Report - www.cpasbien.zip/torrent/59803

Report Overview

Submitted URL
www.cpasbien.zip/torrent/59803
IP
104.21.31.165
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 09:01:34
Access
public
Website Title
Nicky Larson - Torrent sur Cpasbien
Final URL
www.cpasbien.zip/torrent/59803
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-24	1.0 kB	172 kB	104.17.25.14
bourrepardale.com	unknown	2024-03-05	2024-03-05	2024-03-06	404 B	1.2 kB	23.109.170.68
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	442 B	8.6 kB	216.58.207.234
ads2550.bid	unknown	2023-05-10	2023-05-10	2024-04-15	2.0 kB	1.8 kB	199.80.53.161
www.cpasbien.zip	unknown	unknown	No data	No data	8.3 kB	199 kB	172.67.178.162
zimages.ws	unknown	2019-12-03	2020-02-11	2024-03-17	5.3 kB	1.1 MB	188.114.96.1
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-26	423 B	98 kB	142.250.74.40
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-04-24	735 B	423 B	172.240.253.132
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-25	433 B	423 B	35.158.46.84
homicidalseparationmesh.com	unknown	2024-04-23	2024-04-23	2024-04-23	494 B	467 B	172.240.253.132
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-04-25	415 B	327 B	192.243.59.20
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-04-25	411 B	35 kB	188.114.97.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-26	543 B	49 kB	216.58.207.227
specificationfingertip.com	unknown	2024-01-30	2024-01-30	2024-04-18	446 B	31 kB	172.240.253.132

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	bourrepardale.com	Sinkholed
2024-04-26	medium	specificationfingertip.com	Sinkholed
2024-04-25	medium	homicidalseparationmesh.com	Sinkholed
2024-04-26	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	specificationfingertip.com/8c/33/72/8c33721f6aa15cc0a61420f50575e334.js	82 kB	2024-04-26	2024-04-26
Pretty URL specificationfingertip.com/8c/33/72/8c33721f6aa15cc0a61420f50575e334.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 11:01:41 Last Seen2024-04-26 11:01:41 Times Seen2 Hash 6e99f284c8afd6c96e9c2decce1fe7f3 07c2bf09dc0226c2cb324e12a0819f33954c7f0a def9a266a15ed8e99bf42e4bb0ed7d441bd3286f8e76f222358439d2ebc3c669 Loading...

	www.cpasbien.zip/torrent/59803	153 B	2024-02-15	2024-05-04
Pretty URL www.cpasbien.zip/torrent/59803 IP 172.67.178.162 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-15 18:33:39 Last Seen2024-05-04 13:34:27 Times Seen10 Hash 81630d0fa87c615651f4e254f82b4d06 51589a6efc263ac6ce5262cbaa07a8fa4a4f5b9a c50325fe0fe59de6c1ed0bd94cb47634640a12715d5531527459f049b6d13618 Loading...

	bourrepardale.com/1clkn/56862	6 B	2023-03-07	2024-05-06
Pretty URL bourrepardale.com/1clkn/56862 IP 23.109.170.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-05-06 19:37:45 Times Seen14298 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW	288 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 11:01:41 Last Seen2024-04-26 11:01:41 Times Seen2 Hash 666db7135a762a77afedf1814834b9f6 9f946d05571eced644431bd71776d8767d54ade0 3200930d3817dcee21f3301c330883bad0af549803c77a4dcc1e3eb40a3978a9 Loading...

	unknown	544 B	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 11:01:41 Last Seen2024-04-26 11:01:41 Times Seen1 Hash 48e79da43e785fc4ad7de69e3ff9273a a6c58abfd0ad8a0906ae2fd3a042ba306a81c388 f12067fecfa85b7267435d82cacd881f6a5ada8fbf12c7654bbbd28fdc57f900 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-06
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-06 21:51:35 Times Seen2324 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	capaciousdrewreligion.com/advertisers.js	0 B	2023-03-07	2024-05-06
Pretty URL capaciousdrewreligion.com/advertisers.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 22:09:12 Times Seen37384985 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.cpasbien.zip/themes/default/js/524eba27.js	37 kB	2023-12-03	2024-05-06
Pretty URL www.cpasbien.zip/themes/default/js/524eba27.js IP 172.67.178.162 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 09:03:12 Last Seen2024-05-06 00:51:45 Times Seen169 Hash dd509264e5718497cd67ad65d50a8641 480e2200fd244d68b5f8e1c90c0c6ce61699a7e8 a91b0f105197706c82220fc1485b86fa4be251b09cb6252d6a4c2221a03f86cc Loading...

HTTP Transactions (42)

URL IP Response Size

www.cpasbien.zip/themes/default/img/telecharger.gif

172.67.178.162

200 OK

9.7 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/telecharger.gif
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
GIF image data, version 89a, 385 x 70
Size
9.7 kB (9687 bytes)
Hash
1b9ba4a86264998ac9c50d9c6fcd16d3
2b854f22e0b850797f7b2cf3498133d9f0acf279
b4bb2af5464622ca67a5ae43b12b17f0838683d7678f73634b781007d10d235e

HTTP Headers

GET /themes/default/img/telecharger.gif HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/torrent/59803
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/gif
content-length: 9687
last-modified: Wed, 13 Sep 2023 07:09:27 GMT
etag: "25d7-605383d6f5f67"
cache-control: max-age=14400
cf-cache-status: HIT
age: 310412
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GCz2RXl3XE1GYwHvfEdLvLe8l91w%2FlbHBjV9z1CiByUpVNDeJSoIxfsh%2FMsDBPW4Q%2Bd1NygSXxSY5yhRVncc%2BacZBx6k%2F7mjLq%2BwhvtLlOAUG44ZfDpM6%2FnUBuDhQaB0AtIz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562ed1dab56aa-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/films.png

172.67.178.162

200 OK

469 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/films.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 24 x 26, 8-bit colormap, non-interlaced
Size
469 B (469 bytes)
Hash
3cec3dfcf1e873704f28e7d2384dff3a
f5c415574f934f94b10c6bc9781fbb3d1d7a0e76
38edf74ebff9c4dc743a29aadf0ea20bd98091e719550febf6f5d571156c000a

HTTP Headers

GET /themes/default/img/films.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/torrent/59803
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/png
content-length: 469
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "1d5-605383d4d92dd"
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sAz%2BUHn8AwULIeY7OK7UO6esEZKbW95WfZZZlXn8Y8qJKnZjOKpBpv4Bmcgon9RzHsFF3sEAif7D4LNcuNz4VWCOLp0VIgq3BgH1yG4g7okB2zAIyMrg9QUxvSEgbySk%2BbjK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562ed1da956aa-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/animation1.jpg

