Report - www-cpasbien.com/

Report Overview

Visited public
2025-06-12 13:45:16
Tags
Submit Tags
URL
www-cpasbien.com/
Finishing URL
www.cpasbien4.com/
IP / ASN
172.67.135.218
#13335 CLOUDFLARENET
Title
Torrent a telecharger sur Cpasbien / Cestpasbien Officiel

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
pubtrky.com	unknown	2023-11-21	2023-11-21	2025-06-09	489 B	534 B	104.21.8.108
stingerfound.com	unknown	2025-02-07	2025-02-20	2025-06-12	419 B	1.1 kB	23.109.170.202
na.nawpush.com	38563	2020-12-21	2020-12-23	2025-06-08	487 B	1.7 kB	45.133.44.24
js.capndr.com	316718	2021-08-30	2021-08-30	2025-06-05	418 B	399 B	45.133.44.53
www.cpasbien4.com	unknown	2025-02-25	2025-03-13	2025-04-17	5.6 kB	436 kB	104.21.80.1
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2025-06-12	1.1 kB	827 B	157.90.84.242
www.cpasbien3.com	unknown	2025-02-25	2025-02-28	2025-04-17	486 B	204 kB	104.21.96.1
js.wpshsdk.com	12130	2021-06-04	2021-06-04	2025-06-07	426 B	31 kB	45.133.44.52
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-06-11	465 B	141 kB	104.17.24.14
js.wpadmngr.com	25762	2021-06-02	2021-06-02	2025-06-08	852 B	128 kB	45.133.44.52
bf6b9225a4.857a41603f.com	unknown	2025-05-13	2025-06-12	2025-06-12	849 B	345 B	45.133.44.53
storage.multstorage.com	unknown	2023-09-22	2023-09-22	2025-06-06	541 B	1.5 kB	172.67.174.51
www-cpasbien.com	unknown	2025-01-31	2017-01-26	2025-04-17	485 B	204 kB	188.114.97.1
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-06-11	438 B	390 kB	142.250.178.104

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-12	medium	stingerfound.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	From	Size	First Seen	Last Seen
	www.cpasbien4.com/	ScriptElement	195 kB	2025-06-12	2025-06-12
Pretty URL www.cpasbien4.com/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-12 13:45 Last Seen2025-06-12 13:45 Times Seen1 Hash eb4ead5a41662b5ad8e47f9754060c83 8d578bdeae10164219cceee2993e0e495c531c0e 4a61715142db66f546aac6cdc86122868a1d12fe93a3da93987c6e7a80fb534b Loading...

	js.wpadmngr.com/static/adManager.js	ScriptElement	1.7 kB	2024-04-09	2025-07-16
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 16:57 Last Seen2025-07-16 08:43 Times Seen3887 Hash 1e936cad37e18ba5bc2f07acd57447d6 f55969248208bb6871e28b9478761ffb25207c35 e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8 Loading...

	www.cpasbien4.com/themes/js/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-07-15
Pretty URL www.cpasbien4.com/themes/js/jquery.min.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24 Last Seen2025-07-15 17:11 Times Seen2363 Hash b0dc11d0a434aafe88908c7f33d71095 1327f754ff87d26bced46568543207e9df190aaa de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f Loading...

	www.cpasbien4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-07-16
Pretty URL www.cpasbien4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 09:36 Times Seen41435 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	stingerfound.com/1clkn/118101	ScriptElement	6 B	2023-03-07	2025-07-16
Pretty URL stingerfound.com/1clkn/118101 IP 23.109.170.202 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 08:43 Times Seen13543 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	www.cpasbien4.com/	ScriptElement	153 B	2024-02-15	2025-06-12
Pretty URL www.cpasbien4.com/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-15 18:33 Last Seen2025-06-12 13:45 Times Seen94 Hash 81630d0fa87c615651f4e254f82b4d06 51589a6efc263ac6ce5262cbaa07a8fa4a4f5b9a c50325fe0fe59de6c1ed0bd94cb47634640a12715d5531527459f049b6d13618 Loading...

	www.cpasbien4.com/share42/share42.js	ScriptElement	4.1 kB	2025-04-06	2025-06-27
Pretty URL www.cpasbien4.com/share42/share42.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 21:58 Last Seen2025-06-27 08:14 Times Seen18 Hash b387ab157496191e19ee47c6faf7f42e bc729052f9d01489b565147d910ff1b06d3fbc08 2a13edacffebd534c3746fc5f424b1b413a8682ac7421e4eb61403bee9286d5c Loading...

	www.cpasbien4.com/themes/js/bootstrap.min.js	ScriptElement	37 kB	2023-03-07	2025-07-16
Pretty URL www.cpasbien4.com/themes/js/bootstrap.min.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 08:41 Times Seen7069 Hash c5b5b2fa19bd66ff23211d9f844e0131 791aa054a026bddc0de92bad6cf7a1c6e73713d5 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a Loading...

	js.wpadmngr.com/static/adManager.m.js	ScriptElement	126 kB	2025-06-11	2025-06-18
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-11 17:10 Last Seen2025-06-18 08:29 Times Seen58 Hash 9b471c965261c33628f414b8a4b62306 a86ea9fba3f3215484d84330fb4fc0f46570ab0f 9b106a3e85b9788704d7e271ff5e2308c733357fba86ded56a46d2e086abf292 Loading...

