urlscan.io logo urlscan.io
SecurityTrails logo

favtqgbfht.cfolks.pl Open in urlscan Pro
195.78.67.58  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://yerzisukka.bubbleapps.io/
Effective URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Submission: On February 23 via manual from DE — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 58 HTTP transactions. The main IP is 195.78.67.58, located in Bydgoszcz, Poland and belongs to CF-GDA, PL. The main domain is favtqgbfht.cfolks.pl.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on July 31st 2023. Valid for: a year.
This is the only time favtqgbfht.cfolks.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco BPM S.p.A. (Banking)

Domain & IP information

IP Address AS Autonomous System
12 104.16.203.66 13335 (CLOUDFLAR...)
1 142.250.185.138 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
2 2 50.62.220.152 26496 (AS-26496-...)
1 39 195.78.67.58 41079 (CF-GDA)
58 5
12    104.16.203.66 (None, )

ASN13335 (CLOUDFLARENET, US)
yerzisukka.bubbleapps.io
1    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
2    50.62.220.152 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 152.220.62.50.host.secureserver.net
www.tibpharmacy.com
39    195.78.67.58 (Bydgoszcz, Poland)

ASN41079 (CF-GDA, PL)
PTR: s180.cyber-folks.pl
favtqgbfht.cfolks.pl
Apex Domain
Subdomains		 Transfer
39 cfolks.pl
favtqgbfht.cfolks.pl
505 KB
12 bubbleapps.io
yerzisukka.bubbleapps.io
818 KB
2 tibpharmacy.com
www.tibpharmacy.com
314 B
1 gstatic.com
fonts.gstatic.com
43 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
0 bancobpm.it Failed
youweb.bancobpm.it Failed
58 6
Domain Requested by
39 favtqgbfht.cfolks.pl 1 redirects favtqgbfht.cfolks.pl
12 yerzisukka.bubbleapps.io yerzisukka.bubbleapps.io
2 www.tibpharmacy.com 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com yerzisukka.bubbleapps.io
0 youweb.bancobpm.it Failed favtqgbfht.cfolks.pl
58 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-05 -
2024-05-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.cfolks.pl
Certum Domain Validation CA SHA2		 2023-07-31 -
2024-07-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://favtqgbfht.cfolks.pl/bpm/bpm/
Frame ID: 7636385932B9B8BB03EE497B0A06044D
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

YouWeb

Page URL History Show full URLs

  1. https://yerzisukka.bubbleapps.io/ Page URL
  2. https://www.tibpharmacy.com/qp HTTP 301
    https://www.tibpharmacy.com/qp/ HTTP 302
    https://favtqgbfht.cfolks.pl/bpm/bpm HTTP 301
    https://favtqgbfht.cfolks.pl/bpm/bpm/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

58
Requests

90 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

1367 kB
Transfer

4796 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://yerzisukka.bubbleapps.io/ Page URL
  2. https://www.tibpharmacy.com/qp HTTP 301
    https://www.tibpharmacy.com/qp/ HTTP 302
    https://favtqgbfht.cfolks.pl/bpm/bpm HTTP 301
    https://favtqgbfht.cfolks.pl/bpm/bpm/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
yerzisukka.bubbleapps.io/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yerzisukka.bubbleapps.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ad1896ee71b28a9d04f69c07b0508acf9f1873d78ee696fb4993a0ef9ffe5cbd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
859ea00daa0c5231-MXP
content-encoding
br
content-security-policy
frame-ancestors 'none';
content-type
text/html
date
Fri, 23 Feb 2024 10:01:02 GMT
referrer-policy
origin
server
cloudflare
vary
Accept-Encoding
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.064 unit-seconds used
x-bubble-perf
{"total":96.5,"percents":{"top":{"bubble_cpu":28.8,"block":70.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":34.5,"appserver_cache_misses_time":0,"redis":73.1,"fiber_queue":2.7,"capacity_wait":1.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":28,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":62,"fiber_queue":54,"blocks":53},"misc":{"userdb_results":1,"userdb_data":206,"spent_time":4174567}}
x-frame-options
DENY
x-powered-by
Express
early.js
yerzisukka.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yerzisukka.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by
Host: yerzisukka.bubbleapps.io
URL: https://yerzisukka.bubbleapps.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer
https://yerzisukka.bubbleapps.io/
Origin
https://yerzisukka.bubbleapps.io
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:02 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":31.9,"percents":{"top":{"bubble_cpu":19.6,"block":79.2,"capacity_rl":0,"other_pause":0,"pre_fiber":1.1},"sub":{"pp_userdb":21.9,"pp_wait_userdb":0,"http_request":0,"serverjson":10.6,"appserver_cache_misses_time":0,"redis":48.1,"fiber_queue":3.4,"capacity_wait":4}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":20,"fiber_queue":25,"blocks":24},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":7939478}}
server
cloudflare
age
15219
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.122 unit-seconds used
timing-allow-origin
*
cf-ray
859ea00fdd7e5231-MXP
x-bubble-capacity-limit
0 ms slower
run.css
yerzisukka.bubbleapps.io/package/run_css/a60e2ca140cb0762eff8b8a22e0f277b8c17de07ca5220bb8e65c2abf4380c2c/yerzisukka/live/index/xfalse/xfalse/ 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yerzisukka.bubbleapps.io/package/run_css/a60e2ca140cb0762eff8b8a22e0f277b8c17de07ca5220bb8e65c2abf4380c2c/yerzisukka/live/index/xfalse/xfalse/run.css
Requested by
Host: yerzisukka.bubbleapps.io
URL: https://yerzisukka.bubbleapps.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
195756a558620132f46f1830236f5ba2f9bf287e1bc1708c7687f97a6c2c6671

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://yerzisukka.bubbleapps.io/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:02 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":86.7,"percents":{"top":{"bubble_cpu":22.1,"block":77.4,"capacity_rl":0,"other_pause":0,"pre_fiber":0.7},"sub":{"pp_userdb":4.6,"pp_wait_userdb":0,"http_request":0,"serverjson":16.2,"appserver_cache_misses_time":0,"redis":22.4,"fiber_queue":1.8,"capacity_wait":1.9}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":15,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":34,"fiber_queue":34,"blocks":33},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":7876282}}
age
15219
cf-polished
origSize=57561
x-powered-by
Express
x-bubble-capacity-used
0.121 unit-seconds used
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
859ea01168165231-MXP
x-bubble-capacity-limit
0 ms slower
pre_run_jquery.js
yerzisukka.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yerzisukka.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by
Host: yerzisukka.bubbleapps.io
URL: https://yerzisukka.bubbleapps.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer
https://yerzisukka.bubbleapps.io/
Origin
https://yerzisukka.bubbleapps.io
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:02 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":22,"percents":{"top":{"bubble_cpu":27.1,"block":67.9,"capacity_rl":0,"other_pause":0,"pre_fiber":2.9},"sub":{"pp_userdb":9.1,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":43.9,"fiber_queue":4.9,"capacity_wait":7.7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":892401}}
server
cloudflare
age
15219
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.014 unit-seconds used
timing-allow-origin
*
cf-ray
859ea01168175231-MXP
x-bubble-capacity-limit
0 ms slower
run.js
yerzisukka.bubbleapps.io/package/run_js/6e20aeefac124d7ac2407dc0730baafc0cb215633d9b2032c477cd8b033d3a52/xtrue/x29/ 		3 MB
752 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yerzisukka.bubbleapps.io/package/run_js/6e20aeefac124d7ac2407dc0730baafc0cb215633d9b2032c477cd8b033d3a52/xtrue/x29/run.js
Requested by
Host: yerzisukka.bubbleapps.io
URL: https://yerzisukka.bubbleapps.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7cbdc91002974d8506d8f65eed3573529676abf36c285ee1ce3b65e5621d4b6d

Request headers

Referer
https://yerzisukka.bubbleapps.io/
Origin
https://yerzisukka.bubbleapps.io
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:02 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":38.2,"percents":{"top":{"bubble_cpu":27.6,"block":67.9,"capacity_rl":0,"other_pause":0,"pre_fiber":1.1},"sub":{"pp_userdb":5.2,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":31.6,"fiber_queue":2.5,"capacity_wait":3.8}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":16,"blocks":15},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":1581830}}
server
cloudflare
age
15219
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.024 unit-seconds used
timing-allow-origin
*
cf-ray
859ea01168185231-MXP
x-bubble-capacity-limit
0 ms slower
static.js
yerzisukka.bubbleapps.io/package/static_js/048abbb5ba37a7c39423c1434f31cf9ecb219adfa253b26932914235da0934bd/yerzisukka/live/index/xnull/xfalse/xfalse/xtrue/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yerzisukka.bubbleapps.io/package/static_js/048abbb5ba37a7c39423c1434f31cf9ecb219adfa253b26932914235da0934bd/yerzisukka/live/index/xnull/xfalse/xfalse/xtrue/static.js
Requested by
Host: yerzisukka.bubbleapps.io
URL: https://yerzisukka.bubbleapps.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
86186df42a4863bbdaa86480a69a08a0669ae90b39db94649656a8a2ee8c2e1b

Request headers

Referer
https://yerzisukka.bubbleapps.io/
Origin
https://yerzisukka.bubbleapps.io
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:02 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":75.7,"percents":{"top":{"bubble_cpu":21.4,"block":78,"capacity_rl":0,"other_pause":0,"pre_fiber":0.5},"sub":{"pp_userdb":2.6,"pp_wait_userdb":0,"http_request":0,"serverjson":8.6,"appserver_cache_misses_time":0,"redis":27.6,"fiber_queue":1.3,"capacity_wait":1.4}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":14,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":28,"fiber_queue":25,"blocks":24},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":2432114}}
server
cloudflare
age
15219
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.037 unit-seconds used
timing-allow-origin
*
cf-ray
859ea011681a5231-MXP
x-bubble-capacity-limit
0 ms slower
dynamic.js
yerzisukka.bubbleapps.io/package/dynamic_js/4e15f5867a3af48c77bfc080e9102307684f86cc4d912105dd62697d45706b94/yerzisukka/live/index/xnull/xtrue/xtrue/en_us/xfalse/xfalse/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yerzisukka.bubbleapps.io/package/dynamic_js/4e15f5867a3af48c77bfc080e9102307684f86cc4d912105dd62697d45706b94/yerzisukka/live/index/xnull/xtrue/xtrue/en_us/xfalse/xfalse/dynamic.js
Requested by
Host: yerzisukka.bubbleapps.io
URL: https://yerzisukka.bubbleapps.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
60743f1b62f8f4dd95fceeace5ecc06431ed6edb27f42185d9a819bcb97760bd

Request headers

Referer
https://yerzisukka.bubbleapps.io/
Origin
https://yerzisukka.bubbleapps.io
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:03 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":42.2,"percents":{"top":{"bubble_cpu":27.7,"block":71.3,"capacity_rl":0,"other_pause":0,"pre_fiber":1.3},"sub":{"pp_userdb":9.5,"pp_wait_userdb":0,"http_request":0,"serverjson":13.5,"appserver_cache_misses_time":0,"redis":51.1,"fiber_queue":3.1,"capacity_wait":3.6}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":4,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":24,"fiber_queue":29,"blocks":28},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":6752390}}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.104 unit-seconds used
timing-allow-origin
*
cf-ray
859ea011681b5231-MXP
x-bubble-capacity-limit
0 ms slower
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:600%7COpen+Sans:700
Requested by
Host: yerzisukka.bubbleapps.io
URL: https://yerzisukka.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://yerzisukka.bubbleapps.io/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Feb 2024 10:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 23 Feb 2024 10:01:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Feb 2024 10:01:03 GMT
data
yerzisukka.bubbleapps.io/api/1.1/init/ 		283 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yerzisukka.bubbleapps.io/api/1.1/init/data?location=https%3A%2F%2Fyerzisukka.bubbleapps.io%2F
Requested by
Host: yerzisukka.bubbleapps.io
URL: https://yerzisukka.bubbleapps.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
877c6afacfb51360c4fdb3c2b55a9ad554759bbb09908c88039df1e01c18a0e1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://yerzisukka.bubbleapps.io/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:03 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":29.4,"percents":{"top":{"bubble_cpu":28.4,"block":69,"capacity_rl":0,"other_pause":0,"pre_fiber":1.5},"sub":{"pp_userdb":3.4,"pp_wait_userdb":0,"http_request":0,"serverjson":24.7,"appserver_cache_misses_time":0,"redis":47.8,"fiber_queue":3.8,"capacity_wait":5.5}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":20,"fiber_queue":22,"blocks":21},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":6250885}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.096 unit-seconds used
cf-ray
859ea011985a5231-MXP
x-bubble-capacity-limit
0 ms slower
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://yerzisukka.bubbleapps.io/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
image/gif
hi
yerzisukka.bubbleapps.io/user/ 		57 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yerzisukka.bubbleapps.io/user/hi
Requested by
Host: yerzisukka.bubbleapps.io
URL: https://yerzisukka.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1708682463309x377195992607790800
X-Bubble-Fiber-ID
1708682463328x275607589223356700
X-Bubble-PL
1708682462536x227
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://yerzisukka.bubbleapps.io/
cache-control
no-cache
Referer
https://yerzisukka.bubbleapps.io/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Fri, 23 Feb 2024 10:01:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":12.2,"percents":{"top":{"bubble_cpu":35.4,"block":57.6,"capacity_rl":0,"other_pause":0,"pre_fiber":6.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":31.3,"appserver_cache_misses_time":0,"redis":56.4,"fiber_queue":3.8,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":646277}}
server
cloudflare
x-bubble-appname
yerzisukka
x-powered-by
Express
x-bubble-request-took
12
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.01 unit-seconds used
cf-ray
859ea013ec0d5231-MXP
x-bubble-capacity-limit
0 ms slower
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v40/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:600%7COpen+Sans:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yerzisukka.bubbleapps.io
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Wed, 21 Feb 2024 07:44:42 GMT
x-content-type-options
nosniff
age
180981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43068
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:05:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Feb 2025 07:44:42 GMT
Primary Request /
favtqgbfht.cfolks.pl/bpm/bpm/
Redirect Chain
  • https://www.tibpharmacy.com/qp
  • https://www.tibpharmacy.com/qp/
  • https://favtqgbfht.cfolks.pl/bpm/bpm
  • https://favtqgbfht.cfolks.pl/bpm/bpm/
16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
a318dd0dbd9da8e23cfb767f254723d7ce035147f896e5dc9db3123910357f77

Request headers

Referer
https://yerzisukka.bubbleapps.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 23 Feb 2024 10:01:08 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
707
content-type
text/html
date
Fri, 23 Feb 2024 10:01:07 GMT
location
https://favtqgbfht.cfolks.pl/bpm/bpm/
server
LiteSpeed
vary
User-Agent
m
yerzisukka.bubbleapps.io/user/ 		4 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yerzisukka.bubbleapps.io/user/m
Requested by
Host: yerzisukka.bubbleapps.io
URL: https://yerzisukka.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

X-Bubble-Fiber-ID
1708682463439x880334559270185200
X-Bubble-PL
1708682462536x227
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://yerzisukka.bubbleapps.io/
cache-control
no-cache
Referer
https://yerzisukka.bubbleapps.io/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Fri, 23 Feb 2024 10:01:03 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":20.8,"percents":{"top":{"bubble_cpu":25.4,"block":66.4,"capacity_rl":0,"other_pause":0,"pre_fiber":3.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":43,"fiber_queue":3,"capacity_wait":7.5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":790289}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.012 unit-seconds used
cf-ray
859ea015ff115231-MXP
x-bubble-capacity-limit
0 ms slower
apm
yerzisukka.bubbleapps.io/user/ 		4 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yerzisukka.bubbleapps.io/user/apm
Requested by
Host: yerzisukka.bubbleapps.io
URL: https://yerzisukka.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

X-Bubble-Fiber-ID
1708682465254x402566284343985500
X-Bubble-PL
1708682462536x227
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://yerzisukka.bubbleapps.io/
cache-control
no-cache
Referer
https://yerzisukka.bubbleapps.io/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Fri, 23 Feb 2024 10:01:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":16,"percents":{"top":{"bubble_cpu":19.7,"block":76,"capacity_rl":0,"other_pause":0,"pre_fiber":3.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":47.4,"fiber_queue":4.7,"capacity_wait":6.5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":472646}}
server
cloudflare
x-bubble-appname
yerzisukka
x-powered-by
Express
x-bubble-request-took
16
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.007 unit-seconds used
cf-ray
859ea01fe8e85231-MXP
x-bubble-capacity-limit
0 ms slower
frg
yerzisukka.bubbleapps.io/ 		5 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yerzisukka.bubbleapps.io/frg
Requested by
Host: yerzisukka.bubbleapps.io
URL: https://yerzisukka.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

X-Bubble-Fiber-ID
1708682466865x375854837903321700
X-Bubble-PL
1708682462536x227
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://yerzisukka.bubbleapps.io/
cache-control
no-cache
Referer
https://yerzisukka.bubbleapps.io/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

date
Fri, 23 Feb 2024 10:01:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":18.1,"percents":{"top":{"bubble_cpu":21,"block":75.5,"capacity_rl":0,"other_pause":0,"pre_fiber":3.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":62.6,"fiber_queue":3.3,"capacity_wait":10.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":569805}}
server
cloudflare
x-bubble-appname
yerzisukka
x-powered-by
Express
x-bubble-request-took
18
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.009 unit-seconds used
cf-ray
859ea029f9565231-MXP
x-bubble-capacity-limit
0 ms slower
all.css
favtqgbfht.cfolks.pl/bpm/bpm/common/fe/css/ 		86 B
220 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/common/fe/css/all.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
fb85592696298ae82b0a90767f764cb36676aa2bc7043946363c3c5b0f534618

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
last-modified
Fri, 14 Jun 2019 07:27:58 GMT
server
LiteSpeed
etag
"56-5d034c7e-fdb1847b114029fb;;;"
vary
User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
86
expires
Fri, 01 Mar 2024 10:01:08 GMT
bootstrap.height.plugin.css
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ 		3 KB
753 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/bootstrap.height.plugin.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
d74045740566a00d1da11ecc5153fc214e4452ad090fb3091e315c6759cb86b5

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 27 Jul 2017 07:53:22 GMT
server
LiteSpeed
etag
"b79-59799bf2-73abaa34e786d352;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
669
expires
Fri, 01 Mar 2024 10:01:08 GMT
ie10-viewport.css
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ 		518 B
288 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ie10-viewport.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
40d3bc447175dafb479f5f2204ed79b27e852a949320f55522287d8428849415

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 27 Jul 2017 07:53:22 GMT
server
LiteSpeed
etag
"206-59799bf2-a53afb3178776361;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
228
expires
Fri, 01 Mar 2024 10:01:08 GMT
youWeb-main7765.css
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ 		293 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
946396c462076c471d69d67f4c9aa8fafbacd586b2da5b9fa9d4686bf488d1c0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Mon, 18 Jan 2021 17:59:06 GMT
server
LiteSpeed
etag
"4947e-6005cc6a-6236d9b401fc369d;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
56873
expires
Fri, 01 Mar 2024 10:01:08 GMT
youWeb-struttura7765.css
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-struttura7765.css?v=070619
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
441d1063bda9fac793ff99f5b1c1ca687ca076074883ad6e37de3679cb2dec30

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Wed, 03 Mar 2021 05:55:46 GMT
server
LiteSpeed
etag
"52bd-603f24e2-79382cbf6631d4c;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4909
expires
Fri, 01 Mar 2024 10:01:08 GMT
youWeb-xs-mobile-struttura7765.css
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-xs-mobile-struttura7765.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
81cd079f6e0e3f9eacfd09f536752b41649f858a15b669a150396bf7d6bcf08a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Wed, 09 Oct 2019 23:36:28 GMT
server
LiteSpeed
etag
"4317-5d9e6efc-9c6797be292e990b;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3805
expires
Fri, 01 Mar 2024 10:01:08 GMT
youWeb-sm-desktop7765.css
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-sm-desktop7765.css?v=070619
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
449e2e271cd026199338586c7eb12c39298176ee2b91374bdb288e52431affc3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 06 Sep 2018 07:48:12 GMT
server
LiteSpeed
etag
"219e-5b90dbbc-5227b895215ad33e;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2162
expires
Fri, 01 Mar 2024 10:01:08 GMT
jquery-1.11.3.min.js
favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/jquery-1.11.3.min.js
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 27 Jul 2017 07:53:26 GMT
server
LiteSpeed
etag
"176d5-59799bf6-a0634fc8fe0cb940;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
32363
expires
Fri, 01 Mar 2024 10:01:08 GMT
bootstrap.min.js
favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/bootstrap.min.js
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 27 Jul 2017 07:53:26 GMT
server
LiteSpeed
etag
"8c6f-59799bf6-3d253ad6be5f8f71;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9206
expires
Fri, 01 Mar 2024 10:01:08 GMT
jquery-ui.min.js
favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/ 		233 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/jquery-ui.min.js
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
4f75b532725adcef5efb538117483dd56fea307b313c9426841152735c76e755

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 27 Jul 2017 07:53:26 GMT
server
LiteSpeed
etag
"3a2ea-59799bf6-aca030dd35defcf8;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
60971
expires
Fri, 01 Mar 2024 10:01:08 GMT
jquery.ui.touch-punch.min.js
favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/ 		1 KB
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/jquery.ui.touch-punch.min.js
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 27 Jul 2017 07:53:26 GMT
server
LiteSpeed
etag
"50b-59799bf6-d7c37b24ffcee5e5;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
525
expires
Fri, 01 Mar 2024 10:01:08 GMT
jquery.form.js
favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/jquery.form.js
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 10:42:46 GMT
server
LiteSpeed
etag
"2885-65b23b26-4cf19f431d0676c;br"
vary
Accept-Encoding,User-Agent
content-type
text/html
accept-ranges
bytes
content-length
3428
ico_covid19.png
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ico_covid19.png
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
a91e39a437fef19db73bfca15e4642aa504fd692dbc63f90b769d335762ae82f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
last-modified
Fri, 27 Mar 2020 13:05:56 GMT
server
LiteSpeed
etag
"1b91-5e7dfa34-a10c434ff8ba194f;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7057
expires
Fri, 01 Mar 2024 10:01:08 GMT
ico_appNEW.png
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ico_appNEW.png
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
cc6bb1d8dceb803d5d68cf36076d61bf89b716bc351acd0eb1ead447e0f5f506

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 10:42:46 GMT
server
LiteSpeed
etag
"2885-65b23b26-4cf19f431d0676c;br"
vary
Accept-Encoding,User-Agent
content-type
text/html
accept-ranges
bytes
content-length
3428
jquery.validate.min.js
favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/jquery.validate.min.js
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 27 Jul 2017 07:53:26 GMT
server
LiteSpeed
etag
"5a1e-59799bf6-e2110f511e338359;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7202
expires
Fri, 01 Mar 2024 10:01:08 GMT
print.css
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/print.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
126427c9c879be3618d1f6e9b74639d48d15affd5226de923b0e26ea93ecd5f3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Wed, 16 Dec 2020 12:07:46 GMT
server
LiteSpeed
etag
"3802-5fd9f892-27963b72b6607704;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3732
expires
Fri, 01 Mar 2024 10:01:08 GMT
youWeb-xxs-mobile7765.css
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ 		757 B
398 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-xxs-mobile7765.css?v=070619
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
3bb54cd702fc7c6f265126bfda02357aaf0f6ef0f4b9143517e270c27c9eb999

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 27 Jul 2017 07:53:24 GMT
server
LiteSpeed
etag
"2f5-59799bf4-abd99e18701c0dcd;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
305
expires
Fri, 01 Mar 2024 10:01:08 GMT
youWeb-xs-mobile7765.css
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ 		71 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-xs-mobile7765.css?v=070619
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
66c37449f662f1ba83fb77582bf2134fab66775ad9a10101ddf0d69d88d91e31

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Fri, 08 Jan 2021 15:55:22 GMT
server
LiteSpeed
etag
"11ccb-5ff8806a-b6f2243e491f31e8;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
15402
expires
Fri, 01 Mar 2024 10:01:08 GMT
bootstrap.css
favtqgbfht.cfolks.pl/bpm/bpm/common/fe/assets/bootstrap/ 		66 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/common/fe/assets/bootstrap/bootstrap.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/common/fe/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
ce4827e596ff84952373cad1fbfae8ec6b43e81dc29e165afdbbef3fd9de0d96

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/common/fe/css/all.css
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Wed, 24 Apr 2019 08:26:28 GMT
server
LiteSpeed
etag
"10945-5cc01db4-230ca3f25cfa29ab;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9622
expires
Fri, 01 Mar 2024 10:01:08 GMT
print.css
favtqgbfht.cfolks.pl/bpm/bpm/common/fe/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/common/fe/css/print.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/common/fe/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
3127e84f27cb855ef4b47637908bf75d3074d16cc6c497271906e3516b4b348d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/common/fe/css/all.css
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Wed, 07 Oct 2020 12:57:42 GMT
server
LiteSpeed
etag
"29bf-5f7dbb46-f96a9cff6a36cb22;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2538
expires
Fri, 01 Mar 2024 10:01:08 GMT
youWeb-xxs-mobile.css
favtqgbfht.cfolks.pl/HT/fe/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/HT/fe/css/youWeb-xxs-mobile.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 10:42:46 GMT
server
LiteSpeed
etag
"2885-65b23b26-4cf19f431d0676c;br"
vary
Accept-Encoding,User-Agent
content-type
text/html
accept-ranges
bytes
content-length
3428
youWeb-xs-mobile.css
favtqgbfht.cfolks.pl/HT/fe/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/HT/fe/css/youWeb-xs-mobile.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 10:42:46 GMT
server
LiteSpeed
etag
"2885-65b23b26-4cf19f431d0676c;br"
vary
Accept-Encoding,User-Agent
content-type
text/html
accept-ranges
bytes
content-length
3428
youWeb-sm-desktop.css
favtqgbfht.cfolks.pl/HT/fe/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/HT/fe/css/youWeb-sm-desktop.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 10:42:46 GMT
server
LiteSpeed
etag
"2885-65b23b26-4cf19f431d0676c;br"
vary
Accept-Encoding,User-Agent
content-type
text/html
accept-ranges
bytes
content-length
3428
youWeb-icone.css
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-icone.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
595a171181e8b1b33efb6871cda903c0af3c75a98c135a590ddeb398594ee0fb

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Wed, 03 Mar 2021 05:55:46 GMT
server
LiteSpeed
etag
"3cf6-603f24e2-b2f03edbc78d4105;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2882
expires
Fri, 01 Mar 2024 10:01:08 GMT
youWeb-xs-mobile-struttura.css
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-xs-mobile-struttura.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-struttura7765.css?v=070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-struttura7765.css?v=070619
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 10:42:46 GMT
server
LiteSpeed
etag
"2885-65b23b26-4cf19f431d0676c;br"
vary
Accept-Encoding,User-Agent
content-type
text/html
accept-ranges
bytes
content-length
3428
youWeb-sm-desktop-struttura.css
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-sm-desktop-struttura.css
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-struttura7765.css?v=070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-struttura7765.css?v=070619
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 10:42:46 GMT
server
LiteSpeed
etag
"2885-65b23b26-4cf19f431d0676c;br"
vary
Accept-Encoding,User-Agent
content-type
text/html
accept-ranges
bytes
content-length
3428
bg_public3872.jpg
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ 		220 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/bg_public3872.jpg?a=1
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
b5cd6bacc70b8d89c604d517fdefc92765be32a4a394adceb083497fb65812b7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
last-modified
Thu, 27 Jul 2017 05:56:12 GMT
server
LiteSpeed
etag
"37190-5979807c-aa5c9d4737718feb;;;"
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
225680
expires
Fri, 01 Mar 2024 10:01:08 GMT
help%402x.png
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/help%402x.png
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
5cb7b602b1c5b5389733b81d6fb771cc0bc8da318f0f1cf6d689781c394f05a2

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
last-modified
Thu, 27 Jul 2017 05:56:12 GMT
server
LiteSpeed
etag
"528-5979807c-a25097a756316033;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1320
expires
Fri, 01 Mar 2024 10:01:08 GMT
logo_bancobpm%402x.png
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/logo_bancobpm%402x.png
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
cc8f234f2ae5221f5e33df49bef454ae03fbb80c9db4aaf8e53bd85fad4c575e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
last-modified
Thu, 27 Jul 2017 05:56:10 GMT
server
LiteSpeed
etag
"294a-5979807a-39cc248844598b1d;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10570
expires
Fri, 01 Mar 2024 10:01:08 GMT
ico_freccia.png
favtqgbfht.cfolks.pl/bpm/HT/fe/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favtqgbfht.cfolks.pl/bpm/HT/fe/img/ico_freccia.png
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
cc6bb1d8dceb803d5d68cf36076d61bf89b716bc351acd0eb1ead447e0f5f506

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 10:42:46 GMT
server
LiteSpeed
etag
"2885-65b23b26-4cf19f431d0676c;br"
vary
Accept-Encoding,User-Agent
content-type
text/html
accept-ranges
bytes
content-length
3428
montserrat-medium-webfont.woff2
youweb.bancobpm.it/HT/fe/font/ 		0
0
montserrat-light-webfont.woff2
youweb.bancobpm.it/HT/fe/font/ 		0
0
video.html
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/video.html
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
cc6bb1d8dceb803d5d68cf36076d61bf89b716bc351acd0eb1ead447e0f5f506

Request headers

Accept
*/*
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 10:42:46 GMT
server
LiteSpeed
etag
"2885-65b23b26-4cf19f431d0676c;br"
vary
Accept-Encoding,User-Agent
content-type
text/html
accept-ranges
bytes
content-length
3428
header.html
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/ 		2 KB
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/header.html
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
f3a3a4f8563c4bbd66be6cae0d45397db7705b43dc827b500d34785f77232713

Request headers

Accept
*/*
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 02:06:56 GMT
server
LiteSpeed
etag
"7db-60419240-33fad21d9134f0ad;br"
vary
Accept-Encoding,User-Agent
content-type
text/html
accept-ranges
bytes
content-length
569
footer.html
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/ 		2 KB
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/footer.html
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
a2ae5c8a35cbd2ac4ed08240c0df1207bfbf6b9ce24474180d82272dd4a2cc88

Request headers

Accept
*/*
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Fri, 05 Mar 2021 02:12:16 GMT
server
LiteSpeed
etag
"882-60419380-625b7b8efc17b4a6;br"
vary
Accept-Encoding,User-Agent
content-type
text/html
accept-ranges
bytes
content-length
857
struttura.js
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/js/script/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/js/script/struttura.js?_=1708682468386
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
cc6bb1d8dceb803d5d68cf36076d61bf89b716bc351acd0eb1ead447e0f5f506

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 10:42:46 GMT
server
LiteSpeed
etag
"2885-65b23b26-4cf19f431d0676c;br"
vary
Accept-Encoding,User-Agent
content-type
text/html
accept-ranges
bytes
content-length
3428
ico_android.png
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ico_android.png
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
13e087f2c275c8392174523707cb16e38c6e4d7c3b1990317be161e59bd09359

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
last-modified
Fri, 05 Mar 2021 02:11:20 GMT
server
LiteSpeed
etag
"4f8-60419348-5579375130d2b1a6;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1272
expires
Fri, 01 Mar 2024 10:01:08 GMT
ico_apple.png
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ico_apple.png
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
f048f986415c8132286e80e921d377694a6896971174635bbfb6ffc65a140ef8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
last-modified
Fri, 05 Mar 2021 02:11:38 GMT
server
LiteSpeed
etag
"552-6041935a-81ec12f0f99231e8;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1362
expires
Fri, 01 Mar 2024 10:01:08 GMT
logo_youweb.png
favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/logo_youweb.png
Requested by
Host: favtqgbfht.cfolks.pl
URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-xs-mobile-struttura7765.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.78.67.58 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS
s180.cyber-folks.pl
Software
LiteSpeed /
Resource Hash
d644f56d0839826ee78df2b9c14378a9c15079a09e5d8096277c2e697360d988

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-xs-mobile-struttura7765.css
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 23 Feb 2024 10:01:08 GMT
last-modified
Thu, 27 Jul 2017 05:56:10 GMT
server
LiteSpeed
etag
"505a-5979807a-dabfaa8c628fd17d;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
20570
expires
Fri, 01 Mar 2024 10:01:08 GMT
montserrat-semibold-webfont.woff2
youweb.bancobpm.it/HT/fe/font/ 		0
0
montserrat-light-webfont.woff
youweb.bancobpm.it/HT/fe/font/ 		0
0
montserrat-medium-webfont.woff
youweb.bancobpm.it/HT/fe/font/ 		0
0
montserrat-semibold-webfont.woff
youweb.bancobpm.it/HT/fe/font/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
youweb.bancobpm.it
URL
https://youweb.bancobpm.it/HT/fe/font/montserrat-medium-webfont.woff2
Domain
youweb.bancobpm.it
URL
https://youweb.bancobpm.it/HT/fe/font/montserrat-light-webfont.woff2
Domain
youweb.bancobpm.it
URL
https://youweb.bancobpm.it/HT/fe/font/montserrat-semibold-webfont.woff2
Domain
youweb.bancobpm.it
URL
https://youweb.bancobpm.it/HT/fe/font/montserrat-light-webfont.woff
Domain
youweb.bancobpm.it
URL
https://youweb.bancobpm.it/HT/fe/font/montserrat-medium-webfont.woff
Domain
youweb.bancobpm.it
URL
https://youweb.bancobpm.it/HT/fe/font/montserrat-semibold-webfont.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco BPM S.p.A. (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery111306942128723474361

4 Cookies

Domain/Path Name / Value
yerzisukka.bubbleapps.io/ Name: yerzisukka_live_u2main
Value: 1708682462509x901850965100996700
yerzisukka.bubbleapps.io/ Name: yerzisukka_live_u2main.sig
Value: i6_YG_5zMTl4583OGO0gZAMBAP8
yerzisukka.bubbleapps.io/ Name: yerzisukka_u1main
Value: 1708682462488x633232169362703000
www.tibpharmacy.com/ Name: PHPSESSID
Value: fa1af37877bb4ce4cf6dfa7579e27fe6

22 Console Messages

Source Level URL
Text
network error URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/img/ico_appNEW.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/JS/jquery/jquery.form.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://favtqgbfht.cfolks.pl/HT/fe/css/youWeb-xxs-mobile.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://favtqgbfht.cfolks.pl/HT/fe/css/youWeb-xs-mobile.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://favtqgbfht.cfolks.pl/HT/fe/css/youWeb-sm-desktop.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-xs-mobile-struttura.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/css/youWeb-sm-desktop-struttura.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://favtqgbfht.cfolks.pl/bpm/HT/fe/img/ico_freccia.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/video.html
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://favtqgbfht.cfolks.pl/bpm/bpm/HT/fe/js/script/struttura.js?_=1708682468386
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Message:
Access to font at 'https://youweb.bancobpm.it/HT/fe/font/montserrat-light-webfont.woff2' from origin 'https://favtqgbfht.cfolks.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-light-webfont.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Message:
Access to font at 'https://youweb.bancobpm.it/HT/fe/font/montserrat-medium-webfont.woff2' from origin 'https://favtqgbfht.cfolks.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-medium-webfont.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Message:
Access to font at 'https://youweb.bancobpm.it/HT/fe/font/montserrat-semibold-webfont.woff2' from origin 'https://favtqgbfht.cfolks.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-semibold-webfont.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Message:
Access to font at 'https://youweb.bancobpm.it/HT/fe/font/montserrat-light-webfont.woff' from origin 'https://favtqgbfht.cfolks.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-light-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Message:
Access to font at 'https://youweb.bancobpm.it/HT/fe/font/montserrat-medium-webfont.woff' from origin 'https://favtqgbfht.cfolks.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-medium-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://favtqgbfht.cfolks.pl/bpm/bpm/
Message:
Access to font at 'https://youweb.bancobpm.it/HT/fe/font/montserrat-semibold-webfont.woff' from origin 'https://favtqgbfht.cfolks.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-semibold-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

favtqgbfht.cfolks.pl
fonts.googleapis.com
fonts.gstatic.com
www.tibpharmacy.com
yerzisukka.bubbleapps.io
youweb.bancobpm.it
youweb.bancobpm.it
104.16.203.66
142.250.181.227
142.250.185.138
195.78.67.58
50.62.220.152
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
126427c9c879be3618d1f6e9b74639d48d15affd5226de923b0e26ea93ecd5f3
13e087f2c275c8392174523707cb16e38c6e4d7c3b1990317be161e59bd09359
195756a558620132f46f1830236f5ba2f9bf287e1bc1708c7687f97a6c2c6671
3127e84f27cb855ef4b47637908bf75d3074d16cc6c497271906e3516b4b348d
3bb54cd702fc7c6f265126bfda02357aaf0f6ef0f4b9143517e270c27c9eb999
40d3bc447175dafb479f5f2204ed79b27e852a949320f55522287d8428849415
441d1063bda9fac793ff99f5b1c1ca687ca076074883ad6e37de3679cb2dec30
449e2e271cd026199338586c7eb12c39298176ee2b91374bdb288e52431affc3
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
4f75b532725adcef5efb538117483dd56fea307b313c9426841152735c76e755
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
595a171181e8b1b33efb6871cda903c0af3c75a98c135a590ddeb398594ee0fb
5cb7b602b1c5b5389733b81d6fb771cc0bc8da318f0f1cf6d689781c394f05a2
60743f1b62f8f4dd95fceeace5ecc06431ed6edb27f42185d9a819bcb97760bd
66c37449f662f1ba83fb77582bf2134fab66775ad9a10101ddf0d69d88d91e31
7cbdc91002974d8506d8f65eed3573529676abf36c285ee1ce3b65e5621d4b6d
81cd079f6e0e3f9eacfd09f536752b41649f858a15b669a150396bf7d6bcf08a
86186df42a4863bbdaa86480a69a08a0669ae90b39db94649656a8a2ee8c2e1b
877c6afacfb51360c4fdb3c2b55a9ad554759bbb09908c88039df1e01c18a0e1
946396c462076c471d69d67f4c9aa8fafbacd586b2da5b9fa9d4686bf488d1c0
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a2ae5c8a35cbd2ac4ed08240c0df1207bfbf6b9ce24474180d82272dd4a2cc88
a318dd0dbd9da8e23cfb767f254723d7ce035147f896e5dc9db3123910357f77
a91e39a437fef19db73bfca15e4642aa504fd692dbc63f90b769d335762ae82f
ad1896ee71b28a9d04f69c07b0508acf9f1873d78ee696fb4993a0ef9ffe5cbd
b5cd6bacc70b8d89c604d517fdefc92765be32a4a394adceb083497fb65812b7
cc6bb1d8dceb803d5d68cf36076d61bf89b716bc351acd0eb1ead447e0f5f506
cc8f234f2ae5221f5e33df49bef454ae03fbb80c9db4aaf8e53bd85fad4c575e
ce4827e596ff84952373cad1fbfae8ec6b43e81dc29e165afdbbef3fd9de0d96
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d644f56d0839826ee78df2b9c14378a9c15079a09e5d8096277c2e697360d988
d74045740566a00d1da11ecc5153fc214e4452ad090fb3091e315c6759cb86b5
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f048f986415c8132286e80e921d377694a6896971174635bbfb6ffc65a140ef8
f3a3a4f8563c4bbd66be6cae0d45397db7705b43dc827b500d34785f77232713
fb85592696298ae82b0a90767f764cb36676aa2bc7043946363c3c5b0f534618