172.67.178.162

200 OK

7.3 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/animation1.jpg
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2022:02:12 13:05:26], baseline, precision 8, 150x150, components 3
Size
7.3 kB (7306 bytes)
Hash
0573d4afb59612940a3e4823747adff4
82e478eb20d06a30e996ca6c7d52afaf8106e1e4
ca6263642c45acb1d6ee1f646306d393040ac67dd077a4bf07f1280364f6e8b7

HTTP Headers

GET /themes/default/img/animation1.jpg HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/torrent/59803
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 7306
last-modified: Thu, 18 Jan 2024 11:04:47 GMT
etag: "1c8a-60f3654e2294f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WoItl8adr68np2R10vpwXRtBBvIUR5V%2BHwz9Z2LgUxaUz4pqgtmxJd8QW%2FQ0K4Suj3w6EfojXEGIC0P6f8MobwbbFacypAT3K5XwDPQL3hOMxKkxhgu3Yz0%2FOL%2F0K9GflN2o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562ed2dbc56aa-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.css

104.17.25.14

200 OK

20 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text
Size
20 kB (19472 bytes)
Hash
e3d3126e93fc1303cf862d5852f56654
357908650e3a2f75f7e77c3e741e8bd0cfa07625
340d09d12141a30f53d870d647f2f4ba93047709331cd441c43db7301bd52d68

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/css/all.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: text/css; charset=utf-8
content-length: 19472
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-4c10"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1309947
expires: Wed, 16 Apr 2025 09:01:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RpvoMvkJRzhiPK%2BCVzvUjOIVez4FnXRspozbQeXd3EYzdiR5kZ043%2FFvEV%2Bwpo7zdPfjT%2FfWNwtToHMX2upx7QYmVvEyjX8TkGEmjm1q5YxDODWz%2B9ksCkla3ZJbZtlvA%2B0ZlpuA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a562ed2f03568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/32b19a8a6504f1b885eaaa316064354398a9d7c5.jpg

188.114.96.1

200 OK

124 kB

URL GET HTTP/2
zimages.ws/uploads/image/32b19a8a6504f1b885eaaa316064354398a9d7c5.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x333, components 3
Size
124 kB (124055 bytes)
Hash
806d6f0ccf77204c447d2018c739fe3f
cb89c091d607e898193a5d998a0d98ce6bd9ede3
1ce19ccfeb62efcc229d11272b685b484878b22d3615349cc2fc45f57f549254

HTTP Headers

GET /uploads/image/32b19a8a6504f1b885eaaa316064354398a9d7c5.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 124055
last-modified: Wed, 15 Feb 2023 12:10:53 GMT
etag: "1e497-5f4bbf8c0cd40"
cache-control: max-age=14400
cf-cache-status: HIT
age: 89788
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NsBtmLhWSG79VxPdSsQbOI7HhAeS2g2GwlA2PPBKdEnQvUkbUbem7iWO7vyWIN%2BfQFB3MqqclfIvlWIq%2BIClIIPWrV5WXx2Ya9iwKKoUTOpCsoxCyyRicIdOYLHA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87a562ed8dfb5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/4a784f56d55ac4dd5a5d5b349308e4e45d57035b.jpg

188.114.96.1

200 OK

38 kB

URL GET HTTP/2
zimages.ws/uploads/image/4a784f56d55ac4dd5a5d5b349308e4e45d57035b.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 320x400, components 3
Size
38 kB (38065 bytes)
Hash
610e33b87eef87bc9da589b720299ef0
f72fd0a6df5e7155700f5ead1ebce99f8ffc7eec
6cb9e7bb92192d3b01eebdce0c8edfd3e49d0aeeb556297cd423f0a1dca9db5c

HTTP Headers

GET /uploads/image/4a784f56d55ac4dd5a5d5b349308e4e45d57035b.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 38065
last-modified: Fri, 26 Apr 2024 08:42:07 GMT
etag: "94b1-616fbe0fd469d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 383
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T3Je%2B7dAV7tugyTM%2Fs0UEJc5%2BN83F9AyBl3i7tj42Jn9kUUaVPTI2MVP0f30MIe9tvBVnvAG9ftESm42S3xfreWxwDekwhrKqZ9SzKqCr%2FpF5%2B1IBcSTOe7j7beU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87a562ed8e025684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/5335258a03cd4effdbaaa2c111a93f4032a25564.jpg

188.114.96.1

200 OK

74 kB

URL GET HTTP/2
zimages.ws/uploads/image/5335258a03cd4effdbaaa2c111a93f4032a25564.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x354, components 3
Size
74 kB (74133 bytes)
Hash
a91bd20ec37e8bd1ea51970eec21c6ee
57e01b613f72318ce6e9d17c6125322cc513138e
f461594c3eb535eff29942163f70d65e77bb08ac2d204ec4410b47adc413d713

HTTP Headers

GET /uploads/image/5335258a03cd4effdbaaa2c111a93f4032a25564.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 74133
last-modified: Wed, 15 Feb 2023 12:15:42 GMT
etag: "12195-5f4bc09fa9780"
cache-control: max-age=14400
cf-cache-status: HIT
age: 89788
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4yq1kd8OSDYtOgRIr0JD71mT7%2FRNJ%2FOnIvi%2FsimMVkxNn8Eq8%2BEMZ%2Bsl5HtpDyiipZMfUrEGKGl7slC7JrusM3ErGMVnOvBKQC7kLfitNSqAtwpeuDuG%2B7zK1hy8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87a562ed8dfc5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/0c4110910ecb4a7a576346b6dac1b94b7d7bbf27.jpg

188.114.96.1

200 OK

76 kB

URL GET HTTP/2
zimages.ws/uploads/image/0c4110910ecb4a7a576346b6dac1b94b7d7bbf27.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x333, components 3
Size
76 kB (76158 bytes)
Hash
edc4dedbb60fa707a9065e5fe9e63e05
c5ad026414b6bf5e7d44870102695838771e154a
3ca460ccae13d2aae5ec2eef03edbb8ce5722359a4cdbc8c96c8c4f0a41993ef

HTTP Headers

GET /uploads/image/0c4110910ecb4a7a576346b6dac1b94b7d7bbf27.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 76158
last-modified: Wed, 15 Feb 2023 12:05:06 GMT
etag: "1297e-5f4bbe4120080"
cache-control: max-age=14400
cf-cache-status: HIT
age: 89788
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vwgT6lgXyjNeJA%2Bz%2FdYsOZQucKoKKqVthCKEP%2FkOmRr4mDWyyzvbnXe7Hxsm69%2F9SN6UcpWKefPMNTlaxVMEE8dckY8SKu8nC42bm6W2pY9XP0sV%2F%2FotCEsxMCjc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87a562ed8df95684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/6ff64f279ae49edb2484f5201cfad2a54df6691d.jpg

