Report - bulqiza.info/

Report Overview

Submitted URL
bulqiza.info/
IP
63.250.43.13
ASN
#22612 NAMECHEAP-NET
Submitted
2022-12-05 04:07:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.62.5
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
bulqiza.info	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	21 kB	2.7 MB	63.250.43.13
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
tiles-s.windy.com	214067	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	134 kB	35.241.53.134
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	980 B	63 kB	142.250.74.35
embed.windy.com	158158	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	45 kB	143.204.55.37
ims-s.windy.com	73220	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	31 kB	35.241.53.134
www.monitor.al	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	177 kB	64.225.109.146
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	746 B	142.250.74.106
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	104.18.32.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	bulqiza.info/	Phishing
2022-12-05	medium	bulqiza.info/	Phishing
2022-12-05	medium	bulqiza.info/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Phishing
2022-12-05	medium	bulqiza.info/wp-content/themes/darknews/assets/font-awesome/css/all.min.css?ver=6.1.1	Phishing
2022-12-05	medium	bulqiza.info/wp-includes/css/classic-themes.min.css?ver=1	Phishing
2022-12-05	medium	bulqiza.info/wp-content/themes/darknews/assets/bootstrap/css/bootstrap.min.css?ver=6.1.1	Phishing
2022-12-05	medium	bulqiza.info/wp-content/themes/darknews/assets/slick/css/slick.min.css?ver=6.1.1	Phishing
2022-12-05	medium	bulqiza.info/wp-content/themes/darknews/assets/sidr/css/jquery.sidr.dark.css?ver=6.1.1	Phishing
2022-12-05	medium	bulqiza.info/wp-content/themes/darknews/style.css?ver=6.1.1	Phishing
2022-12-05	medium	bulqiza.info/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Phishing
2022-12-05	medium	bulqiza.info/wp-content/themes/darknews/assets/marquee/jquery.marquee.js?ver=6.1.1	Phishing
2022-12-05	medium	bulqiza.info/wp-content/themes/darknews/assets/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1	Phishing
2022-12-05	medium	bulqiza.info/wp-content/themes/darknews/assets/sidr/js/jquery.sidr.min.js?ver=6.1.1	Phishing
2022-12-05	medium	bulqiza.info/wp-content/themes/darknews/assets/bootstrap/js/bootstrap.min.js?ver=6.1.1	Phishing
2022-12-05	medium	bulqiza.info/wp-includes/js/masonry.min.js?ver=4.2.2	Phishing
2022-12-05	medium	bulqiza.info/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Phishing
2022-12-05	medium	bulqiza.info/wp-content/themes/darknews/assets/font-awesome/webfonts/fa-solid-900.woff2	Phishing
2022-12-05	medium	bulqiza.info/wp-content/themes/darknews/assets/font-awesome/webfonts/fa-regular-400.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	bulqiza.info/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-27
Pretty URL bulqiza.info/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-27 01:43:20 Times Seen31839 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	bulqiza.info/wp-content/themes/darknews/assets/bootstrap/js/bootstrap.min.js?ver=6.1.1	58 kB	2023-03-07	2024-04-24
Pretty URL bulqiza.info/wp-content/themes/darknews/assets/bootstrap/js/bootstrap.min.js?ver=6.1.1 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:04 Last Seen2024-04-24 08:02:20 Times Seen941 Hash 00e8259f4fb0664ae55be9b184020d27 f8937340285f341ecf97909378ac91322eda3111 7209e11a45cef119e8d3539afb2689835d17b16a0a22f8334d867cf77a220d2a Loading...

	bulqiza.info/wp-content/themes/darknews/assets/sidr/js/jquery.sidr.min.js?ver=6.1.1	7.0 kB	2023-03-07	2024-04-27
Pretty URL bulqiza.info/wp-content/themes/darknews/assets/sidr/js/jquery.sidr.min.js?ver=6.1.1 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:05 Last Seen2024-04-27 01:57:55 Times Seen783 Hash 37ac88aac020d48f424ec4c64119f107 57c359f422507358cd667f4119bd54086a1e842d fd57ae7228574a83527cb8917ec5a0ff944aa787934ee5b85a7976f259b7ae31 Loading...

	bulqiza.info/wp-includes/js/imagesloaded.min.js?ver=4.1.4	5.6 kB	2023-03-07	2024-04-27
Pretty URL bulqiza.info/wp-includes/js/imagesloaded.min.js?ver=4.1.4 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-27 02:39:29 Times Seen30987 Hash 3a56752b736635bf69cb069b8818cbfd 42e0951fe74bb3f56a30f51291823bcd4a84d76e ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Loading...

	bulqiza.info/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-26
Pretty URL bulqiza.info/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 23:19:42 Times Seen38071 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	embed.windy.com/js/leaflet140_patched_tileLayer.v14.js	143 kB	2023-03-08	2024-01-07
Pretty URL embed.windy.com/js/leaflet140_patched_tileLayer.v14.js IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:57 Last Seen2024-01-07 00:53:02 Times Seen44 Hash d1e84466f1fbf329b5468b0834b3dd4e 3db00dac956fe1baab539dd1f3dcea8432c35cbc 79f5851d4d0d2f0c3b52c34069f705b5ade98723e6b4a54ffa9f27c8765baa2d Loading...

	embed.windy.com/v/19.10.8.emb.7c49/embed2.js	179 kB	2023-03-08	2024-01-07
Pretty URL embed.windy.com/v/19.10.8.emb.7c49/embed2.js IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:57 Last Seen2024-01-07 00:52:53 Times Seen30 Hash 8d2dbcedfd588604f19183b055d23132 bfffb2ba859f8c517e510d7f0485b9cb3bebe2cc 701af774e421d0d0464185274aae08c757617f35949c019236933ac155daaa73 Loading...

	bulqiza.info/	2.1 kB	2023-03-08	2023-03-08
Pretty URL bulqiza.info/ IP 63.250.43.13 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:57 Last Seen2023-03-08 16:32:57 Times Seen1 Hash 2a7133281f3a638412125139996b6e92 1c589a562bc7f3c1ca6fe171f6098b392b2bc310 89bc9b92da8bad1387eab8fcd124690326737d3c096bc7c02892c669baa58023 Loading...

	embed.windy.com/embed2.html?lat=41.313&lon=20.042&detailLat=41.330&detailLon=19.820&width=850&height=450&zoom=9&level=surface&overlay=wind&product=ecmwf&menu=&message=&marker=&calendar=now&pressure=&type=map&location=coordinates&detail=&metricWind=km%2Fh&metricTemp=%C2%B0C&radarRange=-1	76 B	2023-03-08	2023-03-29
Pretty URL embed.windy.com/embed2.html?lat=41.313&lon=20.042&detailLat=41.330&detailLon=19.820&width=850&height=450&zoom=9&level=surface&overlay=wind&product=ecmwf&menu=&message=&marker=&calendar=now&pressure=&type=map&location=coordinates&detail=&metricWind=km%2Fh&metricTemp=%C2%B0C&radarRange=-1 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:57 Last Seen2023-03-29 21:27:22 Times Seen2 Hash c8fdd4cbd2c8c9f42e944369ee0236ff e90019f4ba998a8aba2e8bc78472760745a1f223 947e4d8b17e330e55d14d4dae9573ae9f4e68595c1682bf049e229041fb558e3 Loading...

	bulqiza.info/wp-content/themes/darknews/js/navigation.js?ver=20151215	3.0 kB	2023-03-07	2024-04-26
Pretty URL bulqiza.info/wp-content/themes/darknews/js/navigation.js?ver=20151215 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2024-04-26 10:54:36 Times Seen2006 Hash 49493316c090bb3d7cca5bc09031037c b77b6525d82691c3d4ca05948e846500ea0cb1d3 fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c Loading...

	embed.windy.com/embed2.html?lat=41.313&lon=20.042&detailLat=41.330&detailLon=19.820&width=850&height=450&zoom=9&level=surface&overlay=wind&product=ecmwf&menu=&message=&marker=&calendar=now&pressure=&type=map&location=coordinates&detail=&metricWind=km%2Fh&metricTemp=%C2%B0C&radarRange=-1	203 B	2023-03-08	2023-03-29
Pretty URL embed.windy.com/embed2.html?lat=41.313&lon=20.042&detailLat=41.330&detailLon=19.820&width=850&height=450&zoom=9&level=surface&overlay=wind&product=ecmwf&menu=&message=&marker=&calendar=now&pressure=&type=map&location=coordinates&detail=&metricWind=km%2Fh&metricTemp=%C2%B0C&radarRange=-1 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:57 Last Seen2023-03-29 21:27:22 Times Seen2 Hash 4e1fc3762add3f1422331cb2c29a8298 cdcdde8335c5d5fcdcc3571e2aee7f6b363fcf9d 46c83588c767adb388e00e70b92ef47673d68dee2c07b3347dea058d3713089b Loading...

	bulqiza.info/wp-content/themes/darknews/assets/script.js?ver=6.1.1	22 kB	2023-03-08	2024-02-13
Pretty URL bulqiza.info/wp-content/themes/darknews/assets/script.js?ver=6.1.1 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:44:16 Last Seen2024-02-13 00:16:16 Times Seen23 Hash 5dc2f7c87e661e08d2463c69fc8b3bcb eeda21461a58d786a09f5dbc7cc27a90b518683f cc0691ee9367fd5796a591d37c574fa4bf3c07e2549a2d074162cc9f6902334e Loading...

