Report - www.birdlifenepal.org/

Report Overview

Submitted URL
www.birdlifenepal.org/
IP
202.166.193.69
ASN
#17501 WorldLink Communications Pvt Ltd
Submitted
2022-12-23 10:52:05
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	59 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	433 B	746 B	142.250.74.106
getpocket.cdn.mozilla.net	1369	2018-08-28T15:15:36Z	2023-03-09T06:10:01Z	435 B	42 kB	34.120.5.221
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-09T06:49:10Z	454 B	25 kB	151.101.1.229
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-09T05:09:04Z	368 B	1.9 kB	104.18.21.226
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-09T12:10:42Z	436 B	947 B	104.18.10.207
www.birdlifenepal.org	unknown	2013-06-18T10:02:23Z	2022-12-15T13:36:59Z	7.0 kB	1.9 MB	202.166.193.69
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	2.7 kB	4.7 kB	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	35.155.171.116
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-09T05:09:51Z	1.3 kB	9.8 kB	104.17.24.14
api.mapbox.com	2164	2016-05-06T07:04:41Z	2023-03-09T13:48:25Z	791 B	231 kB	143.204.50.3
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	686 B	1.4 kB	142.250.74.131
html2canvas.hertzen.com	143980	2012-11-12T12:22:29Z	2023-03-03T01:02:15Z	384 B	1.1 kB	172.67.203.102
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.7 kB	7.1 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-23	medium	www.birdlifenepal.org/	Malware
2022-12-23	medium	www.birdlifenepal.org/	Malware
2022-12-23	medium	www.birdlifenepal.org/public/front/js/main.js	Malware
2022-12-23	medium	www.birdlifenepal.org/public/front/js/map.js	Malware
2022-12-23	medium	www.birdlifenepal.org/chhimekichara/get_district_by_province	Malware
2022-12-23	medium	www.birdlifenepal.org/chhimekichara/get_search_result	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 21:25:38 Times Seen37524636 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.0.0-beta.3/owl.carousel.min.js	41 kB	2023-03-07	2024-05-08
Pretty URL cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.0.0-beta.3/owl.carousel.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-05-08 12:22:38 Times Seen722 Hash d3da0099c1e1895799b0b2ce8fb0fe87 c35537510e7253ac1ceee5938b858b81630ee4f7 db6cf8e60315d8dff85519b88b6eca97e553fc0655f711db46b0ce79b82eed40 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/jquery.validate.min.js	23 kB	2023-03-07	2024-05-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/jquery.validate.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2024-05-09 07:58:56 Times Seen1000 Hash 93c1dd8416ac2af1850652d5b620a142 6a76e4c7db479053350580469aa010febfdcacd0 17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50 Loading...

	cdn.jsdelivr.net/jquery.validation/1.16.0/additional-methods.min.js	18 kB	2023-03-07	2024-05-06
Pretty URL cdn.jsdelivr.net/jquery.validation/1.16.0/additional-methods.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:43 Last Seen2024-05-06 18:28:17 Times Seen259 Hash 3a53c5eac97b98ed3833970d43bf7fc9 b8805460b5754be8b16a223df737d9577da4c182 8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-05-10
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-10 20:28:30 Times Seen139504 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	www.birdlifenepal.org/	2.4 kB	2023-03-10	2023-03-10
Pretty URL www.birdlifenepal.org/ IP 202.166.193.69 ASN #17501 WorldLink Communications Pvt Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:24:41 Last Seen2023-03-10 06:24:41 Times Seen1 Hash 4ac363c198ba8d2bc240dbec6e5a257a 230ee0aef2920455f5e527d7cb469e82ec60c89a 6ef485f7252b38886444a60ba54e6c0cfe0058c5fbaf172f3f1a18631511ff13 Loading...

	cdnjs.cloudflare.com/ajax/libs/jspdf/1.5.3/jspdf.min.js	308 kB	2023-03-07	2024-02-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jspdf/1.5.3/jspdf.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:49 Last Seen2024-02-19 20:59:25 Times Seen82 Hash cf869e54b0b882862e545346a3d82649 84fd65eaca477bfd09f09e3575aba2f6dc6f4b95 80959d9ae091068bc9303f43fd355da384c82bcbb94ad8b5d7beb8b194f50e12 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-10 20:28:30 Times Seen114321 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	html2canvas.hertzen.com/dist/html2canvas.js	442 kB	2023-03-10	2024-02-23
Pretty URL html2canvas.hertzen.com/dist/html2canvas.js IP 172.67.203.102 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:24:41 Last Seen2024-02-23 03:19:50 Times Seen24 Hash e1d3a8d7cdcad91a69923d1523b18d2f 245c8803dfcc57eaff0fabbbe0f2da2816a85e75 01c5b468ffa0427e535e3019165d2efd2489650ec9cf1379d6ab79fdbf75736b Loading...

	www.birdlifenepal.org/public/front/js/main.js	20 kB	2023-03-10	2023-03-10
Pretty URL www.birdlifenepal.org/public/front/js/main.js IP 202.166.193.69 ASN #17501 WorldLink Communications Pvt Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:24:41 Last Seen2023-03-10 06:24:41 Times Seen1 Hash 2aa379dc116178b9d7a922d1e906c1bc ceac9be0e2a47a8bd17e5df73df85e7390eeb4ac 58841f27968728a1090239486a929add08708a4578039714b80fd102142d455d Loading...