188.114.96.1

200 OK

67 kB

URL GET HTTP/2
zimages.ws/uploads/image/6ff64f279ae49edb2484f5201cfad2a54df6691d.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 375x500, components 3
Size
67 kB (67401 bytes)
Hash
c48a95268bfe9e922fd3b6916b6dc8bf
00a59dff3d1017725887df9158cf6951e1d45556
316b076ed4cc17d540c7924d3ffa6d5ed4c6808f5f247e9888052452caf790ba

HTTP Headers

GET /uploads/image/6ff64f279ae49edb2484f5201cfad2a54df6691d.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 67401
last-modified: Fri, 13 Oct 2023 08:04:04 GMT
etag: "10749-607947ffb6500"
cache-control: max-age=14400
cf-cache-status: HIT
age: 90256
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u20%2BGmMk1nnogk%2BgxdJJJHXF2pjpq0VNf1qdJeVzCoRTarDEbuhrFH1Gz7AwiMLANQsBb8hkXpAtaVboSDaAntzkx03U6ESqkux1jvuzc%2Fj5ZFMlUUofCExuiheT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87a562ed8e065684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW

142.250.74.40

200 OK

97 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (3969)
Size
97 kB (97300 bytes)
Hash
666db7135a762a77afedf1814834b9f6
9f946d05571eced644431bd71776d8767d54ade0
3200930d3817dcee21f3301c330883bad0af549803c77a4dcc1e3eb40a3978a9

HTTP Headers

GET /gtag/js?id=G-TKZGESD6CW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 09:01:08 GMT
expires: Fri, 26 Apr 2024 09:01:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97300
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zimages.ws/uploads/image/d2bdab22a6bb3d76b6666a8a7360d6d0c5ec1c4a.jpg

188.114.96.1

200 OK

117 kB

URL GET HTTP/2
zimages.ws/uploads/image/d2bdab22a6bb3d76b6666a8a7360d6d0c5ec1c4a.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
117 kB (116925 bytes)
Hash
ba1c08c9a835f1dc5ac0cecd0085b461
d2181027051766074871d3532f257bb99cd65cf0
fe8b7d2ead010a33ebbe1db715aa8415d000b6b150f4a9081a3dba24fde6fa9c

HTTP Headers

GET /uploads/image/d2bdab22a6bb3d76b6666a8a7360d6d0c5ec1c4a.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 116925
last-modified: Wed, 15 Feb 2023 12:35:46 GMT
etag: "1c8bd-5f4bc51be2c80"
cache-control: max-age=14400
cf-cache-status: HIT
age: 90256
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2ByG7CDCshnfJdHA5LGCbOUAnY53af5ENS9%2BItQz0ST7hAr9ZrnSSF5ZcQ2467lJ3z%2F2X4asgd3c4%2B3RLvc%2BzgnrJ8yWNxOt43fQ906rzWNgom5se97KLBl6EIwUR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87a562ed8dfd5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/cbfa465cb07c90bc29d34678ece707ea68fdd16b.jpg

188.114.96.1

200 OK

115 kB

URL GET HTTP/2
zimages.ws/uploads/image/cbfa465cb07c90bc29d34678ece707ea68fdd16b.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x371, components 3
Size
115 kB (114867 bytes)
Hash
71e1aad661d47e21577c9d9a222539ac
eab872f352ca163c85500411e66a491b692e13b2
5e0567f724971ddd09505979e4ecbafe950174f6317665cdc209c1421834f742

HTTP Headers

GET /uploads/image/cbfa465cb07c90bc29d34678ece707ea68fdd16b.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 114867
last-modified: Wed, 15 Feb 2023 12:34:40 GMT
etag: "1c0b3-5f4bc4dcf1800"
cache-control: max-age=14400
cf-cache-status: HIT
age: 90256
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dRdObHcnS%2FEJhnJesJn2ruH9XEhA1u4JHvQb8MmW3iKRkJavTAI0jtyzdgWM3dZ%2Ful%2FWfiNV%2Bgvqultr8%2F0P2oSy3vf5aTQE3N9Rv1aUZ%2FR1zyH7gk%2Btf5kSmola"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87a562ed8dfe5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/2b4a13b5a0f54f5e0abb14cec9eb764d7507bd16.jpg

188.114.96.1

200 OK

137 kB

URL GET HTTP/2
zimages.ws/uploads/image/2b4a13b5a0f54f5e0abb14cec9eb764d7507bd16.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
137 kB (137352 bytes)
Hash
24ef5680c3ba27dc345b71e5d9535e53
63adefef302f706424b2200ac04c2f86d8505a93
874528de3b14d4dbfa4b7481aaf2f95943fdf4980acf80526a06996a6ffe6a04

HTTP Headers

GET /uploads/image/2b4a13b5a0f54f5e0abb14cec9eb764d7507bd16.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 137352
last-modified: Wed, 15 Feb 2023 12:09:48 GMT
etag: "21888-5f4bbf4e0fb00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 90256
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oAOsqk3pecFwmUrLoRMUW9HiHAU%2FaDpYL1D9sYNQTq090CKMOpvdIGQo9OLvYRaHw3teGbdZKyCWvKj3N7Snabh2T3c5hhYfWE9sdKrOA0jzTTroUVmLDZ24FvVC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87a562ed8e005684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/d4a71764e07c7c4bb4e9de4edff37a6f31321ebb.jpg

188.114.96.1

200 OK

132 kB

URL GET HTTP/2
zimages.ws/uploads/image/d4a71764e07c7c4bb4e9de4edff37a6f31321ebb.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
132 kB (131670 bytes)
Hash
5a4b148b104dd47e8fa33a06d3426df2
189fecadb1cb50e659c0a4411b3d8753fb4bda50
64290c97fce79397e0319f64a7534277d19fbf7fd292cf59600cca974f81a705

HTTP Headers

GET /uploads/image/d4a71764e07c7c4bb4e9de4edff37a6f31321ebb.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 131670
last-modified: Wed, 15 Feb 2023 12:36:05 GMT
etag: "20256-5f4bc52e01740"
cache-control: max-age=14400
cf-cache-status: HIT
age: 90256
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpmLXGWLZPd6A950kFuIVoTXafxtnJJd0%2BrYLrkYEShk%2Fd0McjWfc8twpCi1zH500eQO271lTlM36sd%2FyJupqhgLLls853gU49cZcHBQG2AyLPYkrj57oJ%2F4IUCf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87a562ed9e115684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/d144efd8422ce7f79b22fc9a0b43174095024859.jpg