	bulqiza.info/wp-content/themes/darknews/js/skip-link-focus-fix.js?ver=20151215	685 B	2023-03-07	2024-04-26
Pretty URL bulqiza.info/wp-content/themes/darknews/js/skip-link-focus-fix.js?ver=20151215 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2024-04-26 10:54:36 Times Seen3289 Hash 93d421fd7576b0ca9c359ffe2fa16113 eacce35258f14fcd79bea2bc23f4140d25874322 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2 Loading...

	bulqiza.info/wp-includes/js/masonry.min.js?ver=4.2.2	24 kB	2023-03-07	2024-04-27
Pretty URL bulqiza.info/wp-includes/js/masonry.min.js?ver=4.2.2 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-04-27 01:51:30 Times Seen15295 Hash 3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb Loading...

	embed.windy.com/v/19.10.8.emb.7c49/plugins/particles.js	4.7 kB	2023-03-08	2024-01-07
Pretty URL embed.windy.com/v/19.10.8.emb.7c49/plugins/particles.js IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:57 Last Seen2024-01-07 00:52:55 Times Seen28 Hash 50a8c307a49ee85d0428c6bee9bd8c08 1f4be3d0803c2603bf5eb9110d561e402beecadd 2c3efef2fdb40f7d28c3dc5095115d9f116e65caf80e9b5ac44770dcd964d6b2 Loading...

	bulqiza.info/wp-content/themes/darknews/assets/slick/js/slick.min.js?ver=6.1.1	42 kB	2023-03-07	2024-04-26
Pretty URL bulqiza.info/wp-content/themes/darknews/assets/slick/js/slick.min.js?ver=6.1.1 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-26 13:53:03 Times Seen5166 Hash b53bdfc29e18f4d493d775a8023fbdc8 e9fcbcc4fa70cba093b81d982a1b78509414cef7 e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752 Loading...

	bulqiza.info/wp-content/themes/darknews/assets/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1	20 kB	2023-03-07	2024-04-26
Pretty URL bulqiza.info/wp-content/themes/darknews/assets/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:53 Last Seen2024-04-26 10:54:40 Times Seen361 Hash 351dd32e5a1ab0145e943424e9f626af efd4a128abe72995f0683659b5d31a1b8452620f 76fa60ed57bfa134bdc5ebf61c8fc8f34c478abf3ddb5523fe14fed62e2ff8b9 Loading...

	bulqiza.info/wp-content/themes/darknews/assets/jquery-match-height/jquery.matchHeight.min.js?ver=6.1.1	3.4 kB	2023-03-07	2024-04-26
Pretty URL bulqiza.info/wp-content/themes/darknews/assets/jquery-match-height/jquery.matchHeight.min.js?ver=6.1.1 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:05 Last Seen2024-04-26 10:54:37 Times Seen2762 Hash 3182b2beddb1f798f66d27425b9f99d9 ebfe39b9b22623bf3b289d7d8548f04215b7a820 fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7 Loading...

	www.monitor.al/kursi/js/jquery-1.9.1.min.js	93 kB	2023-03-07	2024-04-27
Pretty URL www.monitor.al/kursi/js/jquery-1.9.1.min.js IP 64.225.109.146 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-27 06:00:54 Times Seen23410 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	www.monitor.al/kursi/js/bootstrap.min.js	28 kB	2023-03-07	2024-04-08
Pretty URL www.monitor.al/kursi/js/bootstrap.min.js IP 64.225.109.146 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:31 Last Seen2024-04-08 13:08:47 Times Seen354 Hash 2916bdd0ab40bc45f6cb6d5b99e34368 6ab5d9b8349fc98fa656de69c8900ef968a96e75 7470f9d78491838f5cc3ee51d4ed4d8a232f6c80ae80706dff96c062d3d663b6 Loading...

	bulqiza.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-27
Pretty URL bulqiza.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 63.250.43.14 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 02:39:29 Times Seen68686 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

HTTP Transactions (126)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3538
Expires: Mon, 05 Dec 2022 05:06:10 GMT
Date: Mon, 05 Dec 2022 04:07:12 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2156
Cache-Control: max-age=111601
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:07:12 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:07:13 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 03:18:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2926
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4636
Expires: Mon, 05 Dec 2022 05:24:28 GMT
Date: Mon, 05 Dec 2022 04:07:12 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: lW8E7hsOHMDX7uiywQVsN6ziezopFYKHTQelQGXlCUnTC8JYH4Ne0R/flTjP4Bskz9co5xB/Ups=
x-amz-request-id: 0XTC63CHPJQVTYY0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 03:47:14 GMT
age: 1198
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

bulqiza.info/

63.250.43.13

301 Moved Permanently

0 B

URL HTTP/1.1
bulqiza.info/
IP
63.250.43.13:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://bulqiza.info/

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 03:11:19 GMT
cache-control: public,max-age=3600
age: 3354
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
4c641d07b5a1ea9cff7e2f71fae80ef0
9aaf6dd54773a457bbfdb7fa36561b61b4bee2d6
f13eaf5d2080457c0279a1d298633607a00c771741a9d9b671aaefb531a2c4cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:07:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 22:36:11 GMT
Expires: Sat, 10 Dec 2022 22:36:10 GMT
Etag: "9aaf6dd54773a457bbfdb7fa36561b61b4bee2d6"
Cache-Control: max-age=497936,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7749e9e4588ffab4-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2093
Cache-Control: max-age=106471
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:07:13 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:41:44 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

bulqiza.info/

63.250.43.14

200 OK

16 kB

URL HTTP/2
bulqiza.info/
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Size
16 kB (16051 bytes)
Hash
c595bd7520f90c7d5880ead3fe0a4996
83aeec9af3542991bc027f40331686c106748d31
21b69f255c1bbc8024850c2a95a8db7c3728c37eb90698404447a0dd137270ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:25:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://bulqiza.info/wp-json/>; rel="https://api.w.org/"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 42078
x-cache: HIT
accept-ranges: bytes
content-length: 16051
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.163.62.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.62.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FJqmQAEhGVj26g6tCizkug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: geTqSOhG+08yFbsT2DR8/lbkIuk=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bulqiza.info/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

63.250.43.14

200 OK

12 kB

URL HTTP/2
bulqiza.info/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (47826)
Size
12 kB (12518 bytes)
Hash
981383d43a7adb38d6c2bf5286dcd065
e41871905868763178f7d8127e3dfb87909f108f
fceb208fc5a1581abc1926596d5f59fa41e7a7d72027b563303b445cdf7ed126

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:17:46 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 10:36:03 GMT
vary: Accept-Encoding
etag: W/"638c7813-172a9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42567
x-cache: HIT
accept-ranges: bytes
content-length: 12518
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/assets/font-awesome/css/all.min.css?ver=6.1.1

63.250.43.14

200 OK

13 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/font-awesome/css/all.min.css?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (59122)
Size
13 kB (12861 bytes)
Hash
7fb204f454b8a9e751e8e9d7a6141ab1
7d1b87a2a89aa1af9710c7e5b13fb2212cacd804
8de782c7f7317a96de29451af7f0ddb3f9c093ceed157c9b6dea8815bc24f0c1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/darknews/assets/font-awesome/css/all.min.css?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:17:46 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 13:14:25 GMT
vary: Accept-Encoding
etag: W/"638c9d31-e7ac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42567
x-cache: HIT
accept-ranges: bytes
content-length: 12861
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-includes/css/classic-themes.min.css?ver=1

63.250.43.14

200 OK

217 B

URL HTTP/2
bulqiza.info/wp-includes/css/classic-themes.min.css?ver=1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:17:46 GMT
content-type: text/css
content-length: 217
last-modified: Sun, 04 Dec 2022 10:36:03 GMT
etag: "638c7813-d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42567
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/assets/bootstrap/css/bootstrap.min.css?ver=6.1.1

63.250.43.14

200 OK

20 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/bootstrap/css/bootstrap.min.css?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65371)
Size
20 kB (19695 bytes)
Hash
81ccda08457e45fa70756c232a86532e
48f7c8382717f85c26a7f0a6f5d108592289b1f4
f9129427daca31973be9e0cdd6ff38ef6140e1424a412e2c66dac2c9361cb70f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/darknews/assets/bootstrap/css/bootstrap.min.css?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:17:46 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
vary: Accept-Encoding
etag: W/"638c9d32-1d988"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42567
x-cache: HIT
accept-ranges: bytes
content-length: 19695
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/assets/slick/css/slick.min.css?ver=6.1.1

63.250.43.14

200 OK

479 B

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/slick/css/slick.min.css?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1297), with no line terminators
Size
479 B (479 bytes)
Hash
dccd4582f989e4502f589bbee430768b
74a54c10b7d3de27d692bf8cbbe93199c91c75f6
5548bf564e1afd4c6600b1fbdca874aee07e965a24dcaf6ce673624114e5bb3f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/darknews/assets/slick/css/slick.min.css?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:17:46 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
vary: Accept-Encoding
etag: W/"638c9d32-511"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42567
x-cache: HIT
accept-ranges: bytes
content-length: 479
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/assets/sidr/css/jquery.sidr.dark.css?ver=6.1.1

63.250.43.14

200 OK

424 B

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/sidr/css/jquery.sidr.dark.css?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
424 B (424 bytes)
Hash
47d8d4fbb591cb0114c4a8bdbe2b6fe5
33aa571cb52739d91f2bb3240d0e51acd98ef4a3
ca4f5172f1cbbdcf9ec9a3fa6e9767f3336081631f8811d3f2c2de25f8c40c83

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/darknews/assets/sidr/css/jquery.sidr.dark.css?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:17:46 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
vary: Accept-Encoding
etag: W/"638c9d32-3e6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42567
x-cache: HIT
accept-ranges: bytes
content-length: 424
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/assets/magnific-popup/magnific-popup.css?ver=6.1.1