	www.birdlifenepal.org/public/front/js/map.js	23 kB	2023-03-10	2023-03-10
Pretty URL www.birdlifenepal.org/public/front/js/map.js IP 202.166.193.69 ASN #17501 WorldLink Communications Pvt Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:24:41 Last Seen2023-03-10 06:24:41 Times Seen1 Hash e695d2f7a0144f7ce8997daf843f3c85 117cb8292211620c5f3955dd4e31388dd58dd39e a85b6ee368bb9a4e38adc4d20c43979019f57592b8927b53f0dcbf664e7dd9d6 Loading...

HTTP Transactions (55)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ede732d48f2c32ad5e3b899bb4348df9
15fa12733818b3ae39f3022a715ed0f431b28242
446c9bf6bc38a43f5758f6f44f89ad76eff44eb8779cf7e62bbfeb002b298dee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "446C9BF6BC38A43F5758F6F44F89AD76EFF44EB8779CF7E62BBFEB002B298DEE"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8931
Expires: Fri, 23 Dec 2022 13:20:45 GMT
Date: Fri, 23 Dec 2022 10:51:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
93b8b5a49a73632695cbcc3857411d73
fc14f1c05d1d7854b636e62430c4a1b8ac5331e5
fc96c1373335203f4dcc470e252c19027537bab5d0f256ee9aaec6f24e57ae6f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC96C1373335203F4DCC470E252C19027537BAB5D0F256EE9AAEC6F24E57AE6F"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2856
Expires: Fri, 23 Dec 2022 11:39:30 GMT
Date: Fri, 23 Dec 2022 10:51:54 GMT
Connection: keep-alive

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

42 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (41507 bytes)
Hash
ad4c8327cf03ecf859eeab1d0f00fe4c
c2f6a9ba33568d5ece2164c280ae827dc1dc29ce
dd42c4aae923ea48bc8ac7ad471158f677aea780494c25fa836c241f49fc9b47

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: vgWxzQSZsXwNnUl_WPzo7HxFJw5SUqycLp2hIdrN0ct6v-ibO_Y7pA==
content-encoding: gzip
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 10:38:42 GMT
content-type: application/json
content-length: 41507
age: 792
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7f0ad5c2841a345f98197c2f1e86f4d
84cbfd91934a8715baba4a2da46451f35597c99c
be30540f2e06a3565c9b38bdbb9691f707d692b196bdcef5d671708aa9609795

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE30540F2E06A3565C9B38BDBB9691F707D692B196BDCEF5D671708AA9609795"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12368
Expires: Fri, 23 Dec 2022 14:18:02 GMT
Date: Fri, 23 Dec 2022 10:51:54 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: wKok8ZO/ZpV95P1zMO9Xhd5onx04gF8hJCIF3gkniZotlrowTVpWJVCbzZU/HQrRjFqHflO3RaU=
x-amz-request-id: 2CQAY1E96E0XJMVA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 09:56:09 GMT
age: 3345
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ad598540c6639aaaa344fb3ce4f3162f
b0b9f86d50de7dc23bdc7aee2f45d79a06165afc
4e9aaff330ce0c9c11f6bb8502fe21296b1845151bace75f73908a3194d5d0a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E9AAFF330CE0C9C11F6BB8502FE21296B1845151BACE75F73908A3194D5D0A1"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11963
Expires: Fri, 23 Dec 2022 14:11:17 GMT
Date: Fri, 23 Dec 2022 10:51:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 10:46:06 GMT
content-type: application/json
age: 348
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:51:54 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.birdlifenepal.org/

202.166.193.69

301 Moved Permanently

238 B

URL HTTP/1.1
www.birdlifenepal.org/
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
238 B (238 bytes)
Hash
6b37d81723b1159402761614c1f515c9
b1931af422704715314e03d4ebf3c4a8398ad5ff
29b6f4f47821a7b12f02b89e150e6d9fdd1e37df01b93f17ccaf97f2bef11891

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Dec 2022 10:51:54 GMT
Server: Apache
Location: https://www.birdlifenepal.org/
Content-Length: 238
Connection: close
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 10:33:25 GMT
age: 1109
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c615c937e6371bda0824b44af0c21c74
b097d69452bcc60085f563d094388185c26f0e7d
9f1194921b5d57dd52a217a47e69ad4cec7c08378c73c8dfccc3817119fcbb41

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4131
Cache-Control: max-age=170624
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:51:54 GMT
Etag: "63a56fa7-1d7"
Expires: Sun, 25 Dec 2022 10:15:38 GMT
Last-Modified: Fri, 23 Dec 2022 09:06:47 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.155.171.116

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.155.171.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: k1CUOncswCcsh4MkWJGHcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gP4gWQyt5QBLBS72X0PBB31gX8s=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14524
Expires: Fri, 23 Dec 2022 14:54:00 GMT
Date: Fri, 23 Dec 2022 10:51:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14524
Expires: Fri, 23 Dec 2