188.114.96.1

200 OK

129 kB

URL GET HTTP/2
zimages.ws/uploads/image/d144efd8422ce7f79b22fc9a0b43174095024859.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
129 kB (128910 bytes)
Hash
81543078469b1b1e7ad995aababdafac
e87e5f76b462fe2f543391423fa1ae719196eba7
b9d2e47ba45438aaeef8a20ddcffe8f98cfb2fb4ca131aef2ab76a2ca97ff2a6

HTTP Headers

GET /uploads/image/d144efd8422ce7f79b22fc9a0b43174095024859.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 128910
last-modified: Wed, 15 Feb 2023 12:35:31 GMT
etag: "1f78e-5f4bc50d94ac0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 90256
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JB8vfFXI3v4%2BuaS4jvK7bZ%2F9G2cx%2BReq5bfZKg%2F9lSw4RAt0seRsxZblNjECFJ9kn4EwANsQja7dcAFv3HKYvTetM6HB1b8MWoAe%2F9z0tdikAK53%2Bl2PrWVscfJO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87a562ed9e0f5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zimages.ws/uploads/image/1ebd2148a111a59bb7559ec84f6df9e79c1870d1.jpg

188.114.96.1

200 OK

104 kB

URL GET HTTP/2
zimages.ws/uploads/image/1ebd2148a111a59bb7559ec84f6df9e79c1870d1.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subjectzimages.ws
FingerprintC7:96:DF:5E:0F:2F:64:4C:DA:B8:1F:6F:29:4C:AD:74:FC:5D:81:22
ValidityThu, 04 Apr 2024 22:36:27 GMT - Wed, 03 Jul 2024 22:36:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x375, components 3
Size
104 kB (103739 bytes)
Hash
a0c06f59cdf7217df6b720a70fb37394
94b2ef19e1c20f616d62adb5ee871a29ccb354a0
536c49783a1691b6693133c1340317b0b4d5d844f560db60197b04cccce202f4

HTTP Headers

GET /uploads/image/1ebd2148a111a59bb7559ec84f6df9e79c1870d1.jpg HTTP/1.1
Host: zimages.ws
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 103739
last-modified: Wed, 15 Feb 2023 12:07:54 GMT
etag: "1953b-5f4bbee157a80"
cache-control: max-age=14400
cf-cache-status: HIT
age: 89788
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5H%2Fk5l79FLEso0Ng6a8xfrHaMmZOlJTiMzaq7x9uIXalwrLf1GmZa9QC8FVCDcTAoEIoepiY18Zo%2FD2RLTrUPf2x0uwM7yAaDRa98QgDssLFJWoeVe9ccgffjpOO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87a562ed8e0b5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bourrepardale.com/1clkn/56862

23.109.170.68

200 OK

26 B

URL GET HTTP/1.1
bourrepardale.com/1clkn/56862
IP
23.109.170.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectbourrepardale.com
Fingerprint9C:52:0E:6E:A8:1B:CA:C0:B0:B8:5F:82:75:4C:49:1E:EA:78:A1:93
ValidityTue, 05 Mar 2024 14:00:39 GMT - Mon, 03 Jun 2024 14:00:38 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/56862 HTTP/1.1
Host: bourrepardale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 09:01:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 27-Apr-2024 09:01:08 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 27-Apr-2024 09:01:08 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

www.cpasbien.zip/themes/default/img/fond.jpg

172.67.178.162

200 OK

32 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/fond.jpg
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2520x142, components 3
Size
32 kB (32310 bytes)
Hash
56121fe0070d93736b8fe5ea7d3c9524
1c91ca6ed08d9f7bbd20088faf3f401c4f720107
a64aa3531489683535c374c4631338a7ca4ca15e8c3ebf6c7f4ea8ad8005b1d3

HTTP Headers

GET /themes/default/img/fond.jpg HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 32310
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "7e36-605383d51ffb4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EaMwOeCn7%2FTHnyi5%2B%2F7iRJ1gvEWZI7GphJiXk05Aj4haYQgbiaGqpOkkcWDmWpBFmnBd0mI5gh%2F%2FwuB0EcQFbnxHXgWi1bJRt5vAeT1CWsDoY87tgcSndRrbmpChvfCoPTRx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562f1297356aa-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/btn_recherche.gif

172.67.178.162

200 OK

1.1 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/btn_recherche.gif
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
GIF image data, version 87a, 36 x 43
Size
1.1 kB (1081 bytes)
Hash
60018e565bdd1d7db987a8050552f58a
e07df01a9f332ad1b817e7c685256fa1e7bc5851
c03fa49e2b84a02341b5e0fd22fdccbe05609d94ab6ff1e91212cfcbe51e21fc

HTTP Headers

GET /themes/default/img/btn_recherche.gif HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/gif
content-length: 1081
last-modified: Wed, 13 Sep 2023 07:09:23 GMT
etag: "439-605383d3816be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dHMxp1jVJ%2B4oP4za2WxSrq1sr6EQ3el6diei9jluvM2mNIyr2icnJkm64gRg7qsQdPodaw4PR0Gnnb%2FJnNOV7LNqzyRoAwrZ7ZXoCZGCZQQ074x2oqw0Z%2FVFP%2BgXrb06qD1%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562f1297756aa-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/logo.png

172.67.178.162

200 OK

2.9 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/logo.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 280 x 102, 8-bit colormap, non-interlaced
Size
2.9 kB (2863 bytes)
Hash
bbe71e764c32438317b3e7f4785dc3b0
870063ae5643493ac6045608343d24b529355531
2312f04966bcdc4143b4392cea49a917a96be8f1b50f95282cb6d1d1bdd0bd81

HTTP Headers

GET /themes/default/img/logo.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/png
content-length: 2863
last-modified: Wed, 13 Sep 2023 07:09:26 GMT
etag: "b2f-605383d658bb8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KoJCjdFY71QqG5DRBV9fWRk90wxIHMtruQUBzcF1P8lbaTDdk8%2FfkBQITkC9MBqTNpEwh67DyGKp8Mmk9%2FIEOpsMri7SYeVHbuXMyzmrNtnmrN7hwJAaN2hqcxv%2Fy0A1Depj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562f1297656aa-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/centre.gif