63.250.43.14

200 OK

1.8 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/magnific-popup/magnific-popup.css?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.8 kB (1816 bytes)
Hash
24d43b806e85342a40e2da6970fdfaa0
b365e6daf45244233ffac6681aa3dad08a26f2c5
dcf879e6dd283fcbef1dc4a0392fbd2ec5ea512b31a97f64ea3076fc392d784e

HTTP Headers

GET /wp-content/themes/darknews/assets/magnific-popup/magnific-popup.css?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:17:46 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 13:14:25 GMT
vary: Accept-Encoding
etag: W/"638c9d31-1b27"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42567
x-cache: HIT
accept-ranges: bytes
content-length: 1816
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/style.css?ver=6.1.1

63.250.43.14

200 OK

38 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/style.css?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1084)
Size
38 kB (37638 bytes)
Hash
84eeeaee58501c608d8c32e45376d371
ed532a8c2b0510dee80bc1d8463cd9ad5a28f18a
664dae4693b0c239a2fc97b64cf113c40b190af102da8407b77746834c294481

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/darknews/style.css?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:17:00 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
vary: Accept-Encoding
etag: W/"638c9d32-4497f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42613
x-cache: HIT
accept-ranges: bytes
content-length: 37638
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

63.250.43.14

200 OK

4.2 kB

URL HTTP/2
bulqiza.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4169 bytes)
Hash
5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:17:46 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 10:36:04 GMT
vary: Accept-Encoding
etag: W/"638c7814-2bd8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42567
x-cache: HIT
accept-ranges: bytes
content-length: 4169
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

63.250.43.14

200 OK

31 kB

URL HTTP/2
bulqiza.info/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
31 kB (31038 bytes)
Hash
2eccf707201b564e5e0cc3637fe4fd79
13b3ab2c399a84808e8fd6a2c795a6a49f5090a4
fb2e62f5864ef969b2d586b0e589fc81d7689038cd54a90fbca4b463e0ca6261

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:17:46 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 10:36:04 GMT
vary: Accept-Encoding
etag: W/"638c7814-15e54"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42567
x-cache: HIT
accept-ranges: bytes
content-length: 31038
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/sha-150x150.jpg

63.250.43.14

200 OK

6.2 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/sha-150x150.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 50", baseline, precision 8, 150x150, components 3\012- data
Size
6.2 kB (6181 bytes)
Hash
d0a6178ff5ede0aea28cfb1ffb2c5a1a
7c3e139be2e2326102a824b90e4b32eae67ed8a2
2ac7d92ca9a161dbce98bc7f8512d37b6080851d7486a3fddd92db7ae32a1e08

HTTP Headers

GET /wp-content/uploads/2022/12/sha-150x150.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/jpeg
content-length: 6181
last-modified: Sun, 04 Dec 2022 14:13:21 GMT
etag: "638cab01-1825"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/fit-150x150.jpg

63.250.43.14

200 OK

7.7 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/fit-150x150.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
7.7 kB (7742 bytes)
Hash
a20a4a53473737a47961ecc04d16154f
b6cb087bca52317de76781422e3710f3a39c1e81
8a17e41345a47bb3474951de003bb1509fbfe67055ecef19ec662f5555fe3afd

HTTP Headers

GET /wp-content/uploads/2022/12/fit-150x150.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:25:55 GMT
content-type: image/jpeg
content-length: 7742
last-modified: Sun, 04 Dec 2022 15:11:14 GMT
etag: "638cb892-1e3e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42078
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/ikmy-150x150.jpg

63.250.43.14

200 OK

5.0 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/ikmy-150x150.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size
5.0 kB (4962 bytes)
Hash
adcdf2abcc5c28ccd446ed0bc363879f
740a72e674504c22bf03bb41aa4827f801bea237
1f66268389ca3b62b026bf0d30a20dc6bc42f74b37299f19d1ed1229e605d73c

HTTP Headers

GET /wp-content/uploads/2022/12/ikmy-150x150.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/jpeg
content-length: 4962
last-modified: Sun, 04 Dec 2022 14:34:24 GMT
etag: "638caff0-1362"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/06/cropped-6db610a0-26d4-4c6e-b706-bb2c0c50e639.png

63.250.43.14

404 Not Found

146 B

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/06/cropped-6db610a0-26d4-4c6e-b706-bb2c0c50e639.png
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /wp-content/uploads/2022/06/cropped-6db610a0-26d4-4c6e-b706-bb2c0c50e639.png HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 04:07:14 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/assets/script.js?ver=6.1.1

63.250.43.14

200 OK

3.3 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/script.js?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
3.3 kB (3337 bytes)
Hash
ef971b7086a152b80ff53e32ed5e2cf2
ebb529d6516e21abbfa939062091c8c4debeaf42
c0233bb452311b5a15d21b538a7b44e9f266e03daea7a2198f55c9a7253d4f93

HTTP Headers

GET /wp-content/themes/darknews/assets/script.js?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
vary: Accept-Encoding
etag: W/"638c9d32-56ad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
content-length: 3337
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:07:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bulqiza.info/wp-content/themes/darknews/assets/marquee/jquery.marquee.js?ver=6.1.1

63.250.43.14

200 OK

4.6 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/marquee/jquery.marquee.js?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
4.6 kB (4569 bytes)
Hash
07af940acc15897ad24dc2b2fe736284
950539f6bd9b156749ff8a974afa4d9f22177c65
4c5ffc82b8b920fe2081d670da1b3296d7eba9f8baa2644f63c308d0966eedb2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/darknews/assets/marquee/jquery.marquee.js?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 13:14:25 GMT
vary: Accept-Encoding
etag: W/"638c9d31-5947"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
content-length: 4569
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/assets/jquery-match-height/jquery.matchHeight.min.js?ver=6.1.1

63.250.43.14

200 OK

1.4 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/jquery-match-height/jquery.matchHeight.min.js?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (521)
Size
1.4 kB (1383 bytes)
Hash
6854ce63cc086200aa71576b39853b9e
730966815d508402656927acbe9cec04ade5653d
aa723b8c98664c269cce42764cb97dc72e0c76b21565532a68767f6f11c4c5ce

HTTP Headers

GET /wp-content/themes/darknews/assets/jquery-match-height/jquery.matchHeight.min.js?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
vary: Accept-Encoding
etag: W/"638c9d32-d34"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
content-length: 1383
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/assets/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1

63.250.43.14

200 OK

7.3 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (20089)
Size
7.3 kB (7349 bytes)
Hash
ca3216a12e89a478953f9c77b4fc4d0e
4bf4f7f3be4d5d58c40749c05f72ba1e58e470f6
62dde86e38e270dbb8a28e6b60a45fa72ca90b7e5f8a6ff7e9c3b1bb75369cd2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/darknews/assets/magnific-popup/jquery.magnific-popup.min.js?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 13:14:25 GMT
vary: Accept-Encoding
etag: W/"638c9d31-4efa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
content-length: 7349
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/ram-150x150.jpg

63.250.43.14

200 OK

5.0 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/ram-150x150.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 150x150, components 3\012- data
Size
5.0 kB (4954 bytes)
Hash
4a951097858bb03f0a44a84b38d89677
86bcc0fdc29c789f58998af2a9b1a249066465be
70fe8f0a18ca86c4cef411a83ba13be88a67bef5dce4aa2b355cc3f4aed4d024

HTTP Headers

GET /wp-content/uploads/2022/12/ram-150x150.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/jpeg
content-length: 4954
last-modified: Sun, 04 Dec 2022 13:36:43 GMT
etag: "638ca26b-135a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/assets/sidr/js/jquery.sidr.min.js?ver=6.1.1

63.250.43.14

200 OK

2.6 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/sidr/js/jquery.sidr.min.js?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6911)
Size
2.6 kB (2624 bytes)
Hash
607e2ec47e0820ea409fb9bcd26412f0
cce67536de15e4e1659749c9f8614e4308254d9d
319c3d7255565c5846e8bad209d3662be6051750029b7f9f1ce566ea92fdcf30

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/darknews/assets/sidr/js/jquery.sidr.min.js?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
vary: Accept-Encoding
etag: W/"638c9d32-1b7a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
content-length: 2624
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/assets/bootstrap/js/bootstrap.min.js?ver=6.1.1

63.250.43.14

200 OK

15 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/bootstrap/js/bootstrap.min.js?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (57791)
Size
15 kB (15404 bytes)
Hash
3d8dae0e65991ab5f0e4f962908bebdf
0fdb16ad43193e6262b022340a00400847c9ad3a
fbc36d2597dd818df75cd67f817c5f4ac016b3b7b4a9012785445fdbe356b6f1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/darknews/assets/bootstrap/js/bootstrap.min.js?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
vary: Accept-Encoding
etag: W/"638c9d32-e2af"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
content-length: 15404
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/fit-720x530.jpg

63.250.43.14

200 OK

64 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/fit-720x530.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x530, components 3\012- data
Size
64 kB (63648 bytes)
Hash
73d9f8e81bbf3ef0d4fea2264d399a0f
4deb83c98cdaf553aee8e7412d2bcaf20daf069c
65a2cf013cfe256bd5e738bc57a03ec80a1b6a810029efb941c33798e629ffba

HTTP Headers

GET /wp-content/uploads/2022/12/fit-720x530.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/jpeg
content-length: 63648
last-modified: Sun, 04 Dec 2022 15:11:15 GMT
etag: "638cb893-f8a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/js/navigation.js?ver=20151215