	www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW	ScriptElement	389 kB	2025-06-12	2025-06-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW IP 142.250.178.104 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-12 13:45 Last Seen2025-06-12 13:45 Times Seen1 Hash 423d8b3d727a58719ad06276bc8a0128 9a6dcfc47e59ff217ae95cea412fc41d27e74679 5e8441140d4c4de2488b89d7835cccbaebc9edd04a0ea4922e087dcd6ac47f8d Loading...

	storage.multstorage.com/log/count.html	ScriptElement	693 B	2025-03-03	2025-07-16
Pretty URL storage.multstorage.com/log/count.html IP 172.67.174.51 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-03 17:07 Last Seen2025-07-16 08:43 Times Seen5161 Hash 16e1f9022fa537a6a2ec170949397376 341d27b7ac1bb5f22f032ab4c14f7589e452bea9 440204bc5125e5ffb0fa553c188a3640f1d0f6779bd0a11076133b1d20f1926b Loading...

	js.wpshsdk.com/npc/sdk/push.m.js?v=1	ScriptElement	31 kB	2025-05-19	2025-07-16
Pretty URL js.wpshsdk.com/npc/sdk/push.m.js?v=1 IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-19 15:10 Last Seen2025-07-16 08:43 Times Seen482 Hash e0184cfd99198eda03b3f0ce27a9de36 94a0075c45f4af693e1e3d7d4e1999ed3836b08b de03a21c4c09e383f7630fc2107e1671fa9ba78259b508c917946d3cf29e16de Loading...

HTTP Transactions (27)

URL IP Response Size

GET www-cpasbien.com/

188.114.97.1

301 Moved Permanently

203 kB

URL User Request GET
www-cpasbien.com/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectwww-cpasbien.com
FingerprintA5:81:BC:91:F0:68:71:D9:03:79:A3:16:4D:05:9D:62:CA:89:B5:63
ValidityThu, 29 May 2025 11:07:02 GMT - Wed, 27 Aug 2025 12:04:22 GMT

File type

Size
203 kB (203258 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www-cpasbien.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 12 Jun 2025 13:44:53 GMT
content-type: text/html
content-length: 167
location: https://www.cpasbien3.com
cache-control: max-age=3600
expires: Thu, 12 Jun 2025 14:44:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFcj9XSfpKzZaS85T1JbsmdlLRjzlljgFtKGq2jRhg7aVKofgigrVH6WBYZkNSi06EoAmVEsrHW9yZD49PWVRTDe0IqP3LSqNXbBSIkx6pALF%2FD5mr6fTLV4Y77lNGgPIfet"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 94e9c9164b9656a2-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=897&min_rtt=806&rtt_var=257&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3284&recv_bytes=1255&delivery_rate=3956284&cwnd=253&unsent_bytes=0&cid=cff35fcdb9b590f4&ts=42&x=0"
X-Firefox-Spdy: h2

GET www.cpasbien4.com/themes/default/css/styles.css

104.21.80.1

200 OK

20 kB

URL GET
www.cpasbien4.com/themes/default/css/styles.css
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectcpasbien4.com
Fingerprint8E:08:13:02:83:6B:41:D2:CA:C0:BF:81:2B:76:3D:77:16:26:CA:44
ValidityFri, 25 Apr 2025 07:39:15 GMT - Thu, 24 Jul 2025 08:36:56 GMT

File type
ASCII text, with CRLF line terminators
Size
20 kB (20174 bytes)
Hash
d2735fba8b589b6fa3e219549fe5d766
a2d3b5242c86e5aee34cb49e09e0c1f3446103bf
1856c56c542fa45848d3da76e604edeca02ca170299822a6c031516eff1ccb1c

HTTP Headers

GET /themes/default/css/styles.css HTTP/1.1
Host: www.cpasbien4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=paBbNSlTa%2BtQq74iV%2FgSx2EsgiGxKwzDwuHW3ValrMqrj%2Fv1mTkH%2B9NYgVY2N2VUyZGwMe3b2rEjVnv4ksvUrPM8wUnUwa%2Ff%2F1QOjyaWU4fVT%2F%2FDvjTwQSrPbaGcB8e2yEmc%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 24 Apr 2025 19:40:08 GMT
vary: Accept-Encoding
etag: "680a9398-4ece"
expires: Thu, 12 Jun 2025 23:15:15 GMT
cache-control: max-age=43200, no-store
content-encoding: gzip
age: 3162
cf-cache-status: HIT
cf-ray: 94e9c91a1f9c7128-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8090&min_rtt=2280&rtt_var=4366&sent=89&recv=106&lost=0&retrans=0&sent_bytes=16484&recv_bytes=7008&delivery_rate=726802&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=4cc0750d054757dd&ts=353&inflight_dur=48&x=80"

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.css

104.17.24.14

200 OK

140 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
troff or preprocessor input, ASCII text
Size
140 kB (139724 bytes)
Hash
e3d3126e93fc1303cf862d5852f56654
357908650e3a2f75f7e77c3e741e8bd0cfa07625
340d09d12141a30f53d870d647f2f4ba93047709331cd441c43db7301bd52d68

HTTP Headers

GET /ajax/libs/font-awesome/6.2.0/css/all.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: text/css; charset=utf-8
content-length: 19472
cf-ray: 94e9c91abd41712e-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-4c10"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 318481
expires: Tue, 02 Jun 2026 13:44:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H6xWxdheR38W%2B8sUtFt8CRRRLkM6w%2BOHNF2bNYGiT4BePteHQtcxvUz0oSyf5dF%2BAPTHDSz5CbhN%2FFKmSL0hP0ptbOn7W5e6r271JAk%2Fm3qwZ00CJNHAOWUWn7iT7Msb0R2lO9rw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW

142.250.178.104

200 OK

389 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-TKZGESD6CW
IP
142.250.178.104:443
ASN
#15169 GOOGLE

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07
ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT

File type
JavaScript source, ASCII text, with very long lines (5972)
Size
389 kB (389204 bytes)
Hash
423d8b3d727a58719ad06276bc8a0128
9a6dcfc47e59ff217ae95cea412fc41d27e74679
5e8441140d4c4de2488b89d7835cccbaebc9edd04a0ea4922e087dcd6ac47f8d

HTTP Headers

GET /gtag/js?id=G-TKZGESD6CW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 12 Jun 2025 13:44:54 GMT
expires: Thu, 12 Jun 2025 13:44:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 130163
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.cpasbien4.com/themes/js/bootstrap.min.js

104.21.80.1

200 OK

37 kB

URL GET
www.cpasbien4.com/themes/js/bootstrap.min.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectcpasbien4.com
Fingerprint8E:08:13:02:83:6B:41:D2:CA:C0:BF:81:2B:76:3D:77:16:26:CA:44
ValidityFri, 25 Apr 2025 07:39:15 GMT - Thu, 24 Jul 2025 08:36:56 GMT

File type
JavaScript source, ASCII text, with very long lines (32003)
Size
37 kB (36868 bytes)
Hash
c5b5b2fa19bd66ff23211d9f844e0131
791aa054a026bddc0de92bad6cf7a1c6e73713d5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

HTTP Headers

GET /themes/js/bootstrap.min.js HTTP/1.1
Host: www.cpasbien4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1SCDLmQ2PyU1GV5MFWQWbq8cS%2B6VtLfPcSZzI6oK44Y%2BVz4LYf5YhGz11Lwcb6NjW9GfsMbUBXugwtltPlg0Ql39ZYabKa34T0HAnz0gE26UR1H%2BsFWCuPpMjpNa5U7QhzaAg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 01 Mar 2025 17:56:20 GMT
vary: Accept-Encoding
etag: "67c34a44-9004"
expires: Thu, 12 Jun 2025 23:44:05 GMT
cache-control: max-age=43200, no-store
content-encoding: gzip
age: 3162
cf-cache-status: HIT
cf-ray: 94e9c91b8faa7128-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7191&min_rtt=2280&rtt_var=3910&sent=110&recv=112&lost=0&retrans=0&sent_bytes=35984&recv_bytes=8511&delivery_rate=2279175&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=4cc0750d054757dd&ts=586&inflight_dur=57&x=80"

POST fp.metricswpsh.com/fp?tag_id=321623

157.90.84.242

200 OK

60 B

URL POST
fp.metricswpsh.com/fp?tag_id=321623
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.cpasbien4.com/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type
JSON text data
Size
60 B (60 bytes)
Hash
c299c16d2a75cca379ee02b91ce3946e
e58df1b020a6bf0ac909bb601940a3f923411092
8bf0b1b1c9dafd5f12dc26bba4b403182bd063cf26ac422af22352a06e83819e

HTTP Headers

POST /fp?tag_id=321623 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1980
Origin: https://www.cpasbien4.com
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 12 Jun 2025 13:44:55 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 60
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.cpasbien4.com
Set-Cookie: id=14276664665622555438; Expires=Fri, 12 Jun 2026 13:44:55 GMT; Secure; SameSite=None
Vary: Origin

GET bf6b9225a4.857a41603f.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTc5MTg1ODM2MDgyODUwMjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMjE2MjMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40OSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==

45.133.44.53

200 OK

0 B

URL GET
bf6b9225a4.857a41603f.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTc5MTg1ODM2MDgyODUwMjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMjE2MjMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40OSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.cpasbien4.com/
Certificate
IssuerLet's Encrypt
Subjectbf6b9225a4.857a41603f.com
FingerprintDC:D8:2C:99:CF:5F:39:EC:8E:94:D8:50:90:D8:9A:66:E4:D1:B8:19
ValidityMon, 09 Jun 2025 02:47:59 GMT - Sun, 07 Sep 2025 02:47:58 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTc5MTg1ODM2MDgyODUwMjAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE0MC4wIiwidGFnX2lkIjozMjE2MjMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40OSwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: bf6b9225a4.857a41603f.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cpasbien4.com
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 13:44:55 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
x-cdn-host-id: ah1742
X-Firefox-Spdy: h2

GET stingerfound.com/1clkn/118101

23.109.170.202

200 OK

6 B

URL GET
stingerfound.com/1clkn/118101
IP
23.109.170.202:443
ASN
#7979 SERVERS-COM