172.67.178.162

200 OK

1.3 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/centre.gif
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
GIF image data, version 89a, 1111 x 7
Size
1.3 kB (1314 bytes)
Hash
e39d9162d6261195559068e10f49e782
d75dfaf34ed95d4eb754d2e7c35fb84a7e2afa30
f57d88ee62eb309ee7567b3d6a7b54a704874c719d6888b8b581bb0dd54327be

HTTP Headers

GET /themes/default/img/centre.gif HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/gif
content-length: 1314
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "522-605383d3d7d96"
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2BdZBepvjHt381UlxR1A8MvjCvy9bCT0lkJKrcSmhXsHEx06sthFBBabnTDRcenG3ujJeVhoc01cMf6BUnIcKcOuOXyVR3kBnqSMcGGXw%2FGTN9Hl7RaVDRBYHXJcVwS76feR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562f1297b56aa-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/download.png

172.67.178.162

200 OK

176 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/download.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 16 x 16, 4-bit colormap, non-interlaced
Size
176 B (176 bytes)
Hash
fe4223aeb017fc82008c4ae1a9e72fe0
e566c7cd650ad5c6a062236dd48d391bd0628f0d
075c54e8957e256ec2a4b1a8db4932722813e32cd3d9f6a95f86b281c4bf23c9

HTTP Headers

GET /themes/default/img/download.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/png
content-length: 176
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "b0-605383d4764cc"
cache-control: max-age=14400
cf-cache-status: HIT
age: 17870
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeqibvADKgR9y5BnuWzNkLf8wEOE3Llxhxd13kBcrVHGchVr0oEmxSn7pq41oKHfrkR0bA3wg%2FWcHGTxxFA91Oil9pTVR6XXUnaaMvsAG%2BgU3Hx4POaxchtxR%2FK08fIT2Ld4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562f1298056aa-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/up.png

172.67.178.162

200 OK

296 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/up.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 15 x 16, 8-bit colormap, non-interlaced
Size
296 B (296 bytes)
Hash
fb656ac10987ff66eef6484030c461a0
15dbd2de657d4ae83cbafe6209b5b5b15dc534ea
95b748fd9ba6902a8ea51bca013970170d5c54b5427b54f942ca1fe4eded9dc4

HTTP Headers

GET /themes/default/img/up.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/png
content-length: 296
last-modified: Wed, 13 Sep 2023 07:09:27 GMT
etag: "128-605383d6fff90"
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vUE9P74mVhgG15xgI4PdbffDp3QBuw%2BxhuADS9BNw1%2BytSeDMqDiFbBjTxYhtF%2BC2oHoym3UB8iSk9kc8fh1%2BAtgbCXFkY1tjHH4A1xiXWI9riACuUWBrx1mIMifUudCZScp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562f1298756aa-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/down.png

172.67.178.162

200 OK

297 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/down.png
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
PNG image data, 13 x 16, 8-bit colormap, non-interlaced
Size
297 B (297 bytes)
Hash
4b96bdc869168ccdc1b1ae853121897b
395ea2f64be755455835d3b7bdf7b3f7b801844f
7b69189c5806a7b185517cc49e0fdf943da67409157185f789af1f5fb736e84b

HTTP Headers

GET /themes/default/img/down.png HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/png
content-length: 297
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: "129-605383d44f7b1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=De8uUvgKualXa29rPcQQvQVC1d0TWwcGOSPnjQt%2FxDOXS4V9bzWjxp7ZV6UxOnZL%2FgqZLTUXK%2FqRteeuKvrL6UyhGzBTQmGGPFmA3iJsL6v09G6f%2FIHH%2BSR81AssjJcUtg0w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562f1398856aa-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Open+Sans:400,600,700

216.58.207.234

200 OK

7.9 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,600,700
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
7.9 kB (7942 bytes)
Hash
6af45e79a7641d8bf565bf448c6b03da
2af688e26a8f2a67e8f1340238069e80b54003c3
01e69d9b7213bb0dd23ed84eebe6c3af2c611c05cb1fc6138ddc3df2cdf18747

HTTP Headers

GET /css?family=Open+Sans:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 09:01:08 GMT
date: Fri, 26 Apr 2024 09:01:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.cpasbien.zip/themes/default/img/footer.jpg

172.67.178.162

200 OK

37 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/footer.jpg
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2520x177, components 3
Size
37 kB (36753 bytes)
Hash
c0766070776e0c559c47298d6bee215f
822129afebf0bc3dfd15d862e22e14e3611f6456
d2ce4b28b0865f996c7a2e24ab7ca168f6bf601c2f17508362e57bf1e06fbf6a

HTTP Headers

GET /themes/default/img/footer.jpg HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 36753
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "8f91-605383d569783"
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9O5HJaFj%2FInPN3b2FShBczoEOn9OsMzBorpi1A1Xg%2FufhMXLiKv3HQcnp2uvTcJWEvEuXzziU4dgMzy1Gz1pdiBstbHb%2F%2FcbhE7aykjpsmlpnDHQ%2B2kLP22Zi9VDR%2BwhOETb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562f1399056aa-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

150 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150472, version 770.256
Size
150 kB (150472 bytes)
Hash
3e50e269ee627bb2279f91d18c085167
a7fca574d24e9ffa5ee0e0589ffe17277ae4ec27
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150472
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "630e6e62-24bc8"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 131261
expires: Wed, 16 Apr 2025 09:01:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WayJKp5YfUJzyHp4OSlLqYCywXsElWIhunqj%2FuJz1UzAQstPSeWIuU4j9%2BCSsItYp0hwOdoGozJBjpG1HyfSmGW8s79%2B%2F7Yt0PN5tdYF50bTkHGTpQ17NX2JZGig0wazmv%2FSp1mH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a562f15b8f5687-OSL
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/js/524eba27.js

172.67.178.162

200 OK

62 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/js/524eba27.js
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JavaScript source, ASCII text, with very long lines (37386), with no line terminators
Size
62 kB (61967 bytes)
Hash
dd509264e5718497cd67ad65d50a8641
480e2200fd244d68b5f8e1c90c0c6ce61699a7e8
a91b0f105197706c82220fc1485b86fa4be251b09cb6252d6a4c2221a03f86cc

HTTP Headers

GET /themes/default/js/524eba27.js HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/torrent/59803
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=37394
etag: W/"9212-609f439ba84ca-gzip"
last-modified: Sun, 12 Nov 2023 13:06:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81XVEDCxvtMr7cGnb4UIhwSJLIYe9FFFUVYoJyI%2BlmjMSRrUztA4ft0nQGB8vVnGuvluWQzZlVyuojKZV6f2g8E9bIylUtiNzKk%2FqIWStXOGv6HuhyEK%2FcxYYi%2FJp%2BYMHY14"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a562ed1da156aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:35:00 GMT
expires: Fri, 25 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 109568
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

specificationfingertip.com/8c/33/72/8c33721f6aa15cc0a61420f50575e334.js

172.240.253.132

200 OK

30 kB

URL GET HTTP/1.1
specificationfingertip.com/8c/33/72/8c33721f6aa15cc0a61420f50575e334.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectspecificationfingertip.com
Fingerprint56:24:CB:6D:8F:D0:EB:4A:8A:7C:22:ED:FA:A2:0E:7F:77:5D:A1:26
ValiditySat, 30 Mar 2024 03:48:02 GMT - Fri, 28 Jun 2024 03:48:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (29986 bytes)
Hash
6e99f284c8afd6c96e9c2decce1fe7f3
07c2bf09dc0226c2cb324e12a0819f33954c7f0a
def9a266a15ed8e99bf42e4bb0ed7d441bd3286f8e76f222358439d2ebc3c669

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8c/33/72/8c33721f6aa15cc0a61420f50575e334.js HTTP/1.1
Host: specificationfingertip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 09:01:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a9931c010280a056a5992695b62f2dff
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

35.158.46.84

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
35.158.46.84:443
ASN
#16509 AMAZON-02

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
c67e6f25b0e772b4a307027f447160ff
a6fb680bb6e6f43c95e9cb863b68da452b451982
4b066ba7c14e16d63f8dcd584893015664fd40398130f7c6606df470424d2015

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.cpasbien.zip
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=8a2b3ed5-698e-4181-96cf-24e47de43eff:2:1; expires=Mon, 24 Apr 2034 09:01:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ads2550.bid/zMGqKLVZePL23fz5M28Rrp0GtXCpk9IzMzFDxb7N8QnKyUzfg1tIZcEO78EDR9u_JX_E01L1TveZPBznG0AQG42JhlrdL26jdlTCYwTtrw5BiZXkVd1nRU97sUTGSAFjjRIX0GjhsvhBTjU9fv76XW0QeRCuZuMY5L4-aLfHncwZkO5Q_48HNb1jtTKGYfCOOmmf_wfWemInhILgpDcc14Wb7uBq9oMgBo_fvTVTrVM4mX8w-C5EU6rhqJHcHjdP_gX4DEJCZE18qGMRQnvSHJPrhOvu1QH30S9lVVBe2DUiIhIsRdkIhM3QSNKzb-5AvKsjIeAyKtnmB0GhZ17MFEytN2D8mZ6AywRktyQiizu2ddp6wxVCBKNTgVWjGzpH9_t2xQVPpsReZ2NRO6LlwafOvX7R0FrkutfSovSMx0mfzI6E3f2-kTGR4GJMkOWbBBGbxecy_mcieY4IOwDmcFobsA6mHPUbNTmw_yVeYgSqD09KN_JBw3fl16y0mrCisBBieLLDrB4QLA5CAxg0AKUySd8JUHdVaVweKEVgCtgVbQkQN?

199.80.53.161

200

710 B

URL POST HTTP/1.1
ads2550.bid/zMGqKLVZePL23fz5M28Rrp0GtXCpk9IzMzFDxb7N8QnKyUzfg1tIZcEO78EDR9u_JX_E01L1TveZPBznG0AQG42JhlrdL26jdlTCYwTtrw5BiZXkVd1nRU97sUTGSAFjjRIX0GjhsvhBTjU9fv76XW0QeRCuZuMY5L4-aLfHncwZkO5Q_48HNb1jtTKGYfCOOmmf_wfWemInhILgpDcc14Wb7uBq9oMgBo_fvTVTrVM4mX8w-C5EU6rhqJHcHjdP_gX4DEJCZE18qGMRQnvSHJPrhOvu1QH30S9lVVBe2DUiIhIsRdkIhM3QSNKzb-5AvKsjIeAyKtnmB0GhZ17MFEytN2D8mZ6AywRktyQiizu2ddp6wxVCBKNTgVWjGzpH9_t2xQVPpsReZ2NRO6LlwafOvX7R0FrkutfSovSMx0mfzI6E3f2-kTGR4GJMkOWbBBGbxecy_mcieY4IOwDmcFobsA6mHPUbNTmw_yVeYgSqD09KN_JBw3fl16y0mrCisBBieLLDrB4QLA5CAxg0AKUySd8JUHdVaVweKEVgCtgVbQkQN?
IP
199.80.53.161:443
ASN
#40824 WZ-US-40824

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectads2550.bid
FingerprintCD:F9:6F:CD:B2:57:0D:67:A2:9D:CF:3C:ED:18:62:2A:0B:F7:9A:73
ValidityWed, 06 Mar 2024 08:04:30 GMT - Tue, 04 Jun 2024 08:04:29 GMT

File type
JSON text data
Size
710 B (710 bytes)
Hash
23b2430f15ec8688a1493847901d4445
dd32e787d84fbc1d0474580ce286d5ce218d9f03
2398a7b2f623b2d378058b041ce2c73dff2592a5b1cd83df282881603dae2d96

HTTP Headers

POST /zMGqKLVZePL23fz5M28Rrp0GtXCpk9IzMzFDxb7N8QnKyUzfg1tIZcEO78EDR9u_JX_E01L1TveZPBznG0AQG42JhlrdL26jdlTCYwTtrw5BiZXkVd1nRU97sUTGSAFjjRIX0GjhsvhBTjU9fv76XW0QeRCuZuMY5L4-aLfHncwZkO5Q_48HNb1jtTKGYfCOOmmf_wfWemInhILgpDcc14Wb7uBq9oMgBo_fvTVTrVM4mX8w-C5EU6rhqJHcHjdP_gX4DEJCZE18qGMRQnvSHJPrhOvu1QH30S9lVVBe2DUiIhIsRdkIhM3QSNKzb-5AvKsjIeAyKtnmB0GhZ17MFEytN2D8mZ6AywRktyQiizu2ddp6wxVCBKNTgVWjGzpH9_t2xQVPpsReZ2NRO6LlwafOvX7R0FrkutfSovSMx0mfzI6E3f2-kTGR4GJMkOWbBBGbxecy_mcieY4IOwDmcFobsA6mHPUbNTmw_yVeYgSqD09KN_JBw3fl16y0mrCisBBieLLDrB4QLA5CAxg0AKUySd8JUHdVaVweKEVgCtgVbQkQN? HTTP/1.1
Host: ads2550.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cpasbien.zip
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
permissions-policy: *
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true
access-control-allow-origin: https://www.cpasbien.zip
set-cookie: UUID=a5422175-f779-5bdd-9035-7ae658bf7920; Domain=ads2550.bid; Expires=Sat, 31 May 2025 09:01:09 GMT; Path=/; Secure; SameSite=None
content-type: application/json;charset=UTF-8
content-length: 710
date: Fri, 26 Apr 2024 09:01:08 GMT

ads2550.bid/zB4CJv4nuvemty_zauuAfG_L8LtsCH2yBYzwzAiF1C683K8x9i69pb-OIgbCymMpPX_SIiXnr7zgUrqgfWts02CL2O3OXg_0F-PNXR9gNlIiUw7lvdsD0a3TOEzNdjkvYBB4WsxuzTgG42b-yaPz6xhwr-U2zk9aCu_-A8bjyZTNPLnsTTDUNZwFkc_9vY-CM7htDhJ9z0UFWIfdb_xFOwfUXfc7JOimDGdDRKp-5xY6mqbKZ1IuD9sPVTqGk4aLXcQvZFS-s1a9QcK5Ezd_-X8f1GnlE9a3-Xj1wU1EPvFvpzJsWd20ulaOK1V1IuiXYgw3Fce2xnNenAA_uyfE32FK0OlkEMqTK4F7o7RDI0tRUNIZ0IRfXZ42fC-Sn3i3gTpnkZ1SHtB7OfJVTQdqB-IIUw0LwZR-0chNE_KgdxchYa_8vGr5V1WO3eQWkX4-Z0TmrDHztnWCUZzRlb_5ngaBdvNZ0pg2baFnk6nHrtBNJOHaY?DC=WZ

199.80.53.161

200

49 B

URL GET HTTP/1.1
ads2550.bid/zB4CJv4nuvemty_zauuAfG_L8LtsCH2yBYzwzAiF1C683K8x9i69pb-OIgbCymMpPX_SIiXnr7zgUrqgfWts02CL2O3OXg_0F-PNXR9gNlIiUw7lvdsD0a3TOEzNdjkvYBB4WsxuzTgG42b-yaPz6xhwr-U2zk9aCu_-A8bjyZTNPLnsTTDUNZwFkc_9vY-CM7htDhJ9z0UFWIfdb_xFOwfUXfc7JOimDGdDRKp-5xY6mqbKZ1IuD9sPVTqGk4aLXcQvZFS-s1a9QcK5Ezd_-X8f1GnlE9a3-Xj1wU1EPvFvpzJsWd20ulaOK1V1IuiXYgw3Fce2xnNenAA_uyfE32FK0OlkEMqTK4F7o7RDI0tRUNIZ0IRfXZ42fC-Sn3i3gTpnkZ1SHtB7OfJVTQdqB-IIUw0LwZR-0chNE_KgdxchYa_8vGr5V1WO3eQWkX4-Z0TmrDHztnWCUZzRlb_5ngaBdvNZ0pg2baFnk6nHrtBNJOHaY?DC=WZ
IP
199.80.53.161:443
ASN
#40824 WZ-US-40824

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectads2550.bid
FingerprintCD:F9:6F:CD:B2:57:0D:67:A2:9D:CF:3C:ED:18:62:2A:0B:F7:9A:73
ValidityWed, 06 Mar 2024 08:04:30 GMT - Tue, 04 Jun 2024 08:04:29 GMT

File type
GIF image data, version 89a, 1 x 1
Size
49 B (49 bytes)
Hash
56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

HTTP Headers

GET /zB4CJv4nuvemty_zauuAfG_L8LtsCH2yBYzwzAiF1C683K8x9i69pb-OIgbCymMpPX_SIiXnr7zgUrqgfWts02CL2O3OXg_0F-PNXR9gNlIiUw7lvdsD0a3TOEzNdjkvYBB4WsxuzTgG42b-yaPz6xhwr-U2zk9aCu_-A8bjyZTNPLnsTTDUNZwFkc_9vY-CM7htDhJ9z0UFWIfdb_xFOwfUXfc7JOimDGdDRKp-5xY6mqbKZ1IuD9sPVTqGk4aLXcQvZFS-s1a9QcK5Ezd_-X8f1GnlE9a3-Xj1wU1EPvFvpzJsWd20ulaOK1V1IuiXYgw3Fce2xnNenAA_uyfE32FK0OlkEMqTK4F7o7RDI0tRUNIZ0IRfXZ42fC-Sn3i3gTpnkZ1SHtB7OfJVTQdqB-IIUw0LwZR-0chNE_KgdxchYa_8vGr5V1WO3eQWkX4-Z0TmrDHztnWCUZzRlb_5ngaBdvNZ0pg2baFnk6nHrtBNJOHaY?DC=WZ HTTP/1.1
Host: ads2550.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Cookie: UUID=a5422175-f779-5bdd-9035-7ae658bf7920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
access-control-allow-origin: *
access-control-allow-methods: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
permissions-policy: *
p3p: CP="CAO PSA OUR"
accept-ranges: bytes
etag: W/"49-1710406818000"
last-modified: Thu, 14 Mar 2024 09:00:18 GMT
content-type: image/gif
content-length: 49
date: Fri, 26 Apr 2024 09:01:08 GMT

homicidalseparationmesh.com/pixel/purst?dl=0&th=0&sc=0&rs=1420&rd=1420&fd=920&bv=24.4.6923&tmpl=70

172.240.253.132

200 OK

0 B

URL GET HTTP/1.1
homicidalseparationmesh.com/pixel/purst?dl=0&th=0&sc=0&rs=1420&rd=1420&fd=920&bv=24.4.6923&tmpl=70
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjecthomicidalseparationmesh.com
Fingerprint18:FB:AE:22:01:E9:DF:7D:00:6A:63:43:1E:C2:5B:CF:4E:CA:91:93
ValidityTue, 23 Apr 2024 10:58:34 GMT - Mon, 22 Jul 2024 10:58:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1420&rd=1420&fd=920&bv=24.4.6923&tmpl=70 HTTP/1.1
Host: homicidalseparationmesh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 09:01:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

capaciousdrewreligion.com/advertisers.js

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC
ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 09:01:09 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 05308d4cccb7fe38d1e14408890ae53f
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=8a2b3ed5-698e-4181-96cf-24e47de43eff&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=8c33721f6aa15cc0a61420f50575e334&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9

172.240.253.132

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=8a2b3ed5-698e-4181-96cf-24e47de43eff&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=8c33721f6aa15cc0a61420f50575e334&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=8a2b3ed5-698e-4181-96cf-24e47de43eff&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=8c33721f6aa15cc0a61420f50575e334&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 09:01:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aa3cff6b740675df580565088d34038c
Strict-Transport-Security: max-age=0; includeSubdomains

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

200 OK

34 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
34 kB (33786 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:09 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 18970cf9784536923b9271dfb7778b89
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: STALE
age: 1
last-modified: Fri, 26 Apr 2024 09:01:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mFA59gAVsjc2cVJyEwEMqBqdnQ6BWwKS%2FztroU0aX82iOlt3rGo7n9ZO9w%2FWIs%2FbuC3XmqMSamWdbZ257MDSvQBYl2vyZDMahdCswT7E6T3jRnmoJV3FUM6l9FORDlzd%2Bab5BJUeZ%2BTgsXuFkHgujw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562f36c2756ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.cpasbien.zip/themes/default/css/style.css

172.67.178.162

200 OK

12 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/css/style.css
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
ASCII text, with very long lines (12297), with no line terminators
Size
12 kB (12297 bytes)
Hash
88925c79a9ae2e296ea3904a40cc306c
e9997f05f3042aa3043962f7158a378a08208a5f
fc26dff232f86f6b94c7c0a9fcffd4890163292a4d5d2a092bf0896d1ef291d2

HTTP Headers

GET /themes/default/css/style.css HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/torrent/59803
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=16422
etag: W/"4026-616b327fd8069-gzip"
last-modified: Mon, 22 Apr 2024 17:56:26 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XOwKuaITcJV4L%2Bx8n%2BB7mc7Kdjg59X1pKlVPm9QV21eWJ7Vpiw8QP2B%2BHL3taWzglc9NklBW4ISyclAB4kk4KHuXcWpTO3CWS2n2PE3KS5QtJeW06EV%2FIMI%2Bg%2ByuabTjiiVZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a562ed0d9e56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/favicon.ico

172.67.178.162

200 OK

1.2 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/favicon.ico
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
730f19e40d8bc2a05b5d9418ed6d024e
27f4146350e935b83783164858fc3a41016e64fb
7798ef17288a5134d37d5aa28845eee32b62721e9e32d152f8c50c5f2f1b347c

HTTP Headers

GET /themes/default/img/favicon.ico HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/torrent/59803
Cookie: _ga_TKZGESD6CW=GS1.1.1714122069.1.0.1714122069.0.0.0; _ga=GA1.1.1557968752.1714122069; dom3ic8zudi28v8lr6fgphwffqoz0j6c=8a2b3ed5-698e-4181-96cf-24e47de43eff%3A2%3A1; pp_main_8c33721f6aa15cc0a61420f50575e334=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:09 GMT
content-type: image/x-icon
last-modified: Wed, 13 Sep 2023 07:09:24 GMT
etag: W/"47e-605383d4c71cc-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ONUYgM5vrtuQ1IH510rmUpVrW8YFBXkewO43DeobHFhuMwNQp5fmc9W4UKc%2B0f6Zn4ilEdQQx8elaBABd3yW12klInXD26VKO6o6y4fd%2BDBUrOqq0lz61aLK7uXMIADkC%2Bi9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a562f61ddf56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/torrent/59803

172.67.178.162

200 OK

13 kB

URL User Request GET HTTP/2
www.cpasbien.zip/torrent/59803
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type

Size
13 kB (13029 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /torrent/59803 HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:01:07 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=14400, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 26 Apr 2024 09:01:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8G2ZsY3Y0yX8S8%2Bu7%2FMdAIv4L%2FSiA%2Bk8xyLAgw8JmTwIy1jCIXCsRKJ%2FLdIWwtGNEVODHZZocp4sSrqaJwkYPLFfYDVOELzwtEIe0wtcZFjYrYiFqpXM2hj%2FhlA%2FHkG21oiD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a562ea184cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.cpasbien.zip/themes/default/css/jquery.tooltip.css

172.67.178.162

200 OK

300 B

URL GET HTTP/3
www.cpasbien.zip/themes/default/css/jquery.tooltip.css
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
ASCII text, with no line terminators
Size
300 B (300 bytes)
Hash
4f6f3546c7bf233c269c2700cccdfbec
bdc42910e0694401ec25bc70712ba8501a2cf151
19ce96116690970bf4303812fe245a8fcb1747922e85c045960a93db6b158080

HTTP Headers

GET /themes/default/css/jquery.tooltip.css HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/torrent/59803
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=309
etag: W/"135-605383d213725-gzip"
last-modified: Wed, 13 Sep 2023 07:09:22 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFMz2WWIbaI5Xkr5ipNldb83ffKGKdcjMuF6HRerPz4EFLAhjaqsT%2F608lBdM0BC4eFfoDkR0iQSKsKPwcf8dZdga965eWDNZToHgWw03ZbvqZLuyvdpYHp9E2Tp8hQeXhsb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a562ed0d9d56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.cpasbien.zip/themes/default/img/h3.jpg

172.67.178.162

200 OK

6.3 kB

URL GET HTTP/3
www.cpasbien.zip/themes/default/img/h3.jpg
IP
172.67.178.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien.zip/torrent/59803
Certificate
IssuerLet's Encrypt
Subjectcpasbien.zip
Fingerprint22:53:85:A0:39:5F:26:8F:4F:7C:4F:56:5C:6A:15:33:9B:A2:C6:45
ValidityMon, 22 Apr 2024 16:49:37 GMT - Sun, 21 Jul 2024 16:49:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x56, components 3
Size
6.3 kB (6279 bytes)
Hash
70352c1e036103909bc6751a72d05ba0
8b2d2bab788deba16f07dc5c5460a6981d9d7f51
796f1144081fdd9cc14606ce97d2c0494f9231a547b6e31ee175bd76e17bc4bf

HTTP Headers

GET /themes/default/img/h3.jpg HTTP/1.1
Host: www.cpasbien.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien.zip/themes/default/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 09:01:08 GMT
content-type: image/jpeg
content-length: 6279
last-modified: Wed, 13 Sep 2023 07:09:25 GMT
etag: "1887-605383d565902"
cache-control: max-age=14400
cf-cache-status: HIT
age: 310421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDqhHS3ajvb02q9weCV9gk4HNXL4PLgAiIk%2BmZ6APNN4eqI91hNuLRZQ8ZgEpTiz%2Ffts2k7wJSFN0lV1PaoCnOT42V80ldtKzwj9cj%2FSnKphzYTSUDrSHC%2Fg1OHmcpfwnoyy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a562f1398f56aa-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (42)