63.250.43.14

200 OK

1.1 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/js/navigation.js?ver=20151215
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.1 kB (1094 bytes)
Hash
7eec6995203e3994a2714c41a388df66
99c08555971c9962b5ade2806e05ed29d0f00258
040c47ba29f4c8eefa8d359cd715eadc0888aa080ce6187a23b8eb8852bc54b9

HTTP Headers

GET /wp-content/themes/darknews/js/navigation.js?ver=20151215 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:18 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
vary: Accept-Encoding
etag: W/"638c9d32-b97"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42715
x-cache: HIT
accept-ranges: bytes
content-length: 1094
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/js/skip-link-focus-fix.js?ver=20151215

63.250.43.14

200 OK

417 B

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/js/skip-link-focus-fix.js?ver=20151215
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
417 B (417 bytes)
Hash
73f7704398d8f6be9748d30791950984
3231f3786c364c7665cd7123d8fae0f42bbfd836
c1d9b23aff05fb52e5d6e68aff86d808097185c6dbaac6c3fc3ec6e5bea31ef4

HTTP Headers

GET /wp-content/themes/darknews/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:19 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
vary: Accept-Encoding
etag: W/"638c9d32-2ad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42714
x-cache: HIT
accept-ranges: bytes
content-length: 417
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/assets/slick/js/slick.min.js?ver=6.1.1

63.250.43.14

200 OK

10 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/slick/js/slick.min.js?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32076)
Size
10 kB (10164 bytes)
Hash
d019f5e61191b41132afc989394eb529
089e3c4bfa1c7bc9ba1dd5f8c36b11b07a144a15
de6b23ff8f03092ee9f954fdd40e0bdf392ffda5716f98279320dcab0f5196be

HTTP Headers

GET /wp-content/themes/darknews/assets/slick/js/slick.min.js?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
vary: Accept-Encoding
etag: W/"638c9d32-a3e1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
content-length: 10164
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-includes/js/imagesloaded.min.js?ver=4.1.4

63.250.43.14

200 OK

1.8 kB

URL HTTP/2
bulqiza.info/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5477)
Size
1.8 kB (1834 bytes)
Hash
951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 10:36:03 GMT
vary: Accept-Encoding
etag: W/"638c7813-15fd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
content-length: 1834
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-includes/js/masonry.min.js?ver=4.2.2

63.250.43.14

200 OK

7.4 kB

URL HTTP/2
bulqiza.info/wp-includes/js/masonry.min.js?ver=4.2.2
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (23966)
Size
7.4 kB (7382 bytes)
Hash
255f155e7f7b356c34f574aa88ff9c0f
daf648b825731a003ec9e8156d20810d1c7b4789
421c941d260fe9f5eebfc5ea02eeede267d44b053f77169f995bff89ef2fa84c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 10:36:04 GMT
vary: Accept-Encoding
etag: W/"638c7814-5e4a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
content-length: 7382
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

63.250.43.14

200 OK

5.0 kB

URL HTTP/2
bulqiza.info/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5004 bytes)
Hash
1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 10:36:04 GMT
vary: Accept-Encoding
etag: W/"638c7814-48b9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
content-length: 5004
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:07:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:07:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bulqiza.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 551673
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/06/cropped-6db610a0-26d4-4c6e-b706-bb2c0c50e639.png

63.250.43.14

404 Not Found

146 B

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/06/cropped-6db610a0-26d4-4c6e-b706-bb2c0c50e639.png
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /wp-content/uploads/2022/06/cropped-6db610a0-26d4-4c6e-b706-bb2c0c50e639.png HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 04:07:14 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bulqiza.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 376379
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:07:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bulqiza.info/wp-content/themes/darknews/assets/font-awesome/webfonts/fa-solid-900.woff2

63.250.43.14

200 OK

78 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/font-awesome/webfonts/fa-solid-900.woff2
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/darknews/assets/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bulqiza.info/wp-content/themes/darknews/assets/font-awesome/css/all.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:29 GMT
content-type: font/woff2
content-length: 78196
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
etag: "638c9d32-13174"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://bulqiza.info
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42704
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/themes/darknews/assets/font-awesome/webfonts/fa-regular-400.woff2

63.250.43.14

200 OK

13 kB

URL HTTP/2
bulqiza.info/wp-content/themes/darknews/assets/font-awesome/webfonts/fa-regular-400.woff2
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Size
13 kB (13276 bytes)
Hash
f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/darknews/assets/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bulqiza.info/wp-content/themes/darknews/assets/font-awesome/css/all.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:29 GMT
content-type: font/woff2
content-length: 13276
last-modified: Sun, 04 Dec 2022 13:14:26 GMT
etag: "638c9d32-33dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://bulqiza.info
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42704
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/alo-150x150.png

63.250.43.14

200 OK

51 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/alo-150x150.png
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
51 kB (50772 bytes)
Hash
d35dd91356bee4f7ea097db6e3e42a60
3eb112615477c065e2c50166a1b344c91e346db3
56395b3ce373947c5cb0fba29b2b8243f59e839cbe50f5a70322855cd1deca14

HTTP Headers

GET /wp-content/uploads/2022/12/alo-150x150.png HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/png
content-length: 50772
last-modified: Sun, 04 Dec 2022 12:39:56 GMT
etag: "638c951c-c654"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/fit.jpg

63.250.43.14

200 OK

66 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/fit.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 960x639, components 3\012- data
Size
66 kB (66314 bytes)
Hash
f136da0ba6c09f63db454244bcb042b7
ac9e1eb567b7ac2d31d0b2f0e3c32db65a2ecbe3
be2683000554bc0f7cc232f92f1e9103176cb2dc3c37b186ec1021fe8bdab6de

HTTP Headers

GET /wp-content/uploads/2022/12/fit.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/jpeg
content-length: 66314
last-modified: Sun, 04 Dec 2022 15:11:14 GMT
etag: "638cb892-1030a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/ikmy.jpg

63.250.43.14

200 OK

35 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/ikmy.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 658x450, components 3\012- data
Size
35 kB (35273 bytes)
Hash
c6612f091cfdd337b1a06c772c28692e
fb7c9af1b3edb4a9943e89c0c6c4e072292f80eb
1828a66f935e2f4c89b7d2320208bdc38e536b5cea1547074a7148ed3fe15e81

HTTP Headers

GET /wp-content/uploads/2022/12/ikmy.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/jpeg
content-length: 35273
last-modified: Sun, 04 Dec 2022 14:34:24 GMT
etag: "638caff0-89c9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/f.png

63.250.43.14

200 OK

437 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/f.png
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 770 x 433, 8-bit/color RGBA, non-interlaced\012- data
Size
437 kB (437093 bytes)
Hash
56e103c8459e1b7b3454a278355dfc44
d8c442ace28f7d29320c844e6bc06744047af55f
71609feaf31c0ee92beaf32c4b1b0b0f9e4c8d17278006a01af2a531dc550844

HTTP Headers

GET /wp-content/uploads/2022/12/f.png HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/png
content-length: 437093
last-modified: Sun, 04 Dec 2022 13:09:54 GMT
etag: "638c9c22-6ab65"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/318170937_510043681147654_5164907230885758389_n-150x150.jpg

63.250.43.14

404 Not Found

146 B

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/318170937_510043681147654_5164907230885758389_n-150x150.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /wp-content/uploads/2022/12/318170937_510043681147654_5164907230885758389_n-150x150.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 04:07:14 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/bulqiza-150x150.jpg

63.250.43.14

404 Not Found

146 B

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/bulqiza-150x150.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /wp-content/uploads/2022/12/bulqiza-150x150.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 04:07:14 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

embed.windy.com/img/sprite_32.png

143.204.55.37

200 OK

15 kB

URL HTTP/2
embed.windy.com/img/sprite_32.png
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1728 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14937 bytes)
Hash
83d3c520c3e9abf3d4303f0d937e240a
18a53e4d50c16b667cda5762213db0a5508715ed
65eb252847b8beb6170e96fe87706bff23860c9e2a441a297789d73543d7d698

HTTP Headers

GET /img/sprite_32.png HTTP/1.1
Host: embed.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://embed.windy.com/v/19.10.8.emb.7c49/embed2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 14937
server: nginx/1.18.0
date: Wed, 16 Nov 2022 04:30:29 GMT
last-modified: Tue, 15 May 2018 13:28:17 GMT
etag: "5afae071-3a59"
expires: Fri, 15 Nov 2024 04:30:29 GMT
cache-control: max-age=63072000
accept-ranges: bytes
via: 1.1 google, 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: r-KuQyVY-eDkLG1kLy87ziTNBdud6PFL6-_CEZAkhmOtUiEod4LWqA==
age: 1640205
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/Screenshot-2022-12-02-100057-150x150.png

63.250.43.14

404 Not Found

146 B

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/Screenshot-2022-12-02-100057-150x150.png
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /wp-content/uploads/2022/12/Screenshot-2022-12-02-100057-150x150.png HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 04:07:14 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/11/1669051140_rewrrew-300x169.jpg

63.250.43.14

404 Not Found

146 B

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/11/1669051140_rewrrew-300x169.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /wp-content/uploads/2022/11/1669051140_rewrrew-300x169.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 04:07:14 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

embed.windy.com/v/19.10.8.emb.7c49/iconfont.woff

143.204.55.37

200 OK

25 kB

URL HTTP/2
embed.windy.com/v/19.10.8.emb.7c49/iconfont.woff
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, CFF, length 24872, version 1.0\012- data
Size
25 kB (24872 bytes)
Hash
1809c088e56b571562f235c686608c18
141714029de8bb38e85ac28b0aae71324285c77b
c2323a41bdd0a668e426ab5fa365d8557c237e140caec51ed2a2aa8a6e2b670e