Requested by
https://www.cpasbien4.com/
Certificate
IssuerLet's Encrypt
Subjectstingerfound.com
Fingerprint69:42:3D:0D:B7:40:92:0F:F2:24:6A:13:8C:34:5A:52:49:99:4A:CB
ValidityMon, 14 Apr 2025 00:37:34 GMT - Sun, 13 Jul 2025 00:37:33 GMT

File type
ASCII text, with no line terminators
Size
6 B (6 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/118101 HTTP/1.1
Host: stingerfound.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 12 Jun 2025 13:44:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Fri, 13-Jun-2025 13:44:54 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Fri, 13-Jun-2025 13:44:54 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET www.cpasbien4.com/themes/js/jquery.min.js

104.21.80.1

200 OK

84 kB

URL GET
www.cpasbien4.com/themes/js/jquery.min.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectcpasbien4.com
Fingerprint8E:08:13:02:83:6B:41:D2:CA:C0:BF:81:2B:76:3D:77:16:26:CA:44
ValidityFri, 25 Apr 2025 07:39:15 GMT - Thu, 24 Jul 2025 08:36:56 GMT

File type
JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators
Size
84 kB (84349 bytes)
Hash
b0dc11d0a434aafe88908c7f33d71095
1327f754ff87d26bced46568543207e9df190aaa
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f

HTTP Headers

GET /themes/js/jquery.min.js HTTP/1.1
Host: www.cpasbien4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=13lU0hnGkuKI1tYzTKFX6Rt4%2F0shwGUW9lJpI3p4NYOOuSQwENXcbYgzLxuoLaY9zaIYU0LPM6mTsK1JAH0bNhkxZ77olIw%2FEebw1D%2B%2BRsLjk5j5Und%2Bx0m2ug8ux5k5wiA7dA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 01 Mar 2025 17:56:20 GMT
vary: Accept-Encoding
etag: "67c34a44-1497d"
expires: Thu, 12 Jun 2025 23:10:02 GMT
cache-control: max-age=43200, no-store
content-encoding: gzip
age: 3162
cf-cache-status: HIT
cf-ray: 94e9c91b8fa97128-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7191&min_rtt=2280&rtt_var=3910&sent=100&recv=112&lost=0&retrans=0&sent_bytes=23984&recv_bytes=8511&delivery_rate=2279175&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=4cc0750d054757dd&ts=585&inflight_dur=57&x=80"

GET na.nawpush.com/tags/321623?version_name=b&domain=www.cpasbien4.com

45.133.44.24

200 OK

1.4 kB

URL GET
na.nawpush.com/tags/321623?version_name=b&domain=www.cpasbien4.com
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.cpasbien4.com/
Certificate
IssuerLet's Encrypt
Subjectna.nawpush.com
Fingerprint95:17:E8:76:46:3F:BE:D1:B1:49:03:3B:B8:E3:15:5A:8B:FB:00:41
ValidityThu, 22 May 2025 02:31:52 GMT - Wed, 20 Aug 2025 02:31:51 GMT

File type
JSON text data
Size
1.4 kB (1430 bytes)
Hash
657463653ff84ca6da874cae32c559d0
332be2cc997fcf914406bfeccafc6335078cb952
0271861fd0efcd5ed0ff7e28169d6a2de6362564782c4bb7026829bf045a75ae

HTTP Headers

GET /tags/321623?version_name=b&domain=www.cpasbien4.com HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cpasbien4.com
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-cdn-host-id: ds5058
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET storage.multstorage.com/log/count.html

172.67.174.51

200 OK

882 B

URL GET
storage.multstorage.com/log/count.html
IP
172.67.174.51:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectmultstorage.com
FingerprintAB:89:C2:3D:3B:E4:DD:0A:32:44:EC:41:65:9E:53:44:11:61:AB:F3
ValiditySun, 04 May 2025 05:28:22 GMT - Sat, 02 Aug 2025 06:26:59 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
882 B (882 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 13:44:55 GMT
content-type: text/html
server: cloudflare
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=3W3LSDG12oxsm93vokU%2BqwRFFdd4SuhDHUYkMUnQFrHk2B7gFKnF2KZieqxdXqrfWOvkca7PFqX5oYS3%2Fhh1dmZkn%2BTz60phYp8FOb%2FuGR5hxbWkvg%3D%3D"}]}
vary: Accept-Encoding
x-request-id: ca7c1c31998168dd396913f5e90f07e3
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94e9c92258a6b4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.cpasbien4.com/themes/default/css/jquery.tooltip.css

104.21.80.1

200 OK

309 B

URL GET
www.cpasbien4.com/themes/default/css/jquery.tooltip.css
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectcpasbien4.com
Fingerprint8E:08:13:02:83:6B:41:D2:CA:C0:BF:81:2B:76:3D:77:16:26:CA:44
ValidityFri, 25 Apr 2025 07:39:15 GMT - Thu, 24 Jul 2025 08:36:56 GMT

File type
ASCII text, with very long lines (309), with no line terminators
Size
309 B (309 bytes)
Hash
c3388b47404d80f816f399215d8dd280
8eefbbc83e3eeaa048b3c7ae68c9bb120d39b0d0
3679cae0d506b0b92d38e146a4edff389b0bd5680be355308d6237659d0680c2

HTTP Headers

GET /themes/default/css/jquery.tooltip.css HTTP/1.1
Host: www.cpasbien4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: text/css
content-length: 309
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Sat, 01 Mar 2025 17:56:54 GMT
etag: "67c34a66-135"
expires: Thu, 12 Jun 2025 22:55:39 GMT
cache-control: max-age=43200, no-store
accept-ranges: bytes
age: 3162
cf-cache-status: HIT
cf-ray: 94e9c91a0f9b7128-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e2d2ExTpCtTQ%2BdmXbe9QBiV0vtF7017%2BFY1SUj4D%2FKdWHSXevq4l%2BpSKC1b3LA047l4Rb2Fe3VU86NOZ%2B1G5WAWE7G4Oet%2BxyGrM%2B6YgI5AoWOFXbUZV%2FpgD1U2x1Z0PVUGDlg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8090&min_rtt=2280&rtt_var=4366&sent=85&recv=106&lost=0&retrans=0&sent_bytes=11888&recv_bytes=7008&delivery_rate=726802&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=4cc0750d054757dd&ts=353&inflight_dur=48&x=80"

GET www.cpasbien4.com/share42/icons.png

104.21.80.1

200 OK

12 kB

URL GET
www.cpasbien4.com/share42/icons.png
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectcpasbien4.com
Fingerprint8E:08:13:02:83:6B:41:D2:CA:C0:BF:81:2B:76:3D:77:16:26:CA:44
ValidityFri, 25 Apr 2025 07:39:15 GMT - Thu, 24 Jul 2025 08:36:56 GMT

File type
PNG image data, 288 x 32, 8-bit/color RGBA, non-interlaced
Size
12 kB (11709 bytes)
Hash
c28c89ad69b489b0732d6960e5f9fca1
46d4c930ed4e9f629d8fc0105598b2bcf8718478
12dbaa662a3d4db17e897957c129a080916e8977d1c4e9204212ec1bdae06ebb

HTTP Headers

GET /share42/icons.png HTTP/1.1
Host: www.cpasbien4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GaBLPgLXB%2B46Yqq9NHhlk3p3c8RogMrtmKVapKeFP0qIxgscSSO64OK0XyI2XB%2FhSSVPX%2Bfc06a2CTR19u714Pa3BYxhZDIAKg%2FY9%2F0zcFoRCZPPA%2FvoTo7o8KIxar9jtQ8sxw%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 02 Apr 2025 06:20:31 GMT
vary: Accept-Encoding
etag: "67ecd72f-2dbd"
expires: Sat, 12 Jul 2025 12:39:52 GMT
cache-control: max-age=2592000, no-store
content-encoding: gzip
age: 3162
cf-cache-status: HIT
cf-ray: 94e9c91e3fb57128-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6133&min_rtt=1598&rtt_var=3238&sent=180&recv=119&lost=0&retrans=0&sent_bytes=112392&recv_bytes=9331&delivery_rate=8949613&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=96000&unsent_bytes=0&cid=4cc0750d054757dd&ts=1010&inflight_dur=86&x=80"

GET js.wpadmngr.com/static/adManager.m.js

45.133.44.52

200 OK

126 kB

URL GET
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.cpasbien4.com/
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintC2:1D:FE:73:5C:BA:B1:47:5A:00:42:F2:A9:E3:F3:AB:A9:D1:CB:81
ValidityMon, 05 May 2025 02:34:34 GMT - Sun, 03 Aug 2025 02:34:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
126 kB (125514 bytes)
Hash
9b471c965261c33628f414b8a4b62306
a86ea9fba3f3215484d84330fb4fc0f46570ab0f
9b106a3e85b9788704d7e271ff5e2308c733357fba86ded56a46d2e086abf292

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 11 Jun 2025 15:45:36 GMT
etag: W/"6849a4a0-1ea4a"
content-encoding: gzip
expires: Thu, 12 Jun 2025 13:49:54 GMT
cache-control: max-age=300
x-cdn-host-id: ah1747
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET www.cpasbien3.com/

104.21.96.1

301 Moved Permanently

203 kB

URL User Request GET
www.cpasbien3.com/
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectcpasbien3.com
FingerprintB3:88:C2:74:8E:31:01:F1:18:C3:C7:62:72:7C:8F:13:B6:9F:8A:F1
ValidityFri, 25 Apr 2025 07:19:43 GMT - Thu, 24 Jul 2025 08:18:28 GMT

File type

Size
203 kB (203258 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.cpasbien3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 12 Jun 2025 13:44:53 GMT
content-type: text/html
content-length: 167
location: https://www.cpasbien4.com/
cache-control: max-age=3600
expires: Thu, 12 Jun 2025 14:44:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FjHYcDn42MB0JWCoRnzUoIt6n6eWOBrRCchxcp1oza%2FuO0pgkGNPu1f5e8UKNGMJ%2FSH01c8BlS1MJTaNPSvB4gUki0E0hij1aJlKu1N3OZrc4W1wxBXGV1iH0OMcNuIB4SOBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 94e9c916fe67b4fd-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=537&min_rtt=493&rtt_var=146&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3206&recv_bytes=1127&delivery_rate=6703703&cwnd=253&unsent_bytes=0&cid=9a5880eb817552e4&ts=37&x=0"
X-Firefox-Spdy: h2

GET www.cpasbien4.com/themes/default/css/bootstrap.min.css

104.21.80.1

200 OK

12 kB

URL GET
www.cpasbien4.com/themes/default/css/bootstrap.min.css
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectcpasbien4.com
Fingerprint8E:08:13:02:83:6B:41:D2:CA:C0:BF:81:2B:76:3D:77:16:26:CA:44
ValidityFri, 25 Apr 2025 07:39:15 GMT - Thu, 24 Jul 2025 08:36:56 GMT

File type
ASCII text, with very long lines (6975)
Size
12 kB (12193 bytes)
Hash
f5ba08968a6e2f03e7ddce0ac22728f2
44c0209a145c320dd6fe1b50a0f37b6cab77e853
9b7c57ae4dc2125c44a8ff8b3a80414215c6987c85de47427d8b4e9acb92c94e

HTTP Headers

GET /themes/default/css/bootstrap.min.css HTTP/1.1
Host: www.cpasbien4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YAQo50lCpaCO5HX8CmPQkmhTFinpqXOpkDUvXbJs8pzO51tX%2Fvn1jleOp4y0ahFaVxX7ZLDa6DRfFs1eYcLhvyuF5WYFwKVTUbUw2yBJMbQzi2tSYTtc4jWtIoktRR9gnhjMJg%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 01 Mar 2025 17:56:53 GMT
vary: Accept-Encoding
etag: "67c34a65-2fa1"
expires: Fri, 13 Jun 2025 00:30:33 GMT
cache-control: max-age=43200, no-store
content-encoding: gzip
age: 3162
cf-cache-status: HIT
cf-ray: 94e9c91a1f9d7128-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8090&min_rtt=2280&rtt_var=4366&sent=85&recv=106&lost=0&retrans=0&sent_bytes=11888&recv_bytes=7008&delivery_rate=726802&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=4cc0750d054757dd&ts=353&inflight_dur=48&x=80"

GET www.cpasbien4.com/cf-fonts/s/open-sans/5.0.20/latin/400/normal.woff2

104.21.80.1

200 OK

19 kB

URL GET
www.cpasbien4.com/cf-fonts/s/open-sans/5.0.20/latin/400/normal.woff2
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectcpasbien4.com
Fingerprint8E:08:13:02:83:6B:41:D2:CA:C0:BF:81:2B:76:3D:77:16:26:CA:44
ValidityFri, 25 Apr 2025 07:39:15 GMT - Thu, 24 Jul 2025 08:36:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18668, version 1.0
Size
19 kB (18668 bytes)
Hash
8655d20bbcc8cdbfab17b6be6cf55df3
90edbfa9a7dabb185487b4774076f82eb6412270
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

HTTP Headers

GET /cf-fonts/s/open-sans/5.0.20/latin/400/normal.woff2 HTTP/1.1
Host: www.cpasbien4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: font/woff2
content-length: 18668
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
cache-control: public, max-age=31536000, immutable
cf-ray: 94e9c91b9fab7128-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7slN2DqJRh%2FzDLF%2BqoQ99L%2BOj9E3t6gAOri6sTiFjkxCn2M3T7sXxH30ZKNB1IwBmLf7LQNm45YZ8GefudeBR%2BejtwPmIlwr7gdMfxJHh976%2FL6U5sr50qUks53uTarJkEDhEA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6931&min_rtt=2280&rtt_var=3453&sent=131&recv=113&lost=0&retrans=0&sent_bytes=59984&recv_bytes=8558&delivery_rate=2279175&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=24000&unsent_bytes=0&cid=4cc0750d054757dd&ts=594&inflight_dur=63&x=80"

GET www.cpasbien4.com/cf-fonts/s/open-sans/5.0.20/latin/700/normal.woff2

104.21.80.1

200 OK

18 kB

URL GET
www.cpasbien4.com/cf-fonts/s/open-sans/5.0.20/latin/700/normal.woff2
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectcpasbien4.com
Fingerprint8E:08:13:02:83:6B:41:D2:CA:C0:BF:81:2B:76:3D:77:16:26:CA:44
ValidityFri, 25 Apr 2025 07:39:15 GMT - Thu, 24 Jul 2025 08:36:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18260, version 1.0
Size
18 kB (18260 bytes)
Hash
36f81686bbf993fbfe3aed9ae2f55e5b
5d18e2d5e48e0f5ba172e7477eed432541087402
114f872abf6cae70383b09ca2168821991fde718702d79cdc457a49b03560cb0

HTTP Headers

GET /cf-fonts/s/open-sans/5.0.20/latin/700/normal.woff2 HTTP/1.1
Host: www.cpasbien4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: font/woff2
content-length: 18260
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
cache-control: public, max-age=31536000, immutable
cf-ray: 94e9c91bafac7128-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frEIca%2Fyb7O%2FWTygo97ZNg7oTGtJ%2BJEWG91wn7NMYYLs5AiQ6en0ND6qPT%2FdCkRC8QzbW9rVPVg15ftrzwqFdUwx1RZcMOQ41Qnt0rtQNtULMievnntxxL8iHqI5QJ8I9JpK4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7013&min_rtt=2280&rtt_var=2754&sent=158&recv=114&lost=0&retrans=0&sent_bytes=90986&recv_bytes=8605&delivery_rate=2948373&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=4cc0750d054757dd&ts=601&inflight_dur=71&x=80"

GET js.capndr.com/advertising.js

45.133.44.53

200 OK

0 B

URL GET
js.capndr.com/advertising.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.cpasbien4.com/
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint36:80:C9:74:A8:03:5E:A6:42:15:13:F1:12:1D:CE:69:66:FD:BF:09
ValidityWed, 16 Apr 2025 02:32:06 GMT - Tue, 15 Jul 2025 02:32:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Thu, 12 Jun 2025 13:49:54 GMT
cache-control: max-age=300
x-cdn-host-id: ah1747
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.cpasbien4.com/share42/share42.js

104.21.80.1

200 OK

4.1 kB

URL GET
www.cpasbien4.com/share42/share42.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectcpasbien4.com
Fingerprint8E:08:13:02:83:6B:41:D2:CA:C0:BF:81:2B:76:3D:77:16:26:CA:44
ValidityFri, 25 Apr 2025 07:39:15 GMT - Thu, 24 Jul 2025 08:36:56 GMT

File type
Unicode text, UTF-8 text, with very long lines (4019), with CRLF line terminators
Size
4.1 kB (4069 bytes)
Hash
b387ab157496191e19ee47c6faf7f42e
bc729052f9d01489b565147d910ff1b06d3fbc08
2a13edacffebd534c3746fc5f424b1b413a8682ac7421e4eb61403bee9286d5c

HTTP Headers

GET /share42/share42.js HTTP/1.1
Host: www.cpasbien4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2F%2FCBZ1KO4i5MrG42qxU527NLgabV7%2FRmi1h9E1RoASUGxHk4BHop3dmAVfGmvj3dbOE4y0FaGJW%2BGwJFFYT1epYf58xbAubJoXEAGxZcq8CZ%2BA%2BgRb0lK%2B469xCHzGw%2BVIf%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 02 Apr 2025 06:20:31 GMT
vary: Accept-Encoding
etag: "67ecd72f-fe5"
expires: Fri, 13 Jun 2025 00:24:57 GMT
cache-control: max-age=43200, no-store
content-encoding: gzip
age: 3162
cf-cache-status: HIT
cf-ray: 94e9c91b7fa87128-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7404&min_rtt=2280&rtt_var=4647&sent=96&recv=109&lost=0&retrans=0&sent_bytes=21660&recv_bytes=7792&delivery_rate=2279175&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=4cc0750d054757dd&ts=573&inflight_dur=52&x=80"

GET www.cpasbien4.com/

104.21.80.1

200 OK

203 kB

URL User Request GET
www.cpasbien4.com/
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectcpasbien4.com
Fingerprint8E:08:13:02:83:6B:41:D2:CA:C0:BF:81:2B:76:3D:77:16:26:CA:44
ValidityFri, 25 Apr 2025 07:39:15 GMT - Thu, 24 Jul 2025 08:36:56 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (47427), with NEL line terminators
Size
203 kB (203258 bytes)
Hash
a7f5e32bebe0f3978638733732c784ff
2d6168ad75e503c86f98056dcdadd87ee551f404
1b3dccab6c95939d8237c9679c19c84f6990251864d833001cbe923b7f23c782

HTTP Headers

GET / HTTP/1.1
Host: www.cpasbien4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 13:44:53 GMT
content-type: text/html; charset=utf-8
content-encoding: br
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 12 Jun 2025 11:12:54 GMT
age: 3162
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rfKXmJJs6f4V0lUPVscrM3itLzwf3QR1XnjzV4sVT7n34fVBBa%2BcJ3M3MVX1Ff9gqCIhWmea2JmnrDUqIie8sgzWe6skb1TFuBbk3TDiBTnnLk8ilF2QEOzTWZZmAKmhn%2BK06w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 94e9c9179a2956bd-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=526&min_rtt=463&rtt_var=129&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3280&recv_bytes=1257&delivery_rate=7144736&cwnd=254&unsent_bytes=0&cid=143ea6428805bddf&ts=44&x=0"
X-Firefox-Spdy: h2

GET js.wpadmngr.com/static/adManager.js

45.133.44.52

200 OK

1.7 kB

URL GET
js.wpadmngr.com/static/adManager.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.cpasbien4.com/
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintC2:1D:FE:73:5C:BA:B1:47:5A:00:42:F2:A9:E3:F3:AB:A9:D1:CB:81
ValidityMon, 05 May 2025 02:34:34 GMT - Sun, 03 Aug 2025 02:34:33 GMT

File type
JavaScript source, ASCII text, with very long lines (1735), with no line terminators
Size
1.7 kB (1735 bytes)
Hash
1e936cad37e18ba5bc2f07acd57447d6
f55969248208bb6871e28b9478761ffb25207c35
e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 11 Jun 2025 15:45:31 GMT
etag: W/"6849a49b-6c7"
content-encoding: gzip
expires: Thu, 12 Jun 2025 13:49:54 GMT
cache-control: max-age=300
x-cdn-host-id: ah1747
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET www.cpasbien4.com/themes/default/img/favicon.ico

104.21.80.1

200 OK

1.2 kB

URL GET
www.cpasbien4.com/themes/default/img/favicon.ico
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectcpasbien4.com
Fingerprint8E:08:13:02:83:6B:41:D2:CA:C0:BF:81:2B:76:3D:77:16:26:CA:44
ValidityFri, 25 Apr 2025 07:39:15 GMT - Thu, 24 Jul 2025 08:36:56 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
730f19e40d8bc2a05b5d9418ed6d024e
27f4146350e935b83783164858fc3a41016e64fb
7798ef17288a5134d37d5aa28845eee32b62721e9e32d152f8c50c5f2f1b347c

HTTP Headers

GET /themes/default/img/favicon.ico HTTP/1.1
Host: www.cpasbien4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: image/x-icon
content-length: 1150
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Sat, 01 Mar 2025 17:56:57 GMT
etag: "67c34a69-47e"
accept-ranges: bytes
age: 3162
cache-control: no-store
cf-cache-status: HIT
cf-ray: 94e9c91dbfb27128-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zmrGkIyN1oA3SrLp5E%2Fhj3HuhkaULZGa%2B48Jy2f6RlZL5hiwBQNdb6WeYEIC%2FG1j%2FH5PvieGgR0VPoYA9lGB39E%2FYwpq0u8%2FUi4gkjyQF%2B961HmEOD%2FGlolehof62dP%2FddaDpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6781&min_rtt=2280&rtt_var=2590&sent=177&recv=117&lost=0&retrans=0&sent_bytes=110455&recv_bytes=8999&delivery_rate=8949613&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=96000&unsent_bytes=0&cid=4cc0750d054757dd&ts=939&inflight_dur=85&x=80"

OPTIONS fp.metricswpsh.com/fp?tag_id=321623

157.90.84.242

204 No Content

0 B

URL OPTIONS
fp.metricswpsh.com/fp?tag_id=321623
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.cpasbien4.com/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=321623 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.cpasbien4.com/
Origin: https://www.cpasbien4.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Thu, 12 Jun 2025 13:44:55 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.cpasbien4.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET js.wpshsdk.com/npc/sdk/push.m.js?v=1

45.133.44.52

200 OK

31 kB

URL GET
js.wpshsdk.com/npc/sdk/push.m.js?v=1
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.cpasbien4.com/
Certificate
IssuerLet's Encrypt
Subjectjs.wpshsdk.com
Fingerprint7E:74:90:AF:51:70:F3:5D:66:30:9F:E1:6A:21:81:6D:4C:57:78:03
ValidityWed, 14 May 2025 08:32:27 GMT - Tue, 12 Aug 2025 08:32:26 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (30618), with no line terminators
Size
31 kB (31003 bytes)
Hash
e0184cfd99198eda03b3f0ce27a9de36
94a0075c45f4af693e1e3d7d4e1999ed3836b08b
de03a21c4c09e383f7630fc2107e1671fa9ba78259b508c917946d3cf29e16de

HTTP Headers

GET /npc/sdk/push.m.js?v=1 HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 13:44:55 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 22 May 2025 10:02:04 GMT
etag: W/"682ef61c-791b"
content-encoding: gzip
expires: Thu, 12 Jun 2025 13:49:55 GMT
cache-control: max-age=300
x-cdn-host-id: ah1747
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET www.cpasbien4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.21.80.1

200 OK

12 kB

URL GET
www.cpasbien4.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectcpasbien4.com
Fingerprint8E:08:13:02:83:6B:41:D2:CA:C0:BF:81:2B:76:3D:77:16:26:CA:44
ValidityFri, 25 Apr 2025 07:39:15 GMT - Thu, 24 Jul 2025 08:36:56 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.cpasbien4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 13:44:54 GMT
content-type: application/javascript
last-modified: Tue, 10 Jun 2025 15:48:22 GMT
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"684853c6-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3UayxKmkpDk6kmACAJ325lidk4tDkkMlWZZ36%2BGxPNrHGm7rpeWMYQjCcdG%2F%2BEwj9%2FoFfBFBcOSeCifizCcyltnQEBF%2Bu6Jq0wsKkm9JW5gWOHcH%2BN6GtkZDi4zjgYz9NZxaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 94e9c91a1f9e7128-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 14 Jun 2025 13:44:54 GMT

POST pubtrky.com/ut/hb.php?cb=0.95025817369877&v=1

104.21.8.108

204 No Content

0 B

URL POST
pubtrky.com/ut/hb.php?cb=0.95025817369877&v=1
IP
104.21.8.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.cpasbien4.com/
Certificate
IssuerGoogle Trust Services
Subjectpubtrky.com
FingerprintD1:DF:C8:94:03:32:97:45:6F:1A:E3:AD:EE:EC:22:B8:E7:5C:6F:27
ValidityMon, 05 May 2025 10:34:21 GMT - Sun, 03 Aug 2025 11:31:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.95025817369877&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 996
Origin: https://www.cpasbien4.com
DNT: 1
Connection: keep-alive
Referer: https://www.cpasbien4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 12 Jun 2025 13:44:55 GMT
server: cloudflare
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=kESasb4iHQcTK7wbU2SPiMyKbNLmS2vud%2BU3QH7U%2BASPVf8qn1WH%2Fp9sqZBETxxFcn4A0k%2BtsG6Py45DAeKGgsCE70B%2BQsU6Ig%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94e9c91eec8056a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML