gtdngtkval.cfolks.pl Open in urlscan Pro
195.78.67.67 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://banco-bpmit.bubbleapps.io/
Effective URL:
https://gtdngtkval.cfolks.pl/bpm/
Submission Tags: phishing malicious Search All
Submission: On February 16 via api (February 16th 2024, 4:54:06 pm UTC) from NL — Scanned from NL

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 56 HTTP transactions. The main IP is 195.78.67.67, located in Bydgoszcz, Poland and belongs to CF-GDA, PL. The main domain is gtdngtkval.cfolks.pl.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on July 31st 2023. Valid for: a year.

This is the only time gtdngtkval.cfolks.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco BPM S.p.A. (Banking)

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700::68... 2606:4700::6810:cb42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
38	195.78.67.67 195.78.67.67	41079 (CF-GDA) (CF-GDA)
56	5

9 2606:4700::6810:cb42 (United States)

ASN13335 (CLOUDFLARENET, US)

banco-bpmit.bubbleapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

api.telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 195.78.67.67 (Bydgoszcz, Poland)

ASN41079 (CF-GDA, PL)
PTR: s185.cyber-folks.pl

gtdngtkval.cfolks.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	cfolks.pl gtdngtkval.cfolks.pl	505 KB
9	bubbleapps.io banco-bpmit.bubbleapps.io	790 KB
1	telegram.org api.telegram.org — Cisco Umbrella Rank: 35900
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	2 KB
0	bancobpm.it Failed youweb.bancobpm.it Failed
56	5

	Domain	Requested by
38	gtdngtkval.cfolks.pl	banco-bpmit.bubbleapps.io gtdngtkval.cfolks.pl
9	banco-bpmit.bubbleapps.io	banco-bpmit.bubbleapps.io
1	api.telegram.org
1	fonts.googleapis.com	banco-bpmit.bubbleapps.io
0	youweb.bancobpm.it Failed	gtdngtkval.cfolks.pl
56	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
api.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-03-26` - `2024-04-26`	a year	crt.sh
*.cfolks.pl Certum Domain Validation CA SHA2	`2023-07-31` - `2024-07-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gtdngtkval.cfolks.pl/bpm/
Frame ID: 776D875FFF3D2776621B0377BE12C867
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

YouWeb

Page URL History Show full URLs

https://banco-bpmit.bubbleapps.io/ Page URL
https://gtdngtkval.cfolks.pl/bpm/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

56
Requests

88 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

1296 kB
Transfer

4526 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://banco-bpmit.bubbleapps.io/ Page URL
https://gtdngtkval.cfolks.pl/bpm/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
banco-bpmit.bubbleapps.io/ 11 KB
4 KB 1998ms
1656ms Document
text/html 2606:4700::6810:cb42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banco-bpmit.bubbleapps.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:cb42 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0cff7e226b842f81709b0c84980b949901c5f07fd6f1b90b934f27f1c7763761

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 85674f34b961692e-FRA
content-encoding: br
content-security-policy: frame-ancestors 'none';
content-type: text/html
date: Fri, 16 Feb 2024 16:53:55 GMT
referrer-policy: origin
server: cloudflare
vary: Accept-Encoding
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.052 unit-seconds used
x-bubble-perf: {"total":435.4,"percents":{"top":{"bubble_cpu":5.2,"block":92.7,"capacity_rl":0,"other_pause":0,"pre_fiber":2.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":54.3,"appserver_cache_misses_time":0,"redis":81.9,"fiber_queue":11.8,"capacity_wait":1.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":28,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":58,"fiber_queue":50,"blocks":49},"misc":{"userdb_results":1,"userdb_data":206,"spent_time":3403187}}
x-frame-options: DENY
x-powered-by: Express

GET
H2 200 early.js Show response
banco-bpmit.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 24 KB
9 KB 252ms
251ms Script
application/javascript 2606:4700::6810:cb42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banco-bpmit.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by: Host: banco-bpmit.bubbleapps.io
URL: https://banco-bpmit.bubbleapps.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cb42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer: https://banco-bpmit.bubbleapps.io/
Origin: https://banco-bpmit.bubbleapps.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:53:55 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":11.5,"percents":{"top":{"bubble_cpu":30.9,"block":62.7,"capacity_rl":0,"other_pause":0,"pre_fiber":5.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":29.7,"appserver_cache_misses_time":0,"redis":46.4,"fiber_queue":4.8,"capacity_wait":11.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":534349}}
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.008 unit-seconds used
timing-allow-origin: *
cf-ray: 85674f3f385a692e-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.css
banco-bpmit.bubbleapps.io/package/run_css/d8a8ccc2bd9c675d923d1df7cd4f0b3a14b4242493838111a02cb4665df15b35/banco-bpmit/live/index/xfalse/xfalse/ 44 KB
7 KB 269ms
269ms Stylesheet
text/css 2606:4700::6810:cb42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banco-bpmit.bubbleapps.io/package/run_css/d8a8ccc2bd9c675d923d1df7cd4f0b3a14b4242493838111a02cb4665df15b35/banco-bpmit/live/index/xfalse/xfalse/run.css
Requested by: Host: banco-bpmit.bubbleapps.io
URL: https://banco-bpmit.bubbleapps.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cb42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6a041cc1b58f94e771bcb25c475bbd628898accad0a8a025fe4f933e296c1813

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://banco-bpmit.bubbleapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:53:56 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":110.7,"percents":{"top":{"bubble_cpu":30,"block":68.5,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":4.5,"pp_wait_userdb":0,"http_request":0,"serverjson":6,"appserver_cache_misses_time":0,"redis":14.4,"fiber_queue":1.9,"capacity_wait":0.8}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":15,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":35,"fiber_queue":40,"blocks":39},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":10981905}}
cf-polished: origSize=57475
x-powered-by: Express
x-bubble-capacity-used: 0.169 unit-seconds used
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 85674f40ca9e692e-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 pre_run_jquery.js Show response
banco-bpmit.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 88 KB
32 KB 1038ms
1037ms Script
application/javascript 2606:4700::6810:cb42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banco-bpmit.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by: Host: banco-bpmit.bubbleapps.io
URL: https://banco-bpmit.bubbleapps.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cb42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer: https://banco-bpmit.bubbleapps.io/
Origin: https://banco-bpmit.bubbleapps.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:53:56 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":16.9,"percents":{"top":{"bubble_cpu":31.6,"block":62.6,"capacity_rl":0,"other_pause":0,"pre_fiber":3.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":30.9,"appserver_cache_misses_time":0,"redis":43.4,"fiber_queue":3.9,"capacity_wait":12.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":802117}}
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.012 unit-seconds used
timing-allow-origin: *
cf-ray: 85674f40caa7692e-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.js Show response
banco-bpmit.bubbleapps.io/package/run_js/36014fa419b0490a9d8948ea6066c20e8601f1914b3063311945b7cc7734fcb9/xfalse/x28/ 3 MB
725 KB 1386ms
1385ms Script
application/javascript 2606:4700::6810:cb42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banco-bpmit.bubbleapps.io/package/run_js/36014fa419b0490a9d8948ea6066c20e8601f1914b3063311945b7cc7734fcb9/xfalse/x28/run.js
Requested by: Host: banco-bpmit.bubbleapps.io
URL: https://banco-bpmit.bubbleapps.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cb42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3c09bb3a6350a8eb2e3ffb586c8655b2467321b155ac3324c01232146c2e5017

Request headers

Referer: https://banco-bpmit.bubbleapps.io/
Origin: https://banco-bpmit.bubbleapps.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:53:56 GMT
content-encoding: br
cf-cache-status: MISS
x-bubble-perf: {"total":31,"percents":{"top":{"bubble_cpu":17.5,"block":75.7,"capacity_rl":0,"other_pause":0,"pre_fiber":2.9},"sub":{"pp_userdb":3.2,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":51.5,"fiber_queue":4.1,"capacity_wait":6.3}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":814254}}
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.013 unit-seconds used
timing-allow-origin: *
cf-ray: 85674f40caaa692e-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 static.js Show response
banco-bpmit.bubbleapps.io/package/static_js/603e0dcba09da75c83b9b658bc3043aaf855b98570a3a243d491b3f559a29a2e/banco-bpmit/live/index/xnull/xfalse/xfalse/xfalse/ 17 KB
7 KB 1552ms
1552ms Script
application/javascript 2606:4700::6810:cb42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banco-bpmit.bubbleapps.io/package/static_js/603e0dcba09da75c83b9b658bc3043aaf855b98570a3a243d491b3f559a29a2e/banco-bpmit/live/index/xnull/xfalse/xfalse/xfalse/static.js
Requested by: Host: banco-bpmit.bubbleapps.io
URL: https://banco-bpmit.bubbleapps.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cb42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8d0b8c02d5b9cb867b324ad054ae10e120ea6e360e78b980328187a93f7a9257

Request headers

Referer: https://banco-bpmit.bubbleapps.io/
Origin: https://banco-bpmit.bubbleapps.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:53:56 GMT
content-encoding: br
cf-cache-status: MISS
x-bubble-perf: {"total":75.7,"percents":{"top":{"bubble_cpu":28.2,"block":71,"capacity_rl":0,"other_pause":0,"pre_fiber":0.7},"sub":{"pp_userdb":2.6,"pp_wait_userdb":0,"http_request":0,"serverjson":17.9,"appserver_cache_misses_time":0,"redis":12.8,"fiber_queue":8.2,"capacity_wait":1.3}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":14,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":28,"fiber_queue":26,"blocks":25},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":3202120}}
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.049 unit-seconds used
timing-allow-origin: *
cf-ray: 85674f40caac692e-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 dynamic.js Show response
banco-bpmit.bubbleapps.io/package/dynamic_js/5ed84f97a6af84c90d32658f4494c191c8954fba61e3c9c976bfb37622626b28/banco-bpmit/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ 9 KB
5 KB 1384ms
1384ms Script
application/javascript 2606:4700::6810:cb42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banco-bpmit.bubbleapps.io/package/dynamic_js/5ed84f97a6af84c90d32658f4494c191c8954fba61e3c9c976bfb37622626b28/banco-bpmit/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by: Host: banco-bpmit.bubbleapps.io
URL: https://banco-bpmit.bubbleapps.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cb42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b1bea5b331ced35e73aa7858c2507aee9b5db6142bcbc4692e4eed83eff19ff1

Request headers

Referer: https://banco-bpmit.bubbleapps.io/
Origin: https://banco-bpmit.bubbleapps.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:53:56 GMT
content-encoding: br
cf-cache-status: MISS
x-bubble-perf: {"total":120.4,"percents":{"top":{"bubble_cpu":17.4,"block":82.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":3.3,"pp_wait_userdb":0,"http_request":0,"serverjson":3.2,"appserver_cache_misses_time":0,"redis":9.5,"fiber_queue":6.6,"capacity_wait":0.9}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":4,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":24,"fiber_queue":29,"blocks":28},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":8133951}}
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.125 unit-seconds used
timing-allow-origin: *
cf-ray: 85674f40cab2692e-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 3333ms
3283ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:600%7COpen+Sans:700

Requested by

Host: banco-bpmit.bubbleapps.io
URL: https://banco-bpmit.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://banco-bpmit.bubbleapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Feb 2024 16:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 16:53:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Feb 2024 16:53:59 GMT

GET
H2 200 data Show response
banco-bpmit.bubbleapps.io/api/1.1/init/ 283 B
874 B 1358ms
1358ms XHR
text/plain 2606:4700::6810:cb42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banco-bpmit.bubbleapps.io/api/1.1/init/data?location=https%3A%2F%2Fbanco-bpmit.bubbleapps.io%2F
Requested by: Host: banco-bpmit.bubbleapps.io
URL: https://banco-bpmit.bubbleapps.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cb42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 94f7ec153bcf9dced0bdc7bee901fc163f10f2557214b4a232d2bc510bfaa3dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://banco-bpmit.bubbleapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:53:56 GMT
cf-cache-status: DYNAMIC
x-bubble-perf: {"total":125.5,"percents":{"top":{"bubble_cpu":5.1,"block":94.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":32.3,"appserver_cache_misses_time":0,"redis":60.4,"fiber_queue":8.6,"capacity_wait":13.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":14,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":957871}}
server: cloudflare
x-powered-by: Express
x-bubble-capacity-used: 0.015 unit-seconds used
cf-ray: 85674f40ead4692e-FRA
x-bubble-capacity-limit: 0 ms slower

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://banco-bpmit.bubbleapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 400 sendMessage
api.telegram.org/bot6589462708:AAExdb0rpQnpZ2hJwe-CDJYv3tAeOH-F0YU/ 0
0 122ms
56ms Image
application/json 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.telegram.org/bot6589462708:AAExdb0rpQnpZ2hJwe-CDJYv3tAeOH-F0YU/sendMessage?chat_id=-1002074970&text=bjbcomdi%20ndmbd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://banco-bpmit.bubbleapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

POST
H2 200 hi
banco-bpmit.bubbleapps.io/user/ 57 B
738 B 254ms
254ms XHR
application/json 2606:4700::6810:cb42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banco-bpmit.bubbleapps.io/user/hi
Requested by: Host: banco-bpmit.bubbleapps.io
URL: https://banco-bpmit.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cb42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1708102441229x764964402193179100
X-Bubble-Fiber-ID: 1708102441240x215352491309328540
X-Bubble-PL: 1708102435516x2064
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://banco-bpmit.bubbleapps.io/
cache-control: no-cache
Referer: https://banco-bpmit.bubbleapps.io/
X-Requested-With: XMLHttpRequest
X-Bubble-Breaking-Revision: 5

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-bubble-perf: {"total":32.9,"percents":{"top":{"bubble_cpu":9.3,"block":85.4,"capacity_rl":0,"other_pause":0,"pre_fiber":5.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":21.9,"appserver_cache_misses_time":0,"redis":65.3,"fiber_queue":2.1,"capacity_wait":18.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":458419}}
server: cloudflare
x-bubble-appname: banco-bpmit
x-powered-by: Express
x-bubble-request-took: 32
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
x-bubble-capacity-used: 0.007 unit-seconds used
cf-ray: 85674f61ccf2692e-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 Primary Request / Show response
gtdngtkval.cfolks.pl/bpm/ 16 KB
4 KB 365ms
157ms Document
text/html 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/
Requested by: Host: banco-bpmit.bubbleapps.io
URL: https://banco-bpmit.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: aa46defb9e846c70229f57469ebc9f5a6a73868197b24c004638513ff547d213

Request headers

Referer: https://banco-bpmit.bubbleapps.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 3607
content-type: text/html; charset=UTF-8
date: Fri, 16 Feb 2024 16:54:01 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent

POST m
banco-bpmit.bubbleapps.io/user/ 0
0

GET
H2 200 all.css
gtdngtkval.cfolks.pl/bpm/common/fe/css/ 86 B
229 B 73ms
72ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/common/fe/css/all.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: fb85592696298ae82b0a90767f764cb36676aa2bc7043946363c3c5b0f534618

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
last-modified: Fri, 14 Jun 2019 07:27:56 GMT
server: LiteSpeed
etag: "56-5d034c7c-f90f3bda329da40d;;;"
vary: User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 86
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 bootstrap.height.plugin.css
gtdngtkval.cfolks.pl/bpm/HT/fe/css/ 3 KB
753 B 74ms
73ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/bootstrap.height.plugin.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: d74045740566a00d1da11ecc5153fc214e4452ad090fb3091e315c6759cb86b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2017 07:53:22 GMT
server: LiteSpeed
etag: "b79-59799bf2-daea3d7eedef3129;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 669
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 ie10-viewport.css
gtdngtkval.cfolks.pl/bpm/HT/fe/css/ 518 B
288 B 75ms
73ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/ie10-viewport.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 40d3bc447175dafb479f5f2204ed79b27e852a949320f55522287d8428849415

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2017 07:53:22 GMT
server: LiteSpeed
etag: "206-59799bf2-58205a3be593944c;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 228
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 youWeb-main7765.css
gtdngtkval.cfolks.pl/bpm/HT/fe/css/ 293 KB
56 KB 75ms
74ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 946396c462076c471d69d67f4c9aa8fafbacd586b2da5b9fa9d4686bf488d1c0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Mon, 18 Jan 2021 17:59:04 GMT
server: LiteSpeed
etag: "4947e-6005cc68-255aebb013180038;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 56873
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 youWeb-struttura7765.css
gtdngtkval.cfolks.pl/bpm/HT/fe/css/ 21 KB
5 KB 75ms
74ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-struttura7765.css?v=070619
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 441d1063bda9fac793ff99f5b1c1ca687ca076074883ad6e37de3679cb2dec30

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Wed, 03 Mar 2021 05:55:46 GMT
server: LiteSpeed
etag: "52bd-603f24e2-8e7efac6553e685b;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4909
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 youWeb-sm-desktop-struttura7765.css
gtdngtkval.cfolks.pl/bpm/HT/fe/css/ 18 KB
5 KB 76ms
75ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-sm-desktop-struttura7765.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 310caeaac071bfd5c19af7ec0678cee3c12b88ec35c021933bf141776396062b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Mon, 12 Oct 2020 13:55:02 GMT
server: LiteSpeed
etag: "470a-5f846036-234c0ab335d91a69;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4531
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 youWeb-sm-desktop7765.css
gtdngtkval.cfolks.pl/bpm/HT/fe/css/ 8 KB
2 KB 75ms
74ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-sm-desktop7765.css?v=070619
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 449e2e271cd026199338586c7eb12c39298176ee2b91374bdb288e52431affc3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 06 Sep 2018 07:48:12 GMT
server: LiteSpeed
etag: "219e-5b90dbbc-2b42eeaa8ec8cb63;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2162
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 jquery-1.11.3.min.js Show response
gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/ 94 KB
32 KB 76ms
75ms Script
application/javascript 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/jquery-1.11.3.min.js
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2017 07:53:26 GMT
server: LiteSpeed
etag: "176d5-59799bf6-42e94adf5e340ac4;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32363
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 bootstrap.min.js Show response
gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/ 35 KB
9 KB 76ms
75ms Script
application/javascript 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/bootstrap.min.js
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2017 07:53:26 GMT
server: LiteSpeed
etag: "8c6f-59799bf6-35f5c56b9762aff3;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9206
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 jquery-ui.min.js Show response
gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/ 233 KB
60 KB 76ms
76ms Script
application/javascript 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/jquery-ui.min.js
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 4f75b532725adcef5efb538117483dd56fea307b313c9426841152735c76e755

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2017 07:53:26 GMT
server: LiteSpeed
etag: "3a2ea-59799bf6-8ba938872a855297;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 60971
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 jquery.ui.touch-punch.min.js Show response
gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/ 1 KB
587 B 210ms
210ms Script
application/javascript 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/jquery.ui.touch-punch.min.js
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2017 07:53:26 GMT
server: LiteSpeed
etag: "50b-59799bf6-ba40947b973e6f3e;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 525
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 404 jquery.form.js
gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/ 0
0 211ms
210ms Script
text/html 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/jquery.form.js
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 25 Jan 2024 12:25:18 GMT
server: LiteSpeed
etag: "2885-65b2532e-f47ff0369f8e0af6;br"
vary: Accept-Encoding,User-Agent,User-Agent
content-type: text/html
accept-ranges: bytes
content-length: 3428

GET
H2 200 ico_covid19.png
gtdngtkval.cfolks.pl/bpm/HT/fe/img/ 7 KB
7 KB 211ms
210ms Image
image/png 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/img/ico_covid19.png
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: a91e39a437fef19db73bfca15e4642aa504fd692dbc63f90b769d335762ae82f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
last-modified: Fri, 27 Mar 2020 13:05:54 GMT
server: LiteSpeed
etag: "1b91-5e7dfa32-744f24d6a4d76ab;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7057
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 ico_appNew.png
gtdngtkval.cfolks.pl/bpm/HT/fe/img/ 10 KB
10 KB 211ms
211ms Image
image/png 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/img/ico_appNew.png
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: afa8871f38407eba82d7af2153460991a50b6a5c5465ccced03f7ffd8b3c5a0e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
last-modified: Tue, 26 Mar 2019 08:01:26 GMT
server: LiteSpeed
etag: "26ce-5c99dc56-361c0b4cc1208c00;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9934
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H3 200 jquery.validate.min.js Show response
gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/ 23 KB
7 KB 125ms
125ms Script
application/javascript 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/jquery.validate.min.js
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2017 07:53:26 GMT
server: LiteSpeed
etag: "5a1e-59799bf6-a4448f5b34607e79;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7202
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H3 200 print.css
gtdngtkval.cfolks.pl/bpm/HT/fe/css/ 14 KB
4 KB 116ms
115ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/print.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 126427c9c879be3618d1f6e9b74639d48d15affd5226de923b0e26ea93ecd5f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Wed, 16 Dec 2020 12:07:44 GMT
server: LiteSpeed
etag: "3802-5fd9f890-9c1113d5cf0f63be;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3732
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H3 200 youWeb-xxs-mobile7765.css
gtdngtkval.cfolks.pl/bpm/HT/fe/css/ 757 B
379 B 213ms
212ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-xxs-mobile7765.css?v=070619
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 3bb54cd702fc7c6f265126bfda02357aaf0f6ef0f4b9143517e270c27c9eb999

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2017 07:53:22 GMT
server: LiteSpeed
etag: "2f5-59799bf2-ad0de1ce7fb6d537;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 305
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H3 200 youWeb-xs-mobile7765.css
gtdngtkval.cfolks.pl/bpm/HT/fe/css/ 71 KB
15 KB 279ms
279ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-xs-mobile7765.css?v=070619
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 66c37449f662f1ba83fb77582bf2134fab66775ad9a10101ddf0d69d88d91e31

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Fri, 08 Jan 2021 15:55:20 GMT
server: LiteSpeed
etag: "11ccb-5ff88068-ef1404a7d528ac34;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15402
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 bootstrap.css
gtdngtkval.cfolks.pl/bpm/common/fe/assets/bootstrap/ 66 KB
9 KB 144ms
144ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/common/fe/assets/bootstrap/bootstrap.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/common/fe/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: ce4827e596ff84952373cad1fbfae8ec6b43e81dc29e165afdbbef3fd9de0d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/common/fe/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Wed, 24 Apr 2019 07:26:26 GMT
server: LiteSpeed
etag: "10945-5cc00fa2-9be05a7aa304f1fb;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9622
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H2 200 print.css
gtdngtkval.cfolks.pl/bpm/common/fe/css/ 10 KB
3 KB 145ms
144ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/common/fe/css/print.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/common/fe/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 3127e84f27cb855ef4b47637908bf75d3074d16cc6c497271906e3516b4b348d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/common/fe/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 12:57:42 GMT
server: LiteSpeed
etag: "29bf-5f7dbb46-528b27fb16ec6e54;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2538
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H3 404 youWeb-xxs-mobile.css
gtdngtkval.cfolks.pl/HT/fe/css/ 0
0 62ms
61ms Stylesheet
text/html 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/HT/fe/css/youWeb-xxs-mobile.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 25 Jan 2024 12:25:18 GMT
server: LiteSpeed
etag: "2885-65b2532e-f47ff0369f8e0af6;br"
vary: Accept-Encoding,User-Agent
content-type: text/html
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3428

GET
H3 404 youWeb-xs-mobile.css
gtdngtkval.cfolks.pl/HT/fe/css/ 0
0 63ms
62ms Stylesheet
text/html 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/HT/fe/css/youWeb-xs-mobile.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 25 Jan 2024 12:25:18 GMT
server: LiteSpeed
etag: "2885-65b2532e-f47ff0369f8e0af6;br"
vary: Accept-Encoding,User-Agent
content-type: text/html
accept-ranges: bytes
content-length: 3428

GET
H3 404 youWeb-sm-desktop.css
gtdngtkval.cfolks.pl/HT/fe/css/ 0
0 65ms
64ms Stylesheet
text/html 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/HT/fe/css/youWeb-sm-desktop.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 25 Jan 2024 12:25:18 GMT
server: LiteSpeed
etag: "2885-65b2532e-f47ff0369f8e0af6;br"
vary: Accept-Encoding,User-Agent
content-type: text/html
accept-ranges: bytes
content-length: 3428

GET
H3 200 youWeb-icone.css
gtdngtkval.cfolks.pl/bpm/HT/fe/css/ 15 KB
3 KB 102ms
102ms Stylesheet
text/css 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-icone.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 595a171181e8b1b33efb6871cda903c0af3c75a98c135a590ddeb398594ee0fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Wed, 03 Mar 2021 05:55:46 GMT
server: LiteSpeed
etag: "3cf6-603f24e2-da4985e9efaadc9c;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2882
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H3 404 youWeb-xs-mobile-struttura.css
gtdngtkval.cfolks.pl/bpm/HT/fe/css/ 0
0 63ms
63ms Stylesheet
text/html 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-xs-mobile-struttura.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-struttura7765.css?v=070619
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-struttura7765.css?v=070619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 25 Jan 2024 12:25:18 GMT
server: LiteSpeed
etag: "2885-65b2532e-f47ff0369f8e0af6;br"
vary: Accept-Encoding,User-Agent
content-type: text/html
accept-ranges: bytes
content-length: 3428

GET
H3 404 youWeb-sm-desktop-struttura.css
gtdngtkval.cfolks.pl/bpm/HT/fe/css/ 0
0 88ms
88ms Stylesheet
text/html 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-sm-desktop-struttura.css
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-struttura7765.css?v=070619
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-struttura7765.css?v=070619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 25 Jan 2024 12:25:18 GMT
server: LiteSpeed
etag: "2885-65b2532e-f47ff0369f8e0af6;br"
vary: Accept-Encoding,User-Agent
content-type: text/html
accept-ranges: bytes
content-length: 3428

GET
H3 200 bg_public3872.jpg
gtdngtkval.cfolks.pl/bpm/HT/fe/img/ 220 KB
221 KB 180ms
180ms Image
image/jpeg 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/img/bg_public3872.jpg?a=1
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: b5cd6bacc70b8d89c604d517fdefc92765be32a4a394adceb083497fb65812b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
last-modified: Thu, 27 Jul 2017 05:56:12 GMT
server: LiteSpeed
etag: "37190-5979807c-7c4bd49cb8bdf21c;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 225680
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H3 200 help%402x.png
gtdngtkval.cfolks.pl/bpm/HT/fe/img/ 1 KB
1 KB 103ms
102ms Image
image/png 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/img/help%402x.png
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 5cb7b602b1c5b5389733b81d6fb771cc0bc8da318f0f1cf6d689781c394f05a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
last-modified: Thu, 27 Jul 2017 05:56:12 GMT
server: LiteSpeed
etag: "528-5979807c-8d625096306a2cfe;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1320
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H3 200 logo_bancobpm%402x.png
gtdngtkval.cfolks.pl/bpm/HT/fe/img/ 10 KB
10 KB 180ms
180ms Image
image/png 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/img/logo_bancobpm%402x.png
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: cc8f234f2ae5221f5e33df49bef454ae03fbb80c9db4aaf8e53bd85fad4c575e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-main7765.css?v=070619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
last-modified: Thu, 27 Jul 2017 05:56:08 GMT
server: LiteSpeed
etag: "294a-59798078-24c8d2fa14dc9859;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10570
expires: Fri, 23 Feb 2024 16:54:01 GMT

GET
H3 404 ico_freccia.png
gtdngtkval.cfolks.pl/HT/fe/img/ 10 KB
10 KB 100ms
100ms Image
text/html 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtdngtkval.cfolks.pl/HT/fe/img/ico_freccia.png
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: cc6bb1d8dceb803d5d68cf36076d61bf89b716bc351acd0eb1ead447e0f5f506

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:01 GMT
content-encoding: br
last-modified: Thu, 25 Jan 2024 12:25:18 GMT
server: LiteSpeed
etag: "2885-65b2532e-f47ff0369f8e0af6;br"
vary: Accept-Encoding,User-Agent
content-type: text/html
accept-ranges: bytes
content-length: 3428

GET montserrat-medium-webfont.woff2
youweb.bancobpm.it/HT/fe/font/ 0
0

GET montserrat-light-webfont.woff2
youweb.bancobpm.it/HT/fe/font/ 0
0

GET
H3 404 video.html Show response
gtdngtkval.cfolks.pl/bpm/HT/fe/ 10 KB
3 KB 109ms
109ms XHR
text/html 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/video.html
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/jquery-1.11.3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: cc6bb1d8dceb803d5d68cf36076d61bf89b716bc351acd0eb1ead447e0f5f506

Request headers

Accept: */*
Referer: https://gtdngtkval.cfolks.pl/bpm/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:02 GMT
content-encoding: br
last-modified: Thu, 25 Jan 2024 12:25:18 GMT
server: LiteSpeed
etag: "2885-65b2532e-f47ff0369f8e0af6;br"
vary: Accept-Encoding,User-Agent
content-type: text/html
accept-ranges: bytes
content-length: 3428

GET
H3 200 header.html Show response
gtdngtkval.cfolks.pl/bpm/HT/fe/ 2 KB
641 B 129ms
128ms XHR
text/html 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/header.html
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/jquery-1.11.3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: f3a3a4f8563c4bbd66be6cae0d45397db7705b43dc827b500d34785f77232713

Request headers

Accept: */*
Referer: https://gtdngtkval.cfolks.pl/bpm/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:02 GMT
content-encoding: br
last-modified: Fri, 05 Mar 2021 02:06:54 GMT
server: LiteSpeed
etag: "7db-6041923e-d37c8c5fe0c97540;br"
vary: Accept-Encoding,User-Agent
content-type: text/html
accept-ranges: bytes
content-length: 569

GET
H3 200 footer.html Show response
gtdngtkval.cfolks.pl/bpm/HT/fe/ 2 KB
929 B 130ms
129ms XHR
text/html 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/footer.html
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/jquery-1.11.3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: a2ae5c8a35cbd2ac4ed08240c0df1207bfbf6b9ce24474180d82272dd4a2cc88

Request headers

Accept: */*
Referer: https://gtdngtkval.cfolks.pl/bpm/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:02 GMT
content-encoding: br
last-modified: Fri, 05 Mar 2021 02:12:14 GMT
server: LiteSpeed
etag: "882-6041937e-46b79171cc2b7e30;br"
vary: Accept-Encoding,User-Agent
content-type: text/html
accept-ranges: bytes
content-length: 857

GET
H3 404 struttura.js Show response
gtdngtkval.cfolks.pl/bpm/HT/fe/js/script/ 10 KB
3 KB 61ms
61ms XHR
text/html 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/js/script/struttura.js?_=1708102441888
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/jquery-1.11.3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: cc6bb1d8dceb803d5d68cf36076d61bf89b716bc351acd0eb1ead447e0f5f506

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://gtdngtkval.cfolks.pl/bpm/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:02 GMT
content-encoding: br
last-modified: Thu, 25 Jan 2024 12:25:18 GMT
server: LiteSpeed
etag: "2885-65b2532e-f47ff0369f8e0af6;br"
vary: Accept-Encoding,User-Agent
content-type: text/html
accept-ranges: bytes
content-length: 3428

GET
H3 200 ico_android.png
gtdngtkval.cfolks.pl/bpm/HT/fe/img/ 1 KB
1 KB 68ms
68ms Image
image/png 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/img/ico_android.png
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 13e087f2c275c8392174523707cb16e38c6e4d7c3b1990317be161e59bd09359

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:02 GMT
last-modified: Fri, 05 Mar 2021 02:11:18 GMT
server: LiteSpeed
etag: "4f8-60419346-e7b3e1779cac5b0;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1272
expires: Fri, 23 Feb 2024 16:54:02 GMT

GET
H3 200 ico_apple.png
gtdngtkval.cfolks.pl/bpm/HT/fe/img/ 1 KB
1 KB 69ms
69ms Image
image/png 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/img/ico_apple.png
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: f048f986415c8132286e80e921d377694a6896971174635bbfb6ffc65a140ef8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:02 GMT
last-modified: Fri, 05 Mar 2021 02:11:36 GMT
server: LiteSpeed
etag: "552-60419358-a9067bc760929172;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1362
expires: Fri, 23 Feb 2024 16:54:02 GMT

GET
H3 200 logo_youweb.png
gtdngtkval.cfolks.pl/bpm/HT/fe/img/ 20 KB
20 KB 75ms
75ms Image
image/png 195.78.67.67
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/img/logo_youweb.png
Requested by: Host: gtdngtkval.cfolks.pl
URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-sm-desktop-struttura7765.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 195.78.67.67 Bydgoszcz, Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s185.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: d644f56d0839826ee78df2b9c14378a9c15079a09e5d8096277c2e697360d988

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-sm-desktop-struttura7765.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:54:02 GMT
last-modified: Thu, 27 Jul 2017 05:56:10 GMT
server: LiteSpeed
etag: "505a-5979807a-4069896820ff5810;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20570
expires: Fri, 23 Feb 2024 16:54:02 GMT

GET montserrat-semibold-webfont.woff2
youweb.bancobpm.it/HT/fe/font/ 0
0

GET montserrat-light-webfont.woff
youweb.bancobpm.it/HT/fe/font/ 0
0

GET montserrat-medium-webfont.woff
youweb.bancobpm.it/HT/fe/font/ 0
0

GET montserrat-semibold-webfont.woff
youweb.bancobpm.it/HT/fe/font/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: banco-bpmit.bubbleapps.io
URL: https://banco-bpmit.bubbleapps.io/user/m

Domain: youweb.bancobpm.it
URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-medium-webfont.woff2

Domain: youweb.bancobpm.it
URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-light-webfont.woff2

Domain: youweb.bancobpm.it
URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-semibold-webfont.woff2

Domain: youweb.bancobpm.it
URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-light-webfont.woff

Domain: youweb.bancobpm.it
URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-medium-webfont.woff

Domain: youweb.bancobpm.it
URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-semibold-webfont.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco BPM S.p.A. (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery111308371841093730552

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
banco-bpmit.bubbleapps.io/	1970-01-20 18:32:41	Name: banco-bpmit_live_u2main Value: 1708102435424x444437632815608300
banco-bpmit.bubbleapps.io/	1970-01-20 18:32:41	Name: banco-bpmit_live_u2main.sig Value: 4-S1pM2A5YQ6B_xJZhzgAM3jsDY
banco-bpmit.bubbleapps.io/	1969-12-31 23:59:59	Name: banco-bpmit_u1main Value: 1708102435246x981344390401855200

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.telegram.org/bot6589462708:AAExdb0rpQnpZ2hJwe-CDJYv3tAeOH-F0YU/sendMessage?chat_id=-1002074970&text=bjbcomdi%20ndmbd Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://gtdngtkval.cfolks.pl/HT/fe/css/youWeb-xxs-mobile.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gtdngtkval.cfolks.pl/HT/fe/css/youWeb-xs-mobile.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gtdngtkval.cfolks.pl/bpm/HT/JS/jquery/jquery.form.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gtdngtkval.cfolks.pl/HT/fe/css/youWeb-sm-desktop.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-xs-mobile-struttura.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/css/youWeb-sm-desktop-struttura.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gtdngtkval.cfolks.pl/HT/fe/img/ico_freccia.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/video.html Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://gtdngtkval.cfolks.pl/bpm/ Message: Access to font at 'https://youweb.bancobpm.it/HT/fe/font/montserrat-light-webfont.woff2' from origin 'https://gtdngtkval.cfolks.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-light-webfont.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://gtdngtkval.cfolks.pl/bpm/HT/fe/js/script/struttura.js?_=1708102441888 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://gtdngtkval.cfolks.pl/bpm/ Message: Access to font at 'https://youweb.bancobpm.it/HT/fe/font/montserrat-medium-webfont.woff2' from origin 'https://gtdngtkval.cfolks.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-medium-webfont.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gtdngtkval.cfolks.pl/bpm/ Message: Access to font at 'https://youweb.bancobpm.it/HT/fe/font/montserrat-light-webfont.woff' from origin 'https://gtdngtkval.cfolks.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-light-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gtdngtkval.cfolks.pl/bpm/ Message: Access to font at 'https://youweb.bancobpm.it/HT/fe/font/montserrat-medium-webfont.woff' from origin 'https://gtdngtkval.cfolks.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-medium-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gtdngtkval.cfolks.pl/bpm/ Message: Access to font at 'https://youweb.bancobpm.it/HT/fe/font/montserrat-semibold-webfont.woff2' from origin 'https://gtdngtkval.cfolks.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-semibold-webfont.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gtdngtkval.cfolks.pl/bpm/ Message: Access to font at 'https://youweb.bancobpm.it/HT/fe/font/montserrat-semibold-webfont.woff' from origin 'https://gtdngtkval.cfolks.pl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://youweb.bancobpm.it/HT/fe/font/montserrat-semibold-webfont.woff Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.telegram.org
banco-bpmit.bubbleapps.io
fonts.googleapis.com
gtdngtkval.cfolks.pl
youweb.bancobpm.it
banco-bpmit.bubbleapps.io
youweb.bancobpm.it
195.78.67.67
2001:67c:4e8:f004::9
2606:4700::6810:cb42
2a00:1450:4001:812::200a
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
0cff7e226b842f81709b0c84980b949901c5f07fd6f1b90b934f27f1c7763761
126427c9c879be3618d1f6e9b74639d48d15affd5226de923b0e26ea93ecd5f3
13e087f2c275c8392174523707cb16e38c6e4d7c3b1990317be161e59bd09359
310caeaac071bfd5c19af7ec0678cee3c12b88ec35c021933bf141776396062b
3127e84f27cb855ef4b47637908bf75d3074d16cc6c497271906e3516b4b348d
3bb54cd702fc7c6f265126bfda02357aaf0f6ef0f4b9143517e270c27c9eb999
3c09bb3a6350a8eb2e3ffb586c8655b2467321b155ac3324c01232146c2e5017
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
40d3bc447175dafb479f5f2204ed79b27e852a949320f55522287d8428849415
441d1063bda9fac793ff99f5b1c1ca687ca076074883ad6e37de3679cb2dec30
449e2e271cd026199338586c7eb12c39298176ee2b91374bdb288e52431affc3
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
4f75b532725adcef5efb538117483dd56fea307b313c9426841152735c76e755
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
595a171181e8b1b33efb6871cda903c0af3c75a98c135a590ddeb398594ee0fb
5cb7b602b1c5b5389733b81d6fb771cc0bc8da318f0f1cf6d689781c394f05a2
66c37449f662f1ba83fb77582bf2134fab66775ad9a10101ddf0d69d88d91e31
6a041cc1b58f94e771bcb25c475bbd628898accad0a8a025fe4f933e296c1813
8d0b8c02d5b9cb867b324ad054ae10e120ea6e360e78b980328187a93f7a9257
946396c462076c471d69d67f4c9aa8fafbacd586b2da5b9fa9d4686bf488d1c0
94f7ec153bcf9dced0bdc7bee901fc163f10f2557214b4a232d2bc510bfaa3dc
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a2ae5c8a35cbd2ac4ed08240c0df1207bfbf6b9ce24474180d82272dd4a2cc88
a91e39a437fef19db73bfca15e4642aa504fd692dbc63f90b769d335762ae82f
aa46defb9e846c70229f57469ebc9f5a6a73868197b24c004638513ff547d213
afa8871f38407eba82d7af2153460991a50b6a5c5465ccced03f7ffd8b3c5a0e
b1bea5b331ced35e73aa7858c2507aee9b5db6142bcbc4692e4eed83eff19ff1
b5cd6bacc70b8d89c604d517fdefc92765be32a4a394adceb083497fb65812b7
cc6bb1d8dceb803d5d68cf36076d61bf89b716bc351acd0eb1ead447e0f5f506
cc8f234f2ae5221f5e33df49bef454ae03fbb80c9db4aaf8e53bd85fad4c575e
ce4827e596ff84952373cad1fbfae8ec6b43e81dc29e165afdbbef3fd9de0d96
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d644f56d0839826ee78df2b9c14378a9c15079a09e5d8096277c2e697360d988
d74045740566a00d1da11ecc5153fc214e4452ad090fb3091e315c6759cb86b5
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f048f986415c8132286e80e921d377694a6896971174635bbfb6ffc65a140ef8
f3a3a4f8563c4bbd66be6cae0d45397db7705b43dc827b500d34785f77232713
fb85592696298ae82b0a90767f764cb36676aa2bc7043946363c3c5b0f534618

gtdngtkval.cfolks.pl Open in urlscan Pro 195.78.67.67 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

88 %HTTPS

75 %IPv6

5 Domains

5 Subdomains

5 IPs

4 Countries

1296 kBTransfer

4526 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gtdngtkval.cfolks.pl Open in urlscan Pro
195.78.67.67 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

88 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

1296 kB
Transfer

4526 kB
Size

3
Cookies

56 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!