HTTP Headers

GET /v/19.10.8.emb.7c49/iconfont.woff HTTP/1.1
Host: embed.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://embed.windy.com/v/19.10.8.emb.7c49/embed2.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 24872
x-guploader-uploadid: ADPycdt9bwvic_NHYucRncGWxfwm-jJ7aJ3WGyiyihIIiEHUfJekicTJQFan1NbdNZtDLib_qPYhUvdaYikfVAZPfG0fU-Cx9x3l
x-goog-generation: 1666853570958787
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 24872
x-goog-hash: crc32c=IDWeDg==, md5=GAnAiOVrVxVi8jXGhmCMGA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Sat, 05 Nov 2022 05:34:00 GMT
expires: Sun, 05 Nov 2023 05:34:00 GMT
cache-control: max-age=63072000
last-modified: Thu, 27 Oct 2022 06:52:50 GMT
etag: "1809c088e56b571562f235c686608c18"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _DpXoAriAczD4IF0Nqsc7Da2c_LQDCkZN5rDac1JbSoVjN6RplzlBA==
age: 2586794
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/11/640-0-1668433172x1111png-391-300x171.png

63.250.43.14

404 Not Found

146 B

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/11/640-0-1668433172x1111png-391-300x171.png
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /wp-content/uploads/2022/11/640-0-1668433172x1111png-391-300x171.png HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 04:07:14 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

tiles-s.windy.com/tiles/v9.0/darkmap/9/284/190.png

35.241.53.134

200 OK

20 kB

URL HTTP/2
tiles-s.windy.com/tiles/v9.0/darkmap/9/284/190.png
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
PNG image data, 256 x 256, 4-bit colormap, non-interlaced\012- data
Size
20 kB (20433 bytes)
Hash
08da0a25ccd16a31d8621cff36eb569d
e855545322e5d27854d031db0addc896ada8752a
5944052b15bc0fcad53a1d887ebb610440c22bc62416e1ab08f81925fe2c7a6f

HTTP Headers

GET /tiles/v9.0/darkmap/9/284/190.png HTTP/1.1
Host: tiles-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/png
content-length: 20433
last-modified: Sat, 08 Aug 2020 20:29:25 GMT
etag: "5f2f0b25-4fd1"
expires: Tue, 03 Dec 2024 10:00:16 GMT
cache-control: max-age=63072000
access-control-allow-origin: *
x-proxy-cache-wcl: HIT
accept-ranges: bytes
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tiles-s.windy.com/tiles/v9.0/darkmap/9/283/190.png

35.241.53.134

200 OK

6.7 kB

URL HTTP/2
tiles-s.windy.com/tiles/v9.0/darkmap/9/283/190.png
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
PNG image data, 256 x 256, 4-bit colormap, non-interlaced\012- data
Size
6.7 kB (6727 bytes)
Hash
dc462df6a7f9da5fd6e89b677a2c8f9c
8b427ff2d75c59b89068690a1ca32838377fff2f
baa2901ec9280bc8618d60d0e7c7331c932490438be246f9acb663dbcf1fc022

HTTP Headers

GET /tiles/v9.0/darkmap/9/283/190.png HTTP/1.1
Host: tiles-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/png
content-length: 6727
last-modified: Sat, 08 Aug 2020 20:29:18 GMT
etag: "5f2f0b1e-1a47"
expires: Wed, 04 Dec 2024 03:58:13 GMT
cache-control: max-age=63072000
access-control-allow-origin: *
x-proxy-cache-wcl: HIT
accept-ranges: bytes
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tiles-s.windy.com/tiles/v9.0/darkmap/9/285/191.png

35.241.53.134

200 OK

18 kB

URL HTTP/2
tiles-s.windy.com/tiles/v9.0/darkmap/9/285/191.png
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
PNG image data, 256 x 256, 4-bit colormap, non-interlaced\012- data
Size
18 kB (17596 bytes)
Hash
95079d69d7b9102b2787792148f6bd60
441430ee90f463df97d097fdcaa44d198d3969fb
913b4eaa04962beecd4ef7944bd67167eaeb2cf4d70c1c4096dc027339431293

HTTP Headers

GET /tiles/v9.0/darkmap/9/285/191.png HTTP/1.1
Host: tiles-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/png
content-length: 17596
last-modified: Sat, 08 Aug 2020 20:29:33 GMT
etag: "5f2f0b2d-44bc"
expires: Tue, 03 Dec 2024 09:52:54 GMT
cache-control: max-age=63072000
access-control-allow-origin: *
x-proxy-cache-wcl: HIT
accept-ranges: bytes
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tiles-s.windy.com/tiles/v9.0/darkmap/9/284/191.png

35.241.53.134

200 OK

19 kB

URL HTTP/2
tiles-s.windy.com/tiles/v9.0/darkmap/9/284/191.png
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
PNG image data, 256 x 256, 4-bit colormap, non-interlaced\012- data
Size
19 kB (18997 bytes)
Hash
4e42b9bc7b606c12def95f77be122402
ec55187b00ff5295194d40fea53adc0a8d560100
f0a0ed6061d8e869ec186a2727d3c076e376184125cadb519867e256e81885fa

HTTP Headers

GET /tiles/v9.0/darkmap/9/284/191.png HTTP/1.1
Host: tiles-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/png
content-length: 18997
last-modified: Sat, 08 Aug 2020 20:29:25 GMT
etag: "5f2f0b25-4a35"
expires: Tue, 03 Dec 2024 12:43:54 GMT
cache-control: max-age=63072000
access-control-allow-origin: *
x-proxy-cache-wcl: HIT
accept-ranges: bytes
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tiles-s.windy.com/tiles/v9.0/darkmap/9/283/191.png

35.241.53.134

200 OK

5.3 kB

URL HTTP/2
tiles-s.windy.com/tiles/v9.0/darkmap/9/283/191.png
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
PNG image data, 256 x 256, 4-bit colormap, non-interlaced\012- data
Size
5.3 kB (5294 bytes)
Hash
7995c120f03edfb9e781c8ade212dab8
d78325a21d06317a1ffecfd562d8d33ef3b1e61c
770121961cce62779f25d1b916ca61fb3139d7db351884f7aac96208bf9e0edb

HTTP Headers

GET /tiles/v9.0/darkmap/9/283/191.png HTTP/1.1
Host: tiles-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/png
content-length: 5294
last-modified: Sat, 08 Aug 2020 20:29:18 GMT
etag: "5f2f0b1e-14ae"
expires: Tue, 03 Dec 2024 07:46:46 GMT
cache-control: max-age=63072000
access-control-allow-origin: *
x-proxy-cache-wcl: HIT
accept-ranges: bytes
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tiles-s.windy.com/tiles/v9.0/darkmap/9/285/190.png

35.241.53.134

200 OK

19 kB

URL HTTP/2
tiles-s.windy.com/tiles/v9.0/darkmap/9/285/190.png
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
PNG image data, 256 x 256, 4-bit colormap, non-interlaced\012- data
Size
19 kB (18607 bytes)
Hash
97bf3d4ca34d884ff4368d8218eb9352
181fb1f9423319da550e12a4780fa627a46094d3
09da68c3709a7992e6924f7aa9ac6200f140f0d9148723ee5579231a5aa39c60

HTTP Headers

GET /tiles/v9.0/darkmap/9/285/190.png HTTP/1.1
Host: tiles-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/png
content-length: 18607
last-modified: Sat, 08 Aug 2020 20:29:33 GMT
etag: "5f2f0b2d-48af"
expires: Tue, 03 Dec 2024 10:00:16 GMT
cache-control: max-age=63072000
access-control-allow-origin: *
x-proxy-cache-wcl: HIT
accept-ranges: bytes
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ims-s.windy.com/ecmwf-hres/2022/12/05/03/257w4/5/8/wind-surface.jpg?reftime=2022120412

35.241.53.134

200 OK

27 kB

URL HTTP/2
ims-s.windy.com/ecmwf-hres/2022/12/05/03/257w4/5/8/wind-surface.jpg?reftime=2022120412
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 257x265, components 3\012- data
Size
27 kB (27316 bytes)
Hash
c14a85c7d6e02955c562e6c6f681519f
eed412269c48dd5fc19543f27bc45c326d2cc21a
73944c88c506a9626ca3270537361e99a313c2ec0317f77f3432abd2c4a9529f

HTTP Headers

GET /ecmwf-hres/2022/12/05/03/257w4/5/8/wind-surface.jpg?reftime=2022120412 HTTP/1.1
Host: ims-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://embed.windy.com
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/jpeg
content-length: 27316
cache-control: max-age=18000
x-proxy-cache: HIT
access-control-allow-origin: *
x-proxy-cache-wcl: HIT
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4456532bd6219ae8c8ad147dc60e6804
9d7a73fb3a2de76167ec75875e9081b467a83ff6
26adc47ef7d06467977d743178122c95f1fe939f53efd7d0c5f67b9607807342

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26ADC47EF7D06467977D743178122C95F1FE939F53EFD7D0C5F67B9607807342"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15791
Expires: Mon, 05 Dec 2022 08:30:26 GMT
Date: Mon, 05 Dec 2022 04:07:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8811
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:07:15 GMT
Connection: keep-alive

tiles-s.windy.com/labels/v1.3/en/9/285/190.json

35.241.53.134

200 OK

714 B

URL HTTP/2
tiles-s.windy.com/labels/v1.3/en/9/285/190.json
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
data
Size
714 B (714 bytes)
Hash
89847aef1f47cc27eb298808cae744c3
fbc51f816ffecaf2c5a674b1e02e60769b364ed5
0d0212a84f96b7b2b1983020a33477bacff94784d351e5d6e6e73865fc09d0a2

