormap, non-interlaced
Size
403 B (403 bytes)
Hash
2bddfe85c98143e5bb6519183336f87c
bc9fa56eb909ece774baa928df76a3ce4039c49d
94ddb07e30c66b9d96eec666d57029fc348c72db4760dd8034cc734dfb858785

HTTP Headers

GET /themes/default/img/animes.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 403
last-modified: Wed, 13 Sep 2023 07:09:23 GMT
etag: "193-605383d388fd7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lhXVbtybUwisi6zJXe%2FU3o1E%2F03qEEe5rNje5BD%2BIfg8GXjdOhYy1CDsnwVHlJZQsIq6cOmsPhrgREP2d8NhFiTf%2F9m5sDyxLCAdzGrbB5dP6dqsEqGja2jT%2B01Brucko7OS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806508cab0656b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/logiciels.png

172.67.178.162

200 OK

331 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/logiciels.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 27 x 26, 8-bit colormap, non-interlaced
Size
331 B (331 bytes)
Hash
59a1d28b5a8c083929300cc682ec287d
178d00847f26e8fb54500af2d6b7b84320632584
bb5f45236ea88212bc47b0159a378e7379359db9b8b90d4e49b7f2bc9c3abf38

HTTP Headers

GET /themes/default/img/logiciels.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 331
last-modified: Wed, 13 Sep 2023 07:09:26 GMT
etag: "14b-605383d632e3d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zqFGJpfiivvZ%2FNRdsBMFcyak39Jv3sO2rtJJU9luQTuK%2B0FeVlYx2lVPsACqrBWsgq7Ddzj6Sp77B5aAz3DgHMqG6Vd%2FDaIZZnCGN07tBlXPRlm7L0pjACHozsqEY3sodd%2F1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806508cab0556b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/animation1.jpg

172.67.178.162

200 OK

7.3 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/animation1.jpg
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2022:02:12 13:05:26], baseline, precision 8, 150x150, components 3
Size
7.3 kB (7306 bytes)
Hash
0573d4afb59612940a3e4823747adff4
82e478eb20d06a30e996ca6c7d52afaf8106e1e4
ca6263642c45acb1d6ee1f646306d393040ac67dd077a4bf07f1280364f6e8b7

HTTP Headers

GET /themes/default/img/animation1.jpg HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 7306
last-modified: Thu, 18 Jan 2024 11:04:47 GMT
etag: "1c8a-60f3654e2294f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1p95BOQE7unBdLpxOKupDKHQq6Ks49jV1LZRpCp5dYmEAx8sXjd53K9JpulT5qBkN%2FY0iMoNO6WzQueLBKbvEYmfqSojczSSC2KSxB5Qhq9J7wI3pXMjU70Pg6Gl7w7i83P0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806508cbb0e56b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/ebooks.png

172.67.178.162

200 OK

600 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/ebooks.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 27 x 26, 8-bit colormap, non-interlaced
Size
600 B (600 bytes)
Hash
d4892616a12c69fac0c2a2a7d705a738
a628f1a4973bc928f473cedac36162a823859708
c9b9a6c60b875d01a99c8aad7844c7c7d6210ec1c625bfd3b15810f2862df751

HTTP Headers

GET /themes/default/img/ebooks.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 600
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "258-605383d493d77"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytPMX8demJav1RUFdyKLtAif0ggAVZ8VuG5cWd0zDebHBjF1agyLGXaQWAd9p%2FyE6stGtoRg21AWlNZcry6MoqZkFJ9%2BzS8I7pfaS8Z7Xu7zzrV6TBtSwef0zcMlfHyvnikW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806508cab0756b7-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.css

104.17.24.14

200 OK

20 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text
Size
20 kB (19472 bytes)
Hash
e3d3126e93fc1303cf862d5852f56654
357908650e3a2f75f7e77c3e741e8bd0cfa07625
340d09d12141a30f53d870d647f2f4ba93047709331cd441c43db7301bd52d68

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/css/all.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: text/css; charset=utf-8
content-length: 19472
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-4c10"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 644443
expires: Mon, 28 Apr 2025 03:20:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5wQ9BWNedP0wzL6MmkhZnffilcNAucXea%2FeFvfrEK%2FCRysrLQux%2BO3YRsuemYqFn%2FauXOeUQL8k%2FMDXZlUTFrDeU6AvDWMUt7ulxAme114prHmKRLFIznu1XEKMzBgjME74LpvRr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8806508d3e1d7130-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/2b4a13b5a0f54f5e0abb14cec9eb764d7507bd16.jpg

172.67.138.97

200 OK

137 kB

URL GET HTTP/2
zimages.ws/uploads/image/2b4a13b5a0f54f5e0abb14cec9eb764d7507bd16.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
137 kB (137352 bytes)
Hash
24ef5680c3ba27dc345b71e5d9535e53
63adefef302f706424b2200ac04c2f86d8505a93
874528de3b14d4dbfa4b7481aaf2f95943fdf4980acf80526a06996a6ffe6a04

HTTP Headers

GET /uploads/image/2b4a13b5a0f54f5e0abb14cec9eb764d7507bd16.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 137352
last-modified: Wed, 15 Feb 2023 12:09:48 GMT
etag: "21888-5f4bbf4e0fb00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 112833
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kAyDsh4hnby%2FmWjFRJ3qUJOUpfiVHQyT4Gbn8QXsUWIdLMPYE0sPV3a3dU7s2ZfQP7qSEZ7%2BhsdxAcKPNAipBWdhbiuyGr2DyU2j0f%2B%2BB7vWctTyWaDG24uOtUAq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8806508d7d4b56b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/0c4110910ecb4a7a576346b6dac1b94b7d7bbf27.jpg

172.67.138.97

200 OK

76 kB

URL GET HTTP/2
zimages.ws/uploads/image/0c4110910ecb4a7a576346b6dac1b94b7d7bbf27.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x333, components 3
Size
76 kB (76158 bytes)
Hash
edc4dedbb60fa707a9065e5fe9e63e05
c5ad026414b6bf5e7d44870102695838771e154a
3ca460ccae13d2aae5ec2eef03edbb8ce5722359a4cdbc8c96c8c4f0a41993ef

HTTP Headers

GET /uploads/image/0c4110910ecb4a7a576346b6dac1b94b7d7bbf27.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 76158
last-modified: Wed, 15 Feb 2023 12:05:06 GMT
etag: "1297e-5f4bbe4120080"
cache-control: max-age=14400
cf-cache-status: HIT
age: 112833
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARY7oUF9UFDM0QSSZRFx0QgxRtEUG10di4nCdRLnJ5yFxZhmS1bBG56KzGpoZ51BhHggHDZMm7ykTjRocbmuXKRESIqI5yGfq5QrsQ2%2FTft7o47oXwWMESCA20Ym"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8806508d7d4f56b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/5335258a03cd4effdbaaa2c111a93f4032a25564.jpg

172.67.138.97

200 OK

74 kB

URL GET HTTP/2
zimages.ws/uploads/image/5335258a03cd4effdbaaa2c111a93f4032a25564.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x354, components 3
Size
74 kB (74133 bytes)
Hash
a91bd20ec37e8bd1ea51970eec21c6ee
57e01b613f72318ce6e9d17c6125322cc513138e
f461594c3eb535eff29942163f70d65e77bb08ac2d204ec4410b47adc413d713

HTTP Headers

GET /uploads/image/5335258a03cd4effdbaaa2c111a93f4032a25564.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 74133
last-modified: Wed, 15 Feb 2023 12:15:42 GMT
etag: "12195-5f4bc09fa9780"
cache-control: max-age=14400
cf-cache-status: HIT
age: 112833
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRTaOTyG5adMWbra1q8VpSxXPPky4LCD9mMcCLXij3%2FTp2eFXL%2Fdg%2FzScYfPKd51%2Fw1tnlNUB5pNo9KQHPAzkqs%2FKa0P73Mi8rBNSWfSho5nOn4r6qXl1hMDKjVz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8806508d7d5656b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/d144efd8422ce7f79b22fc9a0b43174095024859.jpg

172.67.138.97

200 OK

129 kB

URL GET HTTP/2
zimages.ws/uploads/image/d144efd8422ce7f79b22fc9a0b43174095024859.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
129 kB (128910 bytes)
Hash
81543078469b1b1e7ad995aababdafac
e87e5f76b462fe2f543391423fa1ae719196eba7
b9d2e47ba45438aaeef8a20ddcffe8f98cfb2fb4ca131aef2ab76a2ca97ff2a6

HTTP Headers

GET /uploads/image/d144efd8422ce7f79b22fc9a0b43174095024859.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 128910
last-modified: Wed, 15 Feb 2023 12:35:31 GMT
etag: "1f78e-5f4bc50d94ac0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 112833
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qCo1xpQi64ic6fwaDFGZIent56YeEMcnLm6rFbim95MZbgYykYczQ1f8jocxEiZ7jQNiNwNywJD6i6kczFDshJZ61qQ7kGho0f%2B1HDS9x7jakOGy%2BOc%2FrpisyL%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8806508d7d4d56b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/1ebd2148a111a59bb7559ec84f6df9e79c1870d1.jpg

172.67.138.97

200 OK

104 kB

URL GET HTTP/2
zimages.ws/uploads/image/1ebd2148a111a59bb7559ec84f6df9e79c1870d1.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
104 kB (103739 bytes)
Hash
a0c06f59cdf7217df6b720a70fb37394
94b2ef19e1c20f616d62adb5ee871a29ccb354a0
536c49783a1691b6693133c1340317b0b4d5d844f560db60197b04cccce202f4

HTTP Headers

GET /uploads/image/1ebd2148a111a59bb7559ec84f6df9e79c1870d1.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 103739
last-modified: Wed, 15 Feb 2023 12:07:54 GMT
etag: "1953b-5f4bbee157a80"
cache-control: max-age=14400
cf-cache-status: HIT
age: 112833
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=luS6aBwfBr9hx5sqXTEnskYIgNPLd0Xa4eLmhgZCEIPLMgtSVW%2FXHlEppJRnrk0fbvL82vEFHf32HDRDGhvlGXisk9XLbGAU9sH1LO%2FXH9%2BoQfAVNZyidGb2clXH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8806508d7d4c56b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/cbfa465cb07c90bc29d34678ece707ea68fdd16b.jpg

172.67.138.97

200 OK

115 kB

URL GET HTTP/2
zimages.ws/uploads/image/cbfa465cb07c90bc29d34678ece707ea68fdd16b.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x371, components 3
Size
115 kB (114867 bytes)
Hash
71e1aad661d47e21577c9d9a222539ac
eab872f352ca163c85500411e66a491b692e13b2
5e0567f724971ddd09505979e4ecbafe950174f6317665cdc209c1421834f742

HTTP Headers

GET /uploads/image/cbfa465cb07c90bc29d34678ece707ea68fdd16b.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 114867
last-modified: Wed, 15 Feb 2023 12:34:40 GMT
etag: "1c0b3-5f4bc4dcf1800"
cache-control: max-age=14400
cf-cache-status: HIT
age: 112833
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3kagzu9fhAVY%2BaYWsgm4EjJ7LXs2exg6hTGEUEVLBclLTL5QuOtEGi%2Brfw272h6ctZYeynfPCadTPXnGloxEdI90hGajM9Bp%2B8G%2BJGwfyEV0VJd%2B75GLy9DG5oJk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8806508d7d4a56b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/32b19a8a6504f1b885eaaa316064354398a9d7c5.jpg

172.67.138.97

200 OK

124 kB

URL GET HTTP/2
zimages.ws/uploads/image/32b19a8a6504f1b885eaaa316064354398a9d7c5.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x333, components 3
Size
124 kB (124055 bytes)
Hash
806d6f0ccf77204c447d2018c739fe3f
cb89c091d607e898193a5d998a0d98ce6bd9ede3
1ce19ccfeb62efcc229d11272b685b484878b22d3615349cc2fc45f57f549254

HTTP Headers

GET /uploads/image/32b19a8a6504f1b885eaaa316064354398a9d7c5.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 124055
last-modified: Wed, 15 Feb 2023 12:10:53 GMT
etag: "1e497-5f4bbf8c0cd40"
cache-control: max-age=14400
cf-cache-status: HIT
age: 112833
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ck2RNt%2BRx3lE9VzN7kZ2Hj3%2FH1ka%2Bft8OwqjkJD646A2XbLzxoL7o5LpIv7m0v49BTq1xYgrRWirl%2BfY0Ji6BhNXNQrKgg4u5o%2Bkcwa95JuXvo%2Fnqg%2Fv7wX86%2BkB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8806508d7d5456b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/d4a71764e07c7c4bb4e9de4edff37a6f31321ebb.jpg

172.67.138.97

200 OK

132 kB

URL GET HTTP/2
zimages.ws/uploads/image/d4a71764e07c7c4bb4e9de4edff37a6f31321ebb.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
132 kB (131670 bytes)
Hash
5a4b148b104dd47e8fa33a06d3426df2
189fecadb1cb50e659c0a4411b3d8753fb4bda50
64290c97fce79397e0319f64a7534277d19fbf7fd292cf59600cca974f81a705

HTTP Headers

GET /uploads/image/d4a71764e07c7c4bb4e9de4edff37a6f31321ebb.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 131670
last-modified: Wed, 15 Feb 2023 12:36:05 GMT
etag: "20256-5f4bc52e01740"
cache-control: max-age=14400
cf-cache-status: HIT
age: 112833
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kU6MFVxpOLhlNSLNIUkiNxRasV5P5bXfucZUpRDrzM4bm54Jv0zZ0RU7TfsjdLBjTDDDscLDBdC6XeoCNkgWwRh%2FyQDkymCAOtqext9%2FgFJhv%2Bb5khYkY25zVx8O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8806508d7d4e56b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/d2bdab22a6bb3d76b6666a8a7360d6d0c5ec1c4a.jpg

172.67.138.97

200 OK

117 kB

URL GET HTTP/2
zimages.ws/uploads/image/d2bdab22a6bb3d76b6666a8a7360d6d0c5ec1c4a.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
117 kB (116925 bytes)
Hash
ba1c08c9a835f1dc5ac0cecd0085b461
d2181027051766074871d3532f257bb99cd65cf0
fe8b7d2ead010a33ebbe1db715aa8415d000b6b150f4a9081a3dba24fde6fa9c

HTTP Headers

GET /uploads/image/d2bdab22a6bb3d76b6666a8a7360d6d0c5ec1c4a.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 116925
last-modified: Wed, 15 Feb 2023 12:35:46 GMT
etag: "1c8bd-5f4bc51be2c80"
cache-control: max-age=14400
cf-cache-status: HIT
age: 112833
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KpmaRkDhFRUF7XunwMBlbeNzx8vAU89ZLBOfTQrjb19%2BMyjjLe0mPpjHrX0Hd1kqpwVdCj0X0ABh9AjzGRGiZh4OVCebWeDwrOcx4SFw4ieNxG15PJUi3wDETDlt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8806508d8d5a56b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/6ff64f279ae49edb2484f5201cfad2a54df6691d.jpg

172.67.138.97

200 OK

67 kB

URL GET HTTP/2
zimages.ws/uploads/image/6ff64f279ae49edb2484f5201cfad2a54df6691d.jpg
IP
172.67.138.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 375x500, components 3
Size
67 kB (67401 bytes)
Hash
c48a95268bfe9e922fd3b6916b6dc8bf
00a59dff3d1017725887df9158cf6951e1d45556
316b076ed4cc17d540c7924d3ffa6d5ed4c6808f5f247e9888052452caf790ba

HTTP Headers

GET /uploads/image/6ff64f279ae49edb2484f5201cfad2a54df6691d.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 67401
last-modified: Fri, 13 Oct 2023 08:04:04 GMT
etag: "10749-607947ffb6500"
cache-control: max-age=14400
cf-cache-status: HIT
age: 112833
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nnq6Nsb7wXZhgYZSlfkvsenPTRNsNR3JvXGbPvdLoKZMqe7Pieu7CH%2BUpbNxJAwiuy9z60Ham9rQeyMhJejS37CrIXqQjYVlDAdIyIsFxg6ncdsiZGK0t%2FFrpg3c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8806508e8dd356b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

d2t47qpr8mdhkz.cloudfront.net/?rpqtd=1047757

54.230.241.146

200 OK

54 kB

URL GET HTTP/2
d2t47qpr8mdhkz.cloudfront.net/?rpqtd=1047757
IP
54.230.241.146:443
ASN
#16509 AMAZON-02

Requested by
https://www.cpasbien.zip/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15945)
Size
54 kB (54496 bytes)
Hash
eb735919e85d412e7cfc3e052fd2db37
1fd081b1f6857bea28380b5cdb76a22134c26d77
cb9e742f81d2cb66d51a3af6b8f0b1df08d1fe37b2016276859703ce41bff7c5

HTTP Headers

GET /?rpqtd=1047757 HTTP/1.1
Host: d2t47qpr8mdhkz.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 54496
date: Wed, 08 May 2024 03:20:34 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mAZSMDIsPDJF2kkumoGQVUOE-ICzXXXhrJMnIs0WuOy7jyNOGtISMA==
X-Firefox-Spdy: h2

bourrepardale.com/1clkn/56862

23.109.170.113

200 OK

26 B

URL GET HTTP/1.1
bourrepardale.com/1clkn/56862
IP
23.109.170.113:443
ASN
#7979 SERVERS-COM

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectbourrepardale.com
Fingerprint9C:52:0E:6E:A8:1B:CA:C0:B0:B8:5F:82:75:4C:49:1E:EA:78:A1:93
ValidityTue, 05 Mar 2024 14:00:39 GMT - Mon, 03 Jun 2024 14:00:38 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/56862 HTTP/1.1
Host: bourrepardale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 03:20:34 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 09-May-2024 03:20:34 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 09-May-2024 03:20:34 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW

142.250.74.168

200 OK

98 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (3969)
Size
98 kB (98294 bytes)
Hash
13d3b2096911bac1f115323bb8312373
ec93e10b524350b34610b98da015ebbb14b53a93
88d0f8656f7b64e8afe548c7e8276be8786c72011fabd64a8f93b4c28f815ff0

HTTP Headers

GET /gtag/js?id=G-TKZGESD6CW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 03:20:34 GMT
expires: Wed, 08 May 2024 03:20:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98294
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.cpasbien.zip/themes/default/img/logo.png

172.67.178.162

200 OK

2.9 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/logo.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 280 x 102, 8-bit colormap, non-interlaced
Size
2.9 kB (2863 bytes)
Hash
bbe71e764c32438317b3e7f4785dc3b0
870063ae5643493ac6045608343d24b529355531
2312f04966bcdc4143b4392cea49a917a96be8f1b50f95282cb6d1d1bdd0bd81

HTTP Headers

GET /themes/default/img/logo.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 2863
last-modified: Wed, 13 Sep 2023 07:09:26 GMT
etag: "b2f-605383d658bb8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282484
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F3JE9RoBWAW4xgopDUQrTY6FePK%2FEHStWOy05mAgp%2FOXRx89GSYJQRyo071KsYlr1ZdeqPnZztAEjLhtrWXt%2FgvGZu2Lw%2Bp51Jac5Y241TeFB2iXuTcRr%2BYfHi6w3yB8QHO%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88065090fcb456b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/btn_recherche.gif

172.67.178.162

200 OK

1.1 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/btn_recherche.gif
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
GIF image data, version 87a, 36 x 43
Size
1.1 kB (1081 bytes)
Hash
60018e565bdd1d7db987a8050552f58a
e07df01a9f332ad1b817e7c685256fa1e7bc5851
c03fa49e2b84a02341b5e0fd22fdccbe05609d94ab6ff1e91212cfcbe51e21fc

HTTP Headers

GET /themes/default/img/btn_recherche.gif HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/gif
content-length: 1081
last-modified: Wed, 13 Sep 2023 07:09:23 GMT
etag: "439-605383d3816be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282484
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5UVED9H17H47UmF2l1q%2BhwHzVnhGSTPu8mfFd4fT5lw5Hqu%2B1opaQkKWPmMusuf1p9Sr%2FmRlFRDyvtgBuEWU8G1L8CJ1UPc1bLUdaNIWuPp%2BKaW4PLi%2BOGd3E0o2ZYx1Lfu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88065090fcb656b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/centre.gif

172.67.178.162

200 OK

1.3 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/centre.gif
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
GIF image data, version 89a, 1111 x 7
Size
1.3 kB (1314 bytes)
Hash
e39d9162d6261195559068e10f49e782
d75dfaf34ed95d4eb754d2e7c35fb84a7e2afa30
f57d88ee62eb309ee7567b3d6a7b54a704874c719d6888b8b581bb0dd54327be

HTTP Headers

GET /themes/default/img/centre.gif HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/gif
content-length: 1314
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "522-605383d3d7d96"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282484
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVI1d%2BER8V7s1MvrRDBpYYw9KoSr2%2FTyu39p264WbctjtNKLfI1MEDiSoUdpyEbIDhYlVMSjAbSt9H2ZKFhDCJSX9RmYUp7dqEYNJmZvVQBPvX32gz7wfPj89gaEts2JJeTY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88065090fcb756b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/download.png

172.67.178.162

200 OK

176 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/download.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 16 x 16, 4-bit colormap, non-interlaced
Size
176 B (176 bytes)
Hash
fe4223aeb017fc82008c4ae1a9e72fe0
e566c7cd650ad5c6a062236dd48d391bd0628f0d
075c54e8957e256ec2a4b1a8db4932722813e32cd3d9f6a95f86b281c4bf23c9

HTTP Headers

GET /themes/default/img/download.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 176
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "b0-605383d4764cc"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282484
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SwDjS3yPafO7u%2BpWL1RLv%2FndPZg0%2BFIZeWYt04ijchQwey7VbLxLM4Jlfm01o1dc5j8NiiZwPImVsCvSjiu78YR9X4%2BZpBOVqcyoikOxfN6LJcQEp7HbpJRvMVj3htqT3Qy3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88065090fcba56b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/fleche.png

172.67.178.162

200 OK

205 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/fleche.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 12 x 17, 4-bit colormap, non-interlaced
Size
205 B (205 bytes)
Hash
cb268bc4f58066a101bed7662f1eb522
b7803dd11f24e062196db0623b6d3ab72fe1d17e
d7ede82edab2f12f418c63fb03cad9c31dabf0765d32e8882e7c3881c4dddf4b

HTTP Headers

GET /themes/default/img/fleche.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 205
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "cd-605383d51675b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282484
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g0oZH7H7S3HjU4Ygf4nQoJtMPcA22fRlg51msEP0NyLjiaQ3V%2FPXsnliv8csxPVKpqiQOGm3r3LYoSNRlk%2Fo7S4rsBlFDruSCYu5xhhjECB57rHSnV7CHMiRJAErbvA1%2BZ9E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88065090fcb956b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/up.png

172.67.178.162

200 OK

296 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/up.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 15 x 16, 8-bit colormap, non-interlaced
Size
296 B (296 bytes)
Hash
fb656ac10987ff66eef6484030c461a0
15dbd2de657d4ae83cbafe6209b5b5b15dc534ea
95b748fd9ba6902a8ea51bca013970170d5c54b5427b54f942ca1fe4eded9dc4

HTTP Headers

GET /themes/default/img/up.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 296
last-modified: Wed, 13 Sep 2023 07:09:27 GMT
etag: "128-605383d6fff90"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282484
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWIX0BSZr8eDWq%2FgikU1oxWCKvR7aBFvGvgJrjE38PTSwCESl9zEz2V8gTZ72tXxqLw%2B6ZsGluRwLSVxRWOZuJHErW6OHOyBPdONRdY2UPA4OYhLiBsrwBVQWVYcES1al6TA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88065090fcbb56b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/h3.jpg

172.67.178.162

200 OK

6.3 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/h3.jpg
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x56, components 3
Size
6.3 kB (6279 bytes)
Hash
70352c1e036103909bc6751a72d05ba0
8b2d2bab788deba16f07dc5c5460a6981d9d7f51
796f1144081fdd9cc14606ce97d2c0494f9231a547b6e31ee175bd76e17bc4bf

HTTP Headers

GET /themes/default/img/h3.jpg HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 6279
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "1887-605383d565902"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282484
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAMcOJKE4SFCWPUZ5ryl6i99avpmi58GkMUD6qiBhQFGZSslCzITxu1a6SGD%2F6vn%2FIE%2FB%2FC%2BLxcrKUGsG7%2FUdpRtpiedeI%2FhZt9shOWnzi7kMdeSUIKnozbNIOZrssL6NTTN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88065090fcbe56b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/fond.jpg

172.67.178.162

200 OK

32 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/fond.jpg
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2520x142, components 3
Size
32 kB (32310 bytes)
Hash
56121fe0070d93736b8fe5ea7d3c9524
1c91ca6ed08d9f7bbd20088faf3f401c4f720107
a64aa3531489683535c374c4631338a7ca4ca15e8c3ebf6c7f4ea8ad8005b1d3

HTTP Headers

GET /themes/default/img/fond.jpg HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 32310
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "7e36-605383d51ffb4"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OFRmgiCoSAh7o7ig6L9CHiFNcjwMtuVy91R759Ex4yE0JTInrcS3YzOfzi8G4X3wOwOeDCWgYt40L%2B44d%2Fe2zgR0ZvmPIUjJ5X5DtA%2B5S6Ml6vL75zaLEsGNe0XmoUHtAImH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88065090ecb256b7-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/down.png

172.67.178.162

200 OK

297 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/down.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 13 x 16, 8-bit colormap, non-interlaced
Size
297 B (297 bytes)
Hash
4b96bdc869168ccdc1b1ae853121897b
395ea2f64be755455835d3b7bdf7b3f7b801844f
7b69189c5806a7b185517cc49e0fdf943da67409157185f789af1f5fb736e84b

HTTP Headers

GET /themes/default/img/down.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/png
content-length: 297
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "129-605383d44f7b1"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4aTYfFryq2q%2FgE8oIEHDjgAfxekSWAipIcz5rc%2FOx3JhrPrXX6JdBLx13Dz6Fe%2BXu8f0kth8ZSOU6WSqzP48KMlmBrDimX95W59T71Q%2Bz6obgqtqx0V6olEAXxtJH0bNV0M0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88065090fcbd56b7-OSL
alt-svc: h3=":443"; ma=86400

ads2550.bid/z8IaIva7v_y4v5lqjRlIiVJH9A-qj9G3lTHPFfh5aIZvWXVze1aiWWmakLyDxo6aBr8MEsPbhA7_f6trYfj715srrbKCERV9ZNpl9hmaEquImLlgIRgkJj64zEQZd04AIEUVuRXyGhWTIkuaPE7ARAbH2wq7-BpPbj8dtcltm2j0OkOmBk_RPo1JdwCX95GhOut5ND9r7qJ_mLmBwQRCi9aWq7Okpulkys1vnz04kzhZ7gC2ww9ZjeBXg6eMBaXTdrZweqVL1MAN8R54NxhC1dkuqCK8JMhF5ELywcKFzZ2F2WkEmUltAOiMrXCtMb1pPsiKD_zYraqqggSf6V2wKAWkcqimsvL7ixS7DQGUUb2LCR_Up0BytDg2UzM6aeZCfaCxED2nv6X40XWB45y3hm5vysplYqoJt4dCUY-hGZZ5sqMloDxRCayhyrTnJ6VjSvoqWdRUb-2wo5-A2-T2U6QQKLf1qZMI-f9Xxqy5lK3sIFiJZ5JxMsHCW5dKTvjf_QIV0dqBV13cgkC5dVusNA0cQWg?

74.117.182.84

200

710 B

URL POST HTTP/1.1
ads2550.bid/z8IaIva7v_y4v5lqjRlIiVJH9A-qj9G3lTHPFfh5aIZvWXVze1aiWWmakLyDxo6aBr8MEsPbhA7_f6trYfj715srrbKCERV9ZNpl9hmaEquImLlgIRgkJj64zEQZd04AIEUVuRXyGhWTIkuaPE7ARAbH2wq7-BpPbj8dtcltm2j0OkOmBk_RPo1JdwCX95GhOut5ND9r7qJ_mLmBwQRCi9aWq7Okpulkys1vnz04kzhZ7gC2ww9ZjeBXg6eMBaXTdrZweqVL1MAN8R54NxhC1dkuqCK8JMhF5ELywcKFzZ2F2WkEmUltAOiMrXCtMb1pPsiKD_zYraqqggSf6V2wKAWkcqimsvL7ixS7DQGUUb2LCR_Up0BytDg2UzM6aeZCfaCxED2nv6X40XWB45y3hm5vysplYqoJt4dCUY-hGZZ5sqMloDxRCayhyrTnJ6VjSvoqWdRUb-2wo5-A2-T2U6QQKLf1qZMI-f9Xxqy5lK3sIFiJZ5JxMsHCW5dKTvjf_QIV0dqBV13cgkC5dVusNA0cQWg?
IP
74.117.182.84:443
ASN
#40824 WZ-US-40824

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectads2550.bid
Fingerprint61:EF:FF:E5:CE:C9:12:7D:E5:30:6D:0E:9D:CE:78:A6:BB:45:C9:9B
ValiditySun, 05 May 2024 08:02:05 GMT - Sat, 03 Aug 2024 08:02:04 GMT

File type
JSON text data
Size
710 B (710 bytes)
Hash
de02e22d88a87e83889daf67fb9b73c8
fbc0699d95de4d48361be94471851b167f83e958
283e0ba20ca3874977ec1a09001daea364b69baed6a6d5462ca05f94b6400428

HTTP Headers

POST /z8IaIva7v_y4v5lqjRlIiVJH9A-qj9G3lTHPFfh5aIZvWXVze1aiWWmakLyDxo6aBr8MEsPbhA7_f6trYfj715srrbKCERV9ZNpl9hmaEquImLlgIRgkJj64zEQZd04AIEUVuRXyGhWTIkuaPE7ARAbH2wq7-BpPbj8dtcltm2j0OkOmBk_RPo1JdwCX95GhOut5ND9r7qJ_mLmBwQRCi9aWq7Okpulkys1vnz04kzhZ7gC2ww9ZjeBXg6eMBaXTdrZweqVL1MAN8R54NxhC1dkuqCK8JMhF5ELywcKFzZ2F2WkEmUltAOiMrXCtMb1pPsiKD_zYraqqggSf6V2wKAWkcqimsvL7ixS7DQGUUb2LCR_Up0BytDg2UzM6aeZCfaCxED2nv6X40XWB45y3hm5vysplYqoJt4dCUY-hGZZ5sqMloDxRCayhyrTnJ6VjSvoqWdRUb-2wo5-A2-T2U6QQKLf1qZMI-f9Xxqy5lK3sIFiJZ5JxMsHCW5dKTvjf_QIV0dqBV13cgkC5dVusNA0cQWg? HTTP/1.1
Host: ads2550.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
permissions-policy: *
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true
access-control-allow-origin: https://www.cpasbien.zip
set-cookie: UUID=a5422175-f779-5bdd-9035-7ae658bf7920; Domain=ads2550.bid; Expires=Thu, 12 Jun 2025 03:20:34 GMT; Path=/; Secure; SameSite=None
content-type: application/json;charset=UTF-8
content-length: 710
date: Wed, 08 May 2024 03:20:34 GMT

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 521134
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 521134
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.cpasbien.zip/themes/default/img/footer.jpg

172.67.178.162

200 OK

37 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/footer.jpg
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2520x177, components 3
Size
37 kB (36753 bytes)
Hash
c0766070776e0c559c47298d6bee215f
822129afebf0bc3dfd15d862e22e14e3611f6456
d2ce4b28b0865f996c7a2e24ab7ca168f6bf601c2f17508362e57bf1e06fbf6a

HTTP Headers

GET /themes/default/img/footer.jpg HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: image/jpeg
content-length: 36753
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "8f91-605383d569783"
cache-control: max-age=14400
cf-cache-status: HIT
age: 282484
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fsaLJ5hG4DDdGLO9lMVa0C6pMtoBSuH3Km25KxGYgfs9Dt%2B5XBwlBH5jRYe7EJSSWlicvHB%2Bhy7sC%2BRaRIoolCiBRWnFBVP8v%2FE6%2BKbgEEAY4ENFLfpxRl4w6z%2B3jn5IzkkM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88065090fcc156b7-OSL
alt-svc: h3=":443"; ma=86400

habovethecit.info/NHlXcE9VGzQdcFVENVY6RhVqVX1yXGU2KwYNY0c+RAtvHStcEi1eLFgWIhQpRhY5BGFaHCNVfXIgDTYjRhhmHwd6HgI+FWY4IDR+bgsBN35XIRBJG1IBJCofQzM8OA1DDQQaIFY6PhsIeThjNit2TSA3fwQOEQoWcj5lEwN9KjwWCHU0Yzg1UyocCn56MS4xDm4/Iz4BUyxkNAluQRYkLH0vOgQMezhvOhUFO3JCCXwBJEELBig1NzZbKQcYOHkpFkQ7YCtjRxhgKBI1G3kwGSE/exgUOjxmLyNVfXIvOhwLcUsjJilyHicWfm4JFQcGBDwENgBjLjgTFmJUZ0AtcjtvJwxYXGU2GVkSDTgXDSEQNgVQHREiOGAVOwEOTg4eMQtiOzYJfm4YOyY/Y0gnARlsAQ0nNUM3HAd7ejcFCHdjKmYaGlodNSQcDSM2MWleCjgePwkWLzI7dh42BBx8NjM

143.204.55.89

200 OK

1.2 kB

URL GET HTTP/2
habovethecit.info/NHlXcE9VGzQdcFVENVY6RhVqVX1yXGU2KwYNY0c+RAtvHStcEi1eLFgWIhQpRhY5BGFaHCNVfXIgDTYjRhhmHwd6HgI+FWY4IDR+bgsBN35XIRBJG1IBJCofQzM8OA1DDQQaIFY6PhsIeThjNit2TSA3fwQOEQoWcj5lEwN9KjwWCHU0Yzg1UyocCn56MS4xDm4/Iz4BUyxkNAluQRYkLH0vOgQMezhvOhUFO3JCCXwBJEELBig1NzZbKQcYOHkpFkQ7YCtjRxhgKBI1G3kwGSE/exgUOjxmLyNVfXIvOhwLcUsjJilyHicWfm4JFQcGBDwENgBjLjgTFmJUZ0AtcjtvJwxYXGU2GVkSDTgXDSEQNgVQHREiOGAVOwEOTg4eMQtiOzYJfm4YOyY/Y0gnARlsAQ0nNUM3HAd7ejcFCHdjKmYaGlodNSQcDSM2MWleCjgePwkWLzI7dh42BBx8NjM
IP
143.204.55.89:443
ASN
#16509 AMAZON-02

Requested by
https://www.cpasbien.zip/
Certificate
IssuerAmazon
Subjecthabovethecit.info
Fingerprint38:74:19:B2:CD:B6:EF:31:D4:35:71:5C:7D:82:82:D3:98:DC:BB:F5
ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3049), with no line terminators
Size
1.2 kB (1202 bytes)
Hash
b0edabe52d9431aa70d855ad8a8b329d
089c440abd353f22a9cd53bad0aadd900d65b578
2fc02a49d0d9003115c60957ca719c5bfd230703a0aae9eb75cc20504f5fc667

HTTP Headers

GET /NHlXcE9VGzQdcFVENVY6RhVqVX1yXGU2KwYNY0c+RAtvHStcEi1eLFgWIhQpRhY5BGFaHCNVfXIgDTYjRhhmHwd6HgI+FWY4IDR+bgsBN35XIRBJG1IBJCofQzM8OA1DDQQaIFY6PhsIeThjNit2TSA3fwQOEQoWcj5lEwN9KjwWCHU0Yzg1UyocCn56MS4xDm4/Iz4BUyxkNAluQRYkLH0vOgQMezhvOhUFO3JCCXwBJEELBig1NzZbKQcYOHkpFkQ7YCtjRxhgKBI1G3kwGSE/exgUOjxmLyNVfXIvOhwLcUsjJilyHicWfm4JFQcGBDwENgBjLjgTFmJUZ0AtcjtvJwxYXGU2GVkSDTgXDSEQNgVQHREiOGAVOwEOTg4eMQtiOzYJfm4YOyY/Y0gnARlsAQ0nNUM3HAd7ejcFCHdjKmYaGlodNSQcDSM2MWleCjgePwkWLzI7dh42BBx8NjM HTTP/1.1
Host: habovethecit.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1202
date: Wed, 08 May 2024 03:20:34 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qxc5LZEBcJsb2W4yvQFh_PFAitrkY-8UxyFs-YZlBgyxN5AXZVBykw==
X-Firefox-Spdy: h2

tigainareputaon.info/MFZmMVAfaQVCbVFmDn00aBwDV2MBEzd3aQkzM3sUZzgKBgJlH0BFOVRrVwFkB2FTBnZAPwIMYRYlElAkRSVbAHZZOABebRYgWwB+A2JIAmYeYkBEbQFwEkExV2tXFyBEIgoMYQdnUwBjCGJVBWcCYQ

104.21.18.115

204 No Content

0 B

URL GET HTTP/2
tigainareputaon.info/MFZmMVAfaQVCbVFmDn00aBwDV2MBEzd3aQkzM3sUZzgKBgJlH0BFOVRrVwFkB2FTBnZAPwIMYRYlElAkRSVbAHZZOABebRYgWwB+A2JIAmYeYkBEbQFwEkExV2tXFyBEIgoMYQdnUwBjCGJVBWcCYQ
IP
104.21.18.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjecttigainareputaon.info
Fingerprint05:C6:98:66:10:C1:C4:21:E9:78:30:6D:B4:FC:8C:F0:9F:11:B9:BA
ValidityMon, 01 Apr 2024 06:58:58 GMT - Sun, 30 Jun 2024 06:58:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MFZmMVAfaQVCbVFmDn00aBwDV2MBEzd3aQkzM3sUZzgKBgJlH0BFOVRrVwFkB2FTBnZAPwIMYRYlElAkRSVbAHZZOABebRYgWwB+A2JIAmYeYkBEbQFwEkExV2tXFyBEIgoMYQdnUwBjCGJVBWcCYQ HTTP/1.1
Host: tigainareputaon.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Wed, 08 May 2024 03:20:34 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VM1aj%2FMiDQa2JXqyLlqJD9EY3jJmE1%2Ft6vXy%2FK3HEny7Mu7SVwsQWTUljZjeUiqYK18GmDfsQY3P20qQeJr1NhY5b7TA5EFnJGFekReGjrJI0XOHVzqqxmTrVVaHtHz4BVffQ3q%2BCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88065091ae99712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2

104.17.24.14

200 OK

150 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150472, version 770.256
Size
150 kB (150472 bytes)
Hash
3e50e269ee627bb2279f91d18c085167
a7fca574d24e9ffa5ee0e0589ffe17277ae4ec27
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150472
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "630e6e62-24bc8"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Mon, 28 Apr 2025 03:20:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ChBWVavxm9x0vV1zPtPWZ03szM%2FACYv4WhYjTIuJmHptuXpe%2BvwAK53XmZQFim%2FuD%2BUqF1coxRpMhjsqKi%2BmXeqJ8GIpjN8z5Z0npb77Y1bs9v4ATu%2B7YFNbULtZXnjPmIQVUg5Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880650912976b511-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/favicon.ico

172.67.178.162

200 OK

539 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/favicon.ico
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
539 B (539 bytes)
Hash
730f19e40d8bc2a05b5d9418ed6d024e
27f4146350e935b83783164858fc3a41016e64fb
7798ef17288a5134d37d5aa28845eee32b62721e9e32d152f8c50c5f2f1b347c

HTTP Headers

GET /themes/default/img/favicon.ico HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Cookie: _ga_TKZGESD6CW=GS1.1.1715138434.1.0.1715138434.0.0.0; _ga=GA1.1.1365832962.1715138435
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:35 GMT
content-type: image/x-icon
content-length: 539
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "47e-605383d4c71cc-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 282482
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2KYzmhN3aA2caoHK3etXWuRgT7I4jjdi6yls4APQTrzkW2fNW6RnwO8FBDJOQwCuDNuNIxQwOEW1ZYlqD5GMgP8KpZbs4eUEdMQBVIvVwsu9lNcerUPNsGjjFgg5Y2QUB8Gc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88065092ddb156b7-OSL
alt-svc: h3=":443"; ma=86400

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5991db4ffbfc4b57b0f99a35a0e6a3d0
1b74b56ddc178de4587ef8898436cff19cc2c66b
17904ae58c5cfd605b9b96ef28a59c0b158141c0d69922267a677ff041ca24d9

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 May 2024 03:20:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

64.233.163.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
64.233.163.84:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:X8nJsf7fXwp4BIODs3APvWw_3c-nfQ:RKi_x3UmFBVCXr4R; Expires=Fri, 08-May-2026 03:20:35 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 03:20:35 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyR2Tley-NnEcWyrnIZ57FFTlEAdhOETB7q_VXHIo02v96s85NdUX8NGPMZVbepwq5ct6ZZ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-vcREXi_et2i_frsKmroUpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

64.233.163.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
64.233.163.84:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:nN_rp6MC3j9d56jWmIzX-nDaoTKTBg:Z9G-LRgCdZeIYGtj; Expires=Fri, 08-May-2026 03:20:35 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 03:20:35 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyTXdnAw3Z1Hk7kqvbawVzZUsIXvORk2HPImsc9MscjQJ8ni4ao6g1Hst0UGwTdsWyoc7vp
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-gEmbyz4ISWTJUUbG-sLKeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyR2Tley-NnEcWyrnIZ57FFTlEAdhOETB7q_VXHIo02v96s85NdUX8NGPMZVbepwq5ct6ZZ

64.233.163.84

302 Found

425 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyR2Tley-NnEcWyrnIZ57FFTlEAdhOETB7q_VXHIo02v96s85NdUX8NGPMZVbepwq5ct6ZZ
IP
64.233.163.84:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type
HTML document, ASCII text, with very long lines (403)
Size
425 B (425 bytes)
Hash
4538a06cdfc47a958954326a72177891
a61cab41d7ce3da72a5c52aa681a2023663ace9a
98022d951e49b02e4641d429e1bf2c0647fe10453d42eceefcec2ee14e50dd7e

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyR2Tley-NnEcWyrnIZ57FFTlEAdhOETB7q_VXHIo02v96s85NdUX8NGPMZVbepwq5ct6ZZ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cpasbien.zip/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:74wqNrSIDIMnYhVaSzWfb4NiSSI9dA:YMFWNBMgDW9L7nTm;Path=/;Expires=Fri, 08-May-2026 03:20:35 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 03:20:35 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzjAsg8G0omGHzW_U_rzYSp_ofuQVDLpmpeFJax7DNTdLOcuWJUa4RgmYhcFSomNpLy5Ia8&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S67783865%3A1715138435186147&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-ONJIxFJmXc3uGrPDk5xYEg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyTXdnAw3Z1Hk7kqvbawVzZUsIXvORk2HPImsc9MscjQJ8ni4ao6g1Hst0UGwTdsWyoc7vp

64.233.163.84

302 Found

427 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyTXdnAw3Z1Hk7kqvbawVzZUsIXvORk2HPImsc9MscjQJ8ni4ao6g1Hst0UGwTdsWyoc7vp
IP
64.233.163.84:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint75:65:5E:EB:A9:59:16:DF:32:A3:39:DC:8A:A2:FD:28:92:33:6B:0D
ValidityTue, 16 Apr 2024 04:20:43 GMT - Tue, 09 Jul 2024 04:20:42 GMT

File type
HTML document, ASCII text, with very long lines (402)
Size
427 B (427 bytes)
Hash
d1a8bd4c8afcf8245fa32586892efc58
35cb7d86929844be7be6f45a39f9be71c15778ee
6634b543c064ae10ea023d697e598e53951e6e75eb47510a53dc69103e75a56f

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyTXdnAw3Z1Hk7kqvbawVzZUsIXvORk2HPImsc9MscjQJ8ni4ao6g1Hst0UGwTdsWyoc7vp HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cpasbien.zip/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:i_wV95c0k_PVG2AODnHNBEiAe3_iyg:56Sq_7f9Kq1WiT2h;Path=/;Expires=Fri, 08-May-2026 03:20:35 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 03:20:35 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyTemJiArK_axgNnPUfLN2mtLVLp66BLd7_bnP60Wj_cXs4RqMnbKQbSikHaVDpjCjIKEUZ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1006241639%3A1715138435188296&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-KEZIik_jy-Bx-dJfRqpCQg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 427
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d2t47qpr8mdhkz.cloudfront.net/YZFlra1oHNgUNZRAwD1ZrVG1cXG9TfxsZPwJkHBwtSjobCikGMA4FdB4wG00wFzYFG2cLISkfGAM4HzgSKz1NHyAAZFtNNgU3DFZ8ATcIVmtCOA8JZ1B/Hxs1D2QbGyoPPhwMPA4tTR47WTQEETMINQpOaCJsRVt/VmlDE2tVfFgpf1ZpBwI0ESFOWWocYV-00bFB8WCl/VmkZHX9XGFJddFRwTllqAzwIADVBay1ZalVpW1pqVXxZWzwNKw4NNRx8WS1jUndbTS9ZaA

54.230.241.146

511 B

URL
d2t47qpr8mdhkz.cloudfront.net/YZFlra1oHNgUNZRAwD1ZrVG1cXG9TfxsZPwJkHBwtSjobCikGMA4FdB4wG00wFzYFG2cLISkfGAM4HzgSKz1NHyAAZFtNNgU3DFZ8ATcIVmtCOA8JZ1B/Hxs1D2QbGyoPPhwMPA4tTR47WTQEETMINQpOaCJsRVt/VmlDE2tVfFgpf1ZpBwI0ESFOWWocYV-00bFB8WCl/VmkZHX9XGFJddFRwTllqAzwIADVBay1ZalVpW1pqVXxZWzwNKw4NNRx8WS1jUndbTS9ZaA
IP
54.230.241.146:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (740), with no line terminators
Size
511 B (511 bytes)
Hash
b23ee24d8004cb86a507b0023776b291
cc6f81b5ca349bbadbd17f278da069ee1ac07c1d
769137508acf08fb80fc39d9a5d8b0eec7abba027cdcba1d88cfe57fdffbf8a1

HTTP Headers

GET /YZFlra1oHNgUNZRAwD1ZrVG1cXG9TfxsZPwJkHBwtSjobCikGMA4FdB4wG00wFzYFG2cLISkfGAM4HzgSKz1NHyAAZFtNNgU3DFZ8ATcIVmtCOA8JZ1B/Hxs1D2QbGyoPPhwMPA4tTR47WTQEETMINQpOaCJsRVt/VmlDE2tVfFgpf1ZpBwI0ESFOWWocYV-00bFB8WCl/VmkZHX9XGFJddFRwTllqAzwIADVBay1ZalVpW1pqVXxZWzwNKw4NNRx8WS1jUndbTS9ZaA HTTP/1.1
Host: d2t47qpr8mdhkz.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://habovethecit.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 511
date: Wed, 08 May 2024 03:20:35 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E60AEdeE_9F7u-p3KqBXJmoU3mjPAcRSZVzq2DS00udGxCxMhM9kfA==
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d59e53e22f3681f080bc6a493b7508a1
50ec966f62f5efce0a5fbea8917c5c5b025eaccf
cffc1da003262cd2907f76fb611cccac521441669302d10fae3aeb0c9a81c181

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 May 2024 03:20:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ads2550.bid/z1-3TiCQM_wzTz27WxHLqJUtps4eCQ1TkcDPNhX6D2Lln_VPXcswTCUAZiHOlXN_iZo9SUqJniC79UwJse6JCxsh2A5H7qsfHxVRMDSCWlreBGdTsvz3te7Fwl1NMuTPDJ7gaiR1pyVZXI7w97vbNbwvYvdMLR2YjOODe30OSW7TWZHxTenfhwUpc_xWEp3A6_KVtmuX0knU4Lj568zBRCIkrJjQ4Xs5iR1l6vQiQn4LdpHUYStuaGiii4O6uzBKN-GhffnbHzPH4ovjz7qh3ntQw_JZAffCowjDJStI5PTPrNwNZblENtNHnVnxrYbyeUa6NWJ_LSr5UCWTt1GfYtZ_Afe9BSHcbQnDwqGXmxJvDJla8LYK878CyeJ22616r0eR7EMDzYzkIU-EvXFcf377_uL8OhE0t8bjTmlYmM4BNYX59QRa2Z4Xxj3n3o9dwH8WaAkNowXVov_qNmKsVc3haonBkuIs_SOHMHS8WI4J4e8vt?DC=WZ

74.117.182.84

200

49 B

URL GET HTTP/1.1
ads2550.bid/z1-3TiCQM_wzTz27WxHLqJUtps4eCQ1TkcDPNhX6D2Lln_VPXcswTCUAZiHOlXN_iZo9SUqJniC79UwJse6JCxsh2A5H7qsfHxVRMDSCWlreBGdTsvz3te7Fwl1NMuTPDJ7gaiR1pyVZXI7w97vbNbwvYvdMLR2YjOODe30OSW7TWZHxTenfhwUpc_xWEp3A6_KVtmuX0knU4Lj568zBRCIkrJjQ4Xs5iR1l6vQiQn4LdpHUYStuaGiii4O6uzBKN-GhffnbHzPH4ovjz7qh3ntQw_JZAffCowjDJStI5PTPrNwNZblENtNHnVnxrYbyeUa6NWJ_LSr5UCWTt1GfYtZ_Afe9BSHcbQnDwqGXmxJvDJla8LYK878CyeJ22616r0eR7EMDzYzkIU-EvXFcf377_uL8OhE0t8bjTmlYmM4BNYX59QRa2Z4Xxj3n3o9dwH8WaAkNowXVov_qNmKsVc3haonBkuIs_SOHMHS8WI4J4e8vt?DC=WZ
IP
74.117.182.84:443
ASN
#40824 WZ-US-40824

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectads2550.bid
Fingerprint61:EF:FF:E5:CE:C9:12:7D:E5:30:6D:0E:9D:CE:78:A6:BB:45:C9:9B
ValiditySun, 05 May 2024 08:02:05 GMT - Sat, 03 Aug 2024 08:02:04 GMT

File type
GIF image data, version 89a, 1 x 1
Size
49 B (49 bytes)
Hash
56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

HTTP Headers

GET /z1-3TiCQM_wzTz27WxHLqJUtps4eCQ1TkcDPNhX6D2Lln_VPXcswTCUAZiHOlXN_iZo9SUqJniC79UwJse6JCxsh2A5H7qsfHxVRMDSCWlreBGdTsvz3te7Fwl1NMuTPDJ7gaiR1pyVZXI7w97vbNbwvYvdMLR2YjOODe30OSW7TWZHxTenfhwUpc_xWEp3A6_KVtmuX0knU4Lj568zBRCIkrJjQ4Xs5iR1l6vQiQn4LdpHUYStuaGiii4O6uzBKN-GhffnbHzPH4ovjz7qh3ntQw_JZAffCowjDJStI5PTPrNwNZblENtNHnVnxrYbyeUa6NWJ_LSr5UCWTt1GfYtZ_Afe9BSHcbQnDwqGXmxJvDJla8LYK878CyeJ22616r0eR7EMDzYzkIU-EvXFcf377_uL8OhE0t8bjTmlYmM4BNYX59QRa2Z4Xxj3n3o9dwH8WaAkNowXVov_qNmKsVc3haonBkuIs_SOHMHS8WI4J4e8vt?DC=WZ HTTP/1.1
Host: ads2550.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Cookie: UUID=a5422175-f779-5bdd-9035-7ae658bf7920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
permissions-policy: *
p3p: CP="CAO PSA OUR"
accept-ranges: bytes
etag: W/"49-1710406818000"
last-modified: Thu, 14 Mar 2024 09:00:18 GMT
content-type: image/gif
content-length: 49
date: Wed, 08 May 2024 03:20:34 GMT

tigainareputaon.info/popunder.gif

104.21.18.115

200 OK

10 kB

URL GET HTTP/3
tigainareputaon.info/popunder.gif
IP
104.21.18.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjecttigainareputaon.info
Fingerprint05:C6:98:66:10:C1:C4:21:E9:78:30:6D:B4:FC:8C:F0:9F:11:B9:BA
ValidityMon, 01 Apr 2024 06:58:58 GMT - Sun, 30 Jun 2024 06:58:57 GMT

File type
GIF image data, version 89a, 1 x 1
Size
10 kB (10111 bytes)
Hash
1dd6575fac6a9475f8620c77af6f0326
7e8125d51aedb8fcd43478d55f1068f9c9a0b3b4
e41ce2aa2d74c377c3b4e6435d1a4936febf09eb395c5a72505414abcac546a7

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: tigainareputaon.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:35 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 6855
last-modified: Wed, 08 May 2024 01:26:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DASKrzzTUYGn5lktQBubqddEm6SmWgsNv96Afr0OmsFlQApHbHO8CD635%2BJwTi5EBvYwhBVqmW3lLAng0kZY6GPEDOCVRGWMw%2BKh1vi96ztYdzW0xwJAZVOixzodCsdQbKTGfEsYAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8806509779690b02-OSL
alt-svc: h3=":443"; ma=86400

cpasbien.zip/

172.67.178.162

301 Moved Permanently

41 kB

URL User Request GET HTTP/2
cpasbien.zip/
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type

Size
41 kB (41290 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 08 May 2024 03:20:33 GMT
content-type: text/html; charset=iso-8859-1
location: http://www.cpasbien.zip/
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2FTpO0I3ZmV%2BzQOkwqA7enpng8kh9YilU1vwwAUWTUuquiCBy%2BNa7WZS0cwjTrc5OhZcoF%2BWYzqhSktOQY4387V12e0awE96feZ84C%2FithtsaNTYdD9HFwC5YwwEilg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880650894f37b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.cpasbien.zip/themes/default/js/524eba27.js

172.67.178.162

200 OK

37 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/js/524eba27.js
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JavaScript source, ASCII text, with very long lines (37386), with no line terminators
Size
37 kB (37386 bytes)
Hash
dd509264e5718497cd67ad65d50a8641
480e2200fd244d68b5f8e1c90c0c6ce61699a7e8
a91b0f105197706c82220fc1485b86fa4be251b09cb6252d6a4c2221a03f86cc

HTTP Headers

GET /themes/default/js/524eba27.js HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=37394
etag: W/"9212-609f439ba84ca-gzip"
last-modified: Sun, 12 Nov 2023 13:06:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 282487
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBZ2%2FqX5IesRcWTg9cn59BPEVF2M3hXxfz0QP7VzEryQdMH9fQQQzEey2o%2BOaqohwm0%2FupogRMmyWJu0QiNpoh6jakat6kjRvFwkU849iMzF%2Bcfg7ucayhSxRbUQeXPCQeZx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806508c8af856b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyTemJiArK_axgNnPUfLN2mtLVLp66BLd7_bnP60Wj_cXs4RqMnbKQbSikHaVDpjCjIKEUZ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1006241639%3A1715138435188296&theme=mn&ddm=0

64.233.163.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyTemJiArK_axgNnPUfLN2mtLVLp66BLd7_bnP60Wj_cXs4RqMnbKQbSikHaVDpjCjIKEUZ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1006241639%3A1715138435188296&theme=mn&ddm=0
IP
64.233.163.84:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A
ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQyTemJiArK_axgNnPUfLN2mtLVLp66BLd7_bnP60Wj_cXs4RqMnbKQbSikHaVDpjCjIKEUZ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1006241639%3A1715138435188296&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cpasbien.zip/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 03:20:35 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: script-src 'nonce-Y3weoN2zkm_eyIXRS-xZ9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pogothere.xyz/asd100.bin

172.67.220.203

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
172.67.220.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B
ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cpasbien.zip/
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:35 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.cpasbien.zip
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 07 May 2024 23:37:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbBeaZ0iF3vM%2FQ5y14JuKZrI9LhNRmKHfOYUOgwTz3W%2Fz%2BW9iGiw%2BX%2FfzH9rQL%2Blg7OtjKsYJmoR0bZ8Tmez%2Fv8pmTPzLrP%2F8%2Fg3miN50%2FWTdl9ntcwSix8%2B83TgaL71"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880650934b425696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzjAsg8G0omGHzW_U_rzYSp_ofuQVDLpmpeFJax7DNTdLOcuWJUa4RgmYhcFSomNpLy5Ia8&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S67783865%3A1715138435186147&theme=mn&ddm=0

64.233.163.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzjAsg8G0omGHzW_U_rzYSp_ofuQVDLpmpeFJax7DNTdLOcuWJUa4RgmYhcFSomNpLy5Ia8&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S67783865%3A1715138435186147&theme=mn&ddm=0
IP
64.233.163.84:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint9F:A1:53:E4:09:E1:ED:82:F8:E0:30:B6:39:FA:EC:03:B4:89:46:8A
ValidityTue, 16 Apr 2024 03:19:40 GMT - Tue, 09 Jul 2024 03:19:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzjAsg8G0omGHzW_U_rzYSp_ofuQVDLpmpeFJax7DNTdLOcuWJUa4RgmYhcFSomNpLy5Ia8&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S67783865%3A1715138435186147&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cpasbien.zip/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 03:20:35 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-uXUOQzRvIewRYcJZ_nZaYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.cpasbien.zip/themes/default/css/style.css

172.67.178.162

200 OK

12 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/css/style.css
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
ASCII text, with very long lines (12297), with no line terminators
Size
12 kB (12297 bytes)
Hash
88925c79a9ae2e296ea3904a40cc306c
e9997f05f3042aa3043962f7158a378a08208a5f
fc26dff232f86f6b94c7c0a9fcffd4890163292a4d5d2a092bf0896d1ef291d2

HTTP Headers

GET /themes/default/css/style.css HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=16422
etag: W/"4026-616b327fd8069-gzip"
last-modified: Mon, 22 Apr 2024 17:56:26 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 282487
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YbV7wcY9N9cSM1hMypwxG80l7jzqFhznC%2BJKsWcXl8cZuy3OI4Dhzqi7oQrsxCRchMkycS81OUHJL0rILFGSITbk6zly9nJzGRKkUE8zFTzNjmigalpBKNGhoU5pkEOYx4Lt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806508c8af356b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pogothere.xyz/

172.67.220.203

200 OK

26 B

URL GET HTTP/2
pogothere.xyz/
IP
172.67.220.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B
ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
68806a68fda45f9741c1af2368a5839e
b4bad970df00e79f9c6d1b17c749a0836b30fb52
86dfc4ae9bbeb9d11ebc518945d34661c762125ca271edf350024bb825826701

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cpasbien.zip/
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 03:20:35 GMT
content-type: text/plain
set-cookie: csu=305940471156326@1@1715138435; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.cpasbien.zip
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iOIWLPd%2FlT5OBwoAc0BuBAY1ig3AqZN3Bm5GoF5eHWrsOwja%2FvUMRXnMemIXw%2FL%2FrwsSjOn%2FfZfj8Pi1PYpBxK0GqLBn56D2im1P3KWCX8IefHAMnOPLYvLZNxs89rJ4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880650934b405696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,600,700

142.250.74.106

200 OK

17 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,600,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (1572)
Size
17 kB (16791 bytes)
Hash
85797b9763526c7b157f499ebe2044a5
e832fdcf940d9bfb2763982c37bf43d83495ea9f
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404

HTTP Headers

GET /css?family=Open+Sans:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 03:20:34 GMT
date: Wed, 08 May 2024 03:20:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.cpasbien.zip/themes/default/css/jquery.tooltip.css

172.67.178.162

200 OK

300 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/css/jquery.tooltip.css
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
ASCII text, with no line terminators
Size
300 B (300 bytes)
Hash
4f6f3546c7bf233c269c2700cccdfbec
bdc42910e0694401ec25bc70712ba8501a2cf151
19ce96116690970bf4303812fe245a8fcb1747922e85c045960a93db6b158080

HTTP Headers

GET /themes/default/css/jquery.tooltip.css HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 03:20:34 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=309
etag: W/"135-605383d213725-gzip"
last-modified: Wed, 13 Sep 2023 07:09:22 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 282487
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WuREEVwkyhkG9USxkMAtKe5ogdTUgyjopu1olzH2n1IL5VV7alp49%2Bl4LirgOpv8apcbj54oBE%2BSyEYEqXBDXLniclOHP6K0Ux%2FGt40FFAMpa1QBBNS8ibFXILfNIdUn8f3G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806508c7af156b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (59)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size