HTTP Headers

GET /labels/v1.3/en/9/285/190.json HTTP/1.1
Host: tiles-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json binary/19108emb7c49
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://embed.windy.com
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: application/json
last-modified: Tue, 27 Nov 2018 11:10:50 GMT
etag: W/"5bfd263a-146"
expires: Tue, 03 Dec 2024 06:45:13 GMT
cache-control: max-age=63072000
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache-wcl: HIT
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8813
Expires: Mon, 05 Dec 2022 06:34:08 GMT
Date: Mon, 05 Dec 2022 04:07:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8811
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:07:15 GMT
Connection: keep-alive

bulqiza.info/wp-content/uploads/2022/12/alo-1536x864.png

63.250.43.14

200 OK

1.6 MB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/alo-1536x864.png
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 1536 x 864, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 MB (1630041 bytes)
Hash
7ea5aac4e29e4d101fe7154cb289c35d
7b5d4eff3e95e87db0d43a0573be8f51e0e081f7
d63364f20e331f2fce2ca1d5281c2b5e330803952612fc2e9b922db1f3aac590

HTTP Headers

GET /wp-content/uploads/2022/12/alo-1536x864.png HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/png
content-length: 1630041
last-modified: Sun, 04 Dec 2022 12:40:01 GMT
etag: "638c9521-18df59"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12348 bytes)
Hash
b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ee7Rihwq-F-zcJWcnxZtfzfmhrn0w3mub_5F4j8u0r2Uc91oXrKPzA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 04:17:01 GMT
age: 85814
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8813
Expires: Mon, 05 Dec 2022 06:34:08 GMT
Date: Mon, 05 Dec 2022 04:07:15 GMT
Connection: keep-alive

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5209 bytes)
Hash
8d76ec668361348eb17d54001fd2e6c6
534299a20a76ea6e3250f0fb35fe772cac04ef51
22676fae3909acf18e6cd4f505ec718fdac156990edb20926afdae2a359a2859

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 682056d5-7815-4fd1-b05b-723619128d8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXF5eoAMFRvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-6df5d866267739212832ee66;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TUn27-HAzSq5FHhr2K7W377QRIQqOh9owE1xVL6BQetiK9U-jtwbsg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:45:47 GMT
age: 1288
etag: "534299a20a76ea6e3250f0fb35fe772cac04ef51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6886 bytes)
Hash
f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
age: 4922
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13647 bytes)
Hash
6079166a1ed5bac7373183f03f33b84e
b0c9391b87a4560598e43d5084dda41e267974a9
3e2faccbc3e14a10da4a433d789068cdc3fb2d3e2a04a7e2b7ea5f6f6313dcd4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13647
x-amzn-requestid: 36276b12-9e02-4d00-a100-9aa5c794fc79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ueEWUoAMFj7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1329-7abb45a85c6bc2235c25d61e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oXeR8DTpEoK8E-BiI7gT4JEIdVBfiimfydNYIC62_rNLlTdem9Buig==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 22889
etag: "b0c9391b87a4560598e43d5084dda41e267974a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10396 bytes)
Hash
24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 21854
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6826 bytes)
Hash
a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GS4yLzXiIZt-eL9T7gjbf2-vMu8i30WKPDmc2EQDxv0CELjdW1gMVA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:46:51 GMT
age: 22824
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/fit-300x200.jpg

63.250.43.14

200 OK

17 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/fit-300x200.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x200, components 3\012- data
Size
17 kB (17399 bytes)
Hash
dd8d0267591c4af12a3a9ea84f1e6154
c2b8691e74d7ea3ab5787dc7c4256fe94444e609
97ca553f0c9eb3ef5a9f36827e5a7dea8bb1b6266e3aea0a503178cf3d83f0cf

HTTP Headers

GET /wp-content/uploads/2022/12/fit-300x200.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/jpeg
content-length: 17399
last-modified: Sun, 04 Dec 2022 15:11:14 GMT
etag: "638cb892-43f7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42714
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/ikmy-300x205.jpg

63.250.43.14

200 OK

11 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/ikmy-300x205.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 300x205, components 3\012- data
Size
11 kB (10849 bytes)
Hash
4363c460f1db72bd0084c44346286765
aeaf109ab3766ef26b07112b697ed6f44ea59bab
2f6d1ce9871e24a2c71475e2ef8fcd84777369bb571d05a982049174a822c95f

HTTP Headers

GET /wp-content/uploads/2022/12/ikmy-300x205.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/jpeg
content-length: 10849
last-modified: Sun, 04 Dec 2022 14:34:24 GMT
etag: "638caff0-2a61"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42714
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/nsak-300x191.png

63.250.43.14

200 OK

84 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/nsak-300x191.png
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 300 x 191, 8-bit/color RGBA, non-interlaced\012- data
Size
84 kB (84494 bytes)
Hash
ab8e07058155fa4b323ce6538d0ce38d
b9e735551075fa4041173278377ddc7644b65daf
b03d4a174fd0f9ca1ee0f91fb80cb667ca4a96313a899c7973c746d9db1b6748

HTTP Headers

GET /wp-content/uploads/2022/12/nsak-300x191.png HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/png
content-length: 84494
last-modified: Sun, 04 Dec 2022 13:47:46 GMT
etag: "638ca502-14a0e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42714
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/ram-300x157.jpg

63.250.43.14

200 OK

8.6 kB

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/ram-300x157.jpg
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x157, components 3\012- data
Size
8.6 kB (8632 bytes)
Hash
741cfccfd654aedc95e80c0d988313ce
0d659bebd8542f13b01b757ce68745d771aef6b2
1f0170541f3ca39b2a3a901f56ef1e809b02324d82c2e3c65e2e78ff33ff1296

HTTP Headers

GET /wp-content/uploads/2022/12/ram-300x157.jpg HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/jpeg
content-length: 8632
last-modified: Sun, 04 Dec 2022 13:36:43 GMT
etag: "638ca26b-21b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42714
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

ims-s.windy.com/forecast/citytile/v1.3/ecmwf/9/283/190

35.241.53.134

200 OK

656 B

URL HTTP/2
ims-s.windy.com/forecast/citytile/v1.3/ecmwf/9/283/190
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (656), with no line terminators
Size
656 B (656 bytes)
Hash
f1f4e61800aac94b9c2b8e1521cf36a2
d5851bf08d2045a45ed652502f203025a71851a2
53a90be7d8d5f69365b92804250918b9e6e25535e34d60478f6909cd88bfb548

HTTP Headers

GET /forecast/citytile/v1.3/ecmwf/9/283/190 HTTP/1.1
Host: ims-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json binary/19108emb7c49
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://embed.windy.com
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
x-powered-by: node-citytile-8646bd5fd9-zwd88: v1.21.2 citytile
access-control-allow-origin: *
cache-control: public, max-age=4594
expires: Mon, 05 Dec 2022 05:23:49 GMT
content-type: application/json; charset=utf-8
content-length: 656
vary: Accept-Encoding
date: Mon, 05 Dec 2022 04:07:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ims-s.windy.com/forecast/citytile/v1.3/ecmwf/9/283/191

35.241.53.134

200 OK

656 B

URL HTTP/2
ims-s.windy.com/forecast/citytile/v1.3/ecmwf/9/283/191
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (656), with no line terminators
Size
656 B (656 bytes)
Hash
a076c03e67ea9b88e7cc7a30ee60754f
2dce759b7e3906255b4249c35c604a4d7a0fa360
947d9839a5ddf1c4809bb12d890b513e31477d8dadaa240216b9bd90bd8fac5a

HTTP Headers

GET /forecast/citytile/v1.3/ecmwf/9/283/191 HTTP/1.1
Host: ims-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json binary/19108emb7c49
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://embed.windy.com
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
x-powered-by: node-citytile-8646bd5fd9-7h8ln: v1.21.2 citytile
access-control-allow-origin: *
cache-control: public, max-age=4902
expires: Mon, 05 Dec 2022 05:28:57 GMT
content-type: application/json; charset=utf-8
content-length: 656
vary: Accept-Encoding
date: Mon, 05 Dec 2022 04:07:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ims-s.windy.com/forecast/citytile/v1.3/ecmwf/9/285/191

35.241.53.134

200 OK

433 B

URL HTTP/2
ims-s.windy.com/forecast/citytile/v1.3/ecmwf/9/285/191
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
data
Size
433 B (433 bytes)
Hash
6718a1ebc0750a5608d072c51a44b605
93c6d9580039c399da81ec06e7ce7a598f44cc9e
49b9fa219bc3deda0dea91cefe045ac4d774ce8911a42f7cbaf17827b1d37f25

HTTP Headers

GET /forecast/citytile/v1.3/ecmwf/9/285/191 HTTP/1.1
Host: ims-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json binary/19108emb7c49
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://embed.windy.com
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
x-powered-by: node-citytile-8646bd5fd9-r8jzq: v1.21.2 citytile
access-control-allow-origin: *
cache-control: public, max-age=3999
expires: Mon, 05 Dec 2022 05:13:54 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 05 Dec 2022 04:07:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/06/cropped-LOGO-b1-300x57-2-192x192.png

63.250.43.14

404 Not Found

146 B

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/06/cropped-LOGO-b1-300x57-2-192x192.png
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /wp-content/uploads/2022/06/cropped-LOGO-b1-300x57-2-192x192.png HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

www.monitor.al/kursi/avg_widget.php

64.225.109.146

200 OK

1.3 kB

URL HTTP/2
www.monitor.al/kursi/avg_widget.php
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (611), with CRLF line terminators
Size
1.3 kB (1314 bytes)
Hash
ed60f063687f45f54eb20eef8f79440f
4f077e852625d4d6d4151a90ccd42ce07725945c
c9e91ec0ef489ca9bf7d2ea35109a38b9ef1ccd870cade09e4123894d2122aaa

HTTP Headers

GET /kursi/avg_widget.php HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/html; charset=UTF-8
content-length: 1314
cache-control: max-age=0
expires: Mon, 05 Dec 2022 01:40:45 GMT
vary: Accept-Encoding
content-encoding: gzip
age: 8789
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.monitor.al/kursi/img/eur.png

64.225.109.146

200 OK

2.2 kB

URL HTTP/2
www.monitor.al/kursi/img/eur.png
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 50 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2169 bytes)
Hash
8b8f233524f0918f9c9e9865ff4cf1dd
7f16c737a2fa98f5476518d7bcdef2a851663410
a008c0e2870112a5c19657702aa2ea7a102c5b7a386ffb43a40fa4ebde3edcf8

HTTP Headers

GET /kursi/img/eur.png HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/avg_widget.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/png
content-length: 2169
last-modified: Wed, 23 Nov 2016 10:32:18 GMT
etag: "58357032-879"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.monitor.al/kursi/img/usd.png

64.225.109.146

200 OK

311 B

URL HTTP/2
www.monitor.al/kursi/img/usd.png
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 50 x 36, 8-bit colormap, non-interlaced\012- data
Size
311 B (311 bytes)
Hash
c0feeb0033e12ea7b6228cc64fc089e0
88e04aa3346c640ace66031ac20cd9e9f35570d5
448bf9d3c7b0d3dffd61cf28448d2208337ca84ad3fc78e1ddfcb6eeccfda3fd

HTTP Headers

GET /kursi/img/usd.png HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/avg_widget.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/png
content-length: 311
last-modified: Mon, 26 Nov 2018 16:18:08 GMT
etag: "5bfc1cc0-137"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.monitor.al/kursi/img/gbp.png

64.225.109.146

200 OK

1.5 kB

URL HTTP/2
www.monitor.al/kursi/img/gbp.png
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 50 x 36, 8-bit colormap, non-interlaced\012- data
Size
1.5 kB (1491 bytes)
Hash
303652184f7efb6dba16bc40ef30ab5e
77efdb6936c9fe85d2780ab36119bcc08d131995
10b0c5e7089705bdda272627291f197e661d8960010a48bdfe430e2976d11a92

HTTP Headers

GET /kursi/img/gbp.png HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/avg_widget.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/png
content-length: 1491
last-modified: Mon, 26 Nov 2018 16:18:16 GMT
etag: "5bfc1cc8-5d3"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

tiles-s.windy.com/labels/v1.3/en/9/283/191.json

35.241.53.134

200 OK

3.0 kB

URL HTTP/2
tiles-s.windy.com/labels/v1.3/en/9/283/191.json
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
data
Size
3.0 kB (2980 bytes)
Hash
36de50480011546fba29f6c1e1e45544
2d0c22c8ebcca7bcb34640c8e8703d93d73e880b
6b7280c2f3397d159b04701527933a1bc9e02a0e51924f5893e18316f8d5a356

HTTP Headers

GET /labels/v1.3/en/9/283/191.json HTTP/1.1
Host: tiles-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json binary/19108emb7c49
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://embed.windy.com
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: application/json
last-modified: Tue, 27 Nov 2018 11:10:50 GMT
etag: W/"5bfd263a-6e"
expires: Tue, 03 Dec 2024 04:28:00 GMT
cache-control: max-age=63072000
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache-wcl: HIT
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tiles-s.windy.com/labels/v1.3/en/9/285/191.json

35.241.53.134

200 OK

38 kB

URL HTTP/2
tiles-s.windy.com/labels/v1.3/en/9/285/191.json
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type
data
Size
38 kB (38011 bytes)
Hash
40a06e783e5502b84406fa90adef1d85
b351807c2c6640884c31c18a0644c8b70a2437da
f84830b660bf0e8babfc90b922e508a50c48a7503e9ce7d541c5c6e165cf75ed

HTTP Headers

GET /labels/v1.3/en/9/285/191.json HTTP/1.1
Host: tiles-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json binary/19108emb7c49
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://embed.windy.com
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: application/json
last-modified: Tue, 27 Nov 2018 11:10:50 GMT
etag: W/"5bfd263a-df"
expires: Tue, 03 Dec 2024 06:11:13 GMT
cache-control: max-age=63072000
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache-wcl: HIT
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.monitor.al/kursi/img/euro_gbp.png

64.225.109.146

200 OK

31 kB

URL HTTP/2
www.monitor.al/kursi/img/euro_gbp.png
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 485 x 320, 8-bit/color RGB, non-interlaced\012- data
Size
31 kB (30979 bytes)
Hash
4390f6f2beb2dd894d4d319066aa6be0
f6d487f14d2d5bfc4a22f391343fc301d4392795
15931bf2e21f892a24e6d2a8318fd2c8d51475d79e8a2c2beea6adadb7f78f38

HTTP Headers

GET /kursi/img/euro_gbp.png HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/avg_widget.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/png
content-length: 30979
last-modified: Mon, 26 Nov 2018 16:17:46 GMT
etag: "5bfc1caa-7903"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.monitor.al/kursi/img/gbp_usd.png

64.225.109.146

200 OK

25 kB

URL HTTP/2
www.monitor.al/kursi/img/gbp_usd.png
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 485 x 320, 8-bit/color RGB, non-interlaced\012- data
Size
25 kB (24777 bytes)
Hash
e82d674bad20a4f470c7c4b3b42aeb7c
8069c65bef7acb6eac835f0401f7e0476e9fa866
cb9b696dcbb6d20087dd3cb8c164337647ba1d83445a8c812623d43125c9388e

HTTP Headers

GET /kursi/img/gbp_usd.png HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/avg_widget.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/png
content-length: 24777
last-modified: Mon, 26 Nov 2018 16:17:58 GMT
etag: "5bfc1cb6-60c9"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.monitor.al/kursi/img/euro_chf.png

64.225.109.146

200 OK

79 kB

URL HTTP/2
www.monitor.al/kursi/img/euro_chf.png
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 485 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size
79 kB (79092 bytes)
Hash
0362690109d17beec3ccacdbb530bada
f1f84b46cdc378962913f3a7c7b6372b1893e9e3
73a314bb49e7469f3799be7a24c53412efebd9666cba26d8c9ef1ee470b9d951

HTTP Headers

GET /kursi/img/euro_chf.png HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/avg_widget.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: image/png
content-length: 79092
last-modified: Wed, 23 Nov 2016 10:37:10 GMT
etag: "58357156-134f4"
cache-control: public, max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/jquery.cleditor.css

64.225.109.146

200 OK

30 kB

URL HTTP/2
www.monitor.al/kursi/css/jquery.cleditor.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type
data
Size
30 kB (29940 bytes)
Hash
ac6dee9270c44a1b25b63eb769f23b1e
6dd5b420a903b2d5b597cb07d5c63185f7697d5a
c5a107f4064601da8e3538d7b698cd520bc32c865b524d1066742461cd57a2d8

HTTP Headers

GET /kursi/css/jquery.cleditor.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-572"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

bulqiza.info/wp-content/uploads/2022/12/nsak-150x150.png

63.250.43.14

200 OK

0 B

URL HTTP/2
bulqiza.info/wp-content/uploads/2022/12/nsak-150x150.png
IP
63.250.43.14:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2022/12/nsak-150x150.png HTTP/1.1
Host: bulqiza.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 16:15:20 GMT
content-type: image/png
content-length: 30729
last-modified: Sun, 04 Dec 2022 13:47:47 GMT
etag: "638ca503-7809"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 42713
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

embed.windy.com/js/leaflet140_patched_tileLayer.v14.js

143.204.55.37

200 OK

0 B

URL HTTP/2
embed.windy.com/js/leaflet140_patched_tileLayer.v14.js
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/leaflet140_patched_tileLayer.v14.js HTTP/1.1
Host: embed.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://embed.windy.com/embed2.html?lat=41.313&lon=20.042&detailLat=41.330&detailLon=19.820&width=850&height=450&zoom=9&level=surface&overlay=wind&product=ecmwf&menu=&message=&marker=&calendar=now&pressure=&type=map&location=coordinates&detail=&metricWind=km%2Fh&metricTemp=%C2%B0C&radarRange=-1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.18.0
date: Mon, 31 Oct 2022 06:17:36 GMT
last-modified: Wed, 03 Apr 2019 07:03:24 GMT
etag: W/"5ca45abc-22d86"
expires: Tue, 31 Oct 2023 06:17:36 GMT
cache-control: max-age=31536000
content-encoding: gzip
via: 1.1 google, 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X2yl6Tn71CwRq0BPxokVvNn-gtJxRIQCwiuUKCARTvClYBEi23tcVQ==
age: 3016178
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/uniform.default.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/uniform.default.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/uniform.default.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-2966"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/jquery.iphone.toggle.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/jquery.iphone.toggle.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/jquery.iphone.toggle.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-f1b"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

ims-s.windy.com/forecast/citytile/v1.3/ecmwf/9/284/191

35.241.53.134

200 OK

0 B

URL HTTP/2
ims-s.windy.com/forecast/citytile/v1.3/ecmwf/9/284/191
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /forecast/citytile/v1.3/ecmwf/9/284/191 HTTP/1.1
Host: ims-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json binary/19108emb7c49
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://embed.windy.com
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
x-powered-by: node-citytile-8646bd5fd9-jntrj: v1.21.2 citytile
access-control-allow-origin: *
cache-control: public, max-age=4737
expires: Mon, 05 Dec 2022 05:26:12 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 05 Dec 2022 04:07:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/chosen.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/chosen.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/chosen.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-3769"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/glyphicons.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/glyphicons.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/glyphicons.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-ceaf"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

embed.windy.com/v/19.10.8.emb.7c49/embed2.js

143.204.55.37

200 OK

0 B

URL HTTP/2
embed.windy.com/v/19.10.8.emb.7c49/embed2.js
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v/19.10.8.emb.7c49/embed2.js HTTP/1.1
Host: embed.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://embed.windy.com/embed2.html?lat=41.313&lon=20.042&detailLat=41.330&detailLon=19.820&width=850&height=450&zoom=9&level=surface&overlay=wind&product=ecmwf&menu=&message=&marker=&calendar=now&pressure=&type=map&location=coordinates&detail=&metricWind=km%2Fh&metricTemp=%C2%B0C&radarRange=-1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
x-guploader-uploadid: ADPycdu6-0rFgYHEJfF1m8o_H1XSpdDLgSCFyEziz9MSUcSck0OKMhmE8ShOOe0ABgizqozMofE6B2dHRkgbrp03MdTctA
x-goog-generation: 1666853570306350
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 179435
x-goog-hash: crc32c=UcrocA==, md5=jS287f1YhgTxkYOwVdIxMg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Wed, 02 Nov 2022 00:56:03 GMT
expires: Thu, 02 Nov 2023 00:56:03 GMT
cache-control: max-age=63072000
last-modified: Thu, 27 Oct 2022 06:52:50 GMT
etag: W/"8d2dbcedfd588604f19183b055d23132"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5rCQstvheGanUL-9Ydo8ZuJVNuo0o9N7kH2XacTvPDU6B5JEcVuScQ==
age: 2862671
X-Firefox-Spdy: h2

embed.windy.com/v/19.10.8.emb.7c49/plugins/particles.js

143.204.55.37

200 OK

0 B

URL HTTP/2
embed.windy.com/v/19.10.8.emb.7c49/plugins/particles.js
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v/19.10.8.emb.7c49/plugins/particles.js HTTP/1.1
Host: embed.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://embed.windy.com/embed2.html?lat=41.313&lon=20.042&detailLat=41.330&detailLon=19.820&width=850&height=450&zoom=9&level=surface&overlay=wind&product=ecmwf&menu=&message=&marker=&calendar=now&pressure=&type=map&location=coordinates&detail=&metricWind=km%2Fh&metricTemp=%C2%B0C&radarRange=-1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
x-guploader-uploadid: ADPycdtOLY71MClCiGBXW3LvAe9ZVUqEh-IJJYyXky8x9DJiJWlLNBNmnclcrt7c1cyDDJYWfXABsYmiGwR1dxYvL3oveA
date: Tue, 08 Nov 2022 02:13:16 GMT
cache-control: max-age=63072000
expires: Wed, 08 Nov 2023 02:13:16 GMT
last-modified: Thu, 27 Oct 2022 06:54:23 GMT
etag: W/"50a8c307a49ee85d0428c6bee9bd8c08"
x-goog-generation: 1666853663610753
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4726
x-goog-hash: crc32c=MRGuoQ==, md5=UKjDB6Se6F0EKMa+6b2MCA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rkkYGgWKnH9mcIsViI5Bin01DuaOOqTqwUjb8DikvzPB98QuRPAdIg==
age: 2339638
X-Firefox-Spdy: h2

www.monitor.al/kursi/js/jquery-1.9.1.min.js

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/js/jquery-1.9.1.min.js
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/js/jquery-1.9.1.min.js HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/avg_widget.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: application/javascript
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-169d5"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/elfinder.min.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/elfinder.min.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/elfinder.min.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-73cf"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/jquery.gritter.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/jquery.gritter.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/jquery.gritter.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-8c2"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

embed.windy.com/embed2.html?lat=41.313&lon=20.042&detailLat=41.330&detailLon=19.820&width=850&height=450&zoom=9&level=surface&overlay=wind&product=ecmwf&menu=&message=&marker=&calendar=now&pressure=&type=map&location=coordinates&detail=&metricWind=km%2Fh&metricTemp=%C2%B0C&radarRange=-1

143.204.55.37

200 OK

0 B

URL HTTP/2
embed.windy.com/embed2.html?lat=41.313&lon=20.042&detailLat=41.330&detailLon=19.820&width=850&height=450&zoom=9&level=surface&overlay=wind&product=ecmwf&menu=&message=&marker=&calendar=now&pressure=&type=map&location=coordinates&detail=&metricWind=km%2Fh&metricTemp=%C2%B0C&radarRange=-1
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embed2.html?lat=41.313&lon=20.042&detailLat=41.330&detailLon=19.820&width=850&height=450&zoom=9&level=surface&overlay=wind&product=ecmwf&menu=&message=&marker=&calendar=now&pressure=&type=map&location=coordinates&detail=&metricWind=km%2Fh&metricTemp=%C2%B0C&radarRange=-1 HTTP/1.1
Host: embed.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:14 GMT
cache-control: max-age=0
x-windy-backend: client-embed2
content-encoding: gzip
via: 1.1 google, 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: COPouOA-5O3PNR4WL6CFwGjNrQHfycIdaZbC9yKzjYcZnOIiI23CUg==
X-Firefox-Spdy: h2

tiles-s.windy.com/labels/v1.3/en/9/283/190.json

35.241.53.134

200 OK

0 B

URL HTTP/2
tiles-s.windy.com/labels/v1.3/en/9/283/190.json
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /labels/v1.3/en/9/283/190.json HTTP/1.1
Host: tiles-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json binary/19108emb7c49
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://embed.windy.com
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: application/json
last-modified: Tue, 27 Nov 2018 11:10:50 GMT
etag: W/"5bfd263a-a4"
expires: Sat, 30 Nov 2024 13:55:59 GMT
cache-control: max-age=63072000
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache-wcl: HIT
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/style.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/style.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/style.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/avg_widget.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Tue, 27 Nov 2018 15:11:30 GMT
vary: Accept-Encoding
etag: W/"5bfd5ea2-bbc0"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/jquery-ui-1.8.21.custom.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/jquery-ui-1.8.21.custom.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/jquery-ui-1.8.21.custom.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-81df"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/uploadify.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/uploadify.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/uploadify.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-994"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

tiles-s.windy.com/labels/v1.3/en/9/284/190.json

35.241.53.134

200 OK

0 B

URL HTTP/2
tiles-s.windy.com/labels/v1.3/en/9/284/190.json
IP
35.241.53.134:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /labels/v1.3/en/9/284/190.json HTTP/1.1
Host: tiles-s.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json binary/19108emb7c49
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://embed.windy.com
Connection: keep-alive
Referer: https://embed.windy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: application/json
last-modified: Tue, 27 Nov 2018 11:10:50 GMT
etag: W/"5bfd263a-110"
expires: Tue, 03 Dec 2024 06:01:18 GMT
cache-control: max-age=63072000
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache-wcl: HIT
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/fullcalendar.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/fullcalendar.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/fullcalendar.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-2b55"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/noty_theme_default.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/noty_theme_default.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/noty_theme_default.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-2230"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Open%20Sans:400,400italic,600,700|Roboto:100,300,400,500,700&subset=latin,latin-ext

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Open%20Sans:400,400italic,600,700|Roboto:100,300,400,500,700&subset=latin,latin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:100,300,400,500,700|Open%20Sans:400,400italic,600,700|Roboto:100,300,400,500,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bulqiza.info/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 04:07:13 GMT
date: Mon, 05 Dec 2022 04:07:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

embed.windy.com/img/logo201802/logo-text-windycom-white.svg

143.204.55.37

200 OK

0 B

URL HTTP/2
embed.windy.com/img/logo201802/logo-text-windycom-white.svg
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/logo201802/logo-text-windycom-white.svg HTTP/1.1
Host: embed.windy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://embed.windy.com/embed2.html?lat=41.313&lon=20.042&detailLat=41.330&detailLon=19.820&width=850&height=450&zoom=9&level=surface&overlay=wind&product=ecmwf&menu=&message=&marker=&calendar=now&pressure=&type=map&location=coordinates&detail=&metricWind=km%2Fh&metricTemp=%C2%B0C&radarRange=-1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx/1.18.0
date: Wed, 09 Nov 2022 01:21:33 GMT
last-modified: Tue, 15 May 2018 13:28:18 GMT
etag: W/"5afae072-1def"
expires: Fri, 08 Nov 2024 01:21:33 GMT
cache-control: max-age=63072000
via: 1.1 google, 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6W_4iVDfoJahpiKvfnt_fU56S77ZpGl0PafdXoeFZPFHonYDYR7K1g==
age: 2256341
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/bootstrap.min.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/bootstrap.min.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/bootstrap.min.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/avg_widget.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-19dd3"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/jquery.noty.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/jquery.noty.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/jquery.noty.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-844"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

www.monitor.al/kursi/js/bootstrap.min.js

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/js/bootstrap.min.js
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/js/bootstrap.min.js HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/avg_widget.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: application/javascript
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-6f7a"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

www.monitor.al/kursi/css/elfinder.theme.css

64.225.109.146

200 OK

0 B

URL HTTP/2
www.monitor.al/kursi/css/elfinder.theme.css
IP
64.225.109.146:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /kursi/css/elfinder.theme.css HTTP/1.1
Host: www.monitor.al
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.monitor.al/kursi/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:07:15 GMT
content-type: text/css
last-modified: Mon, 14 Sep 2015 05:06:40 GMT
vary: Accept-Encoding
etag: W/"55f655e0-721"
cache-control: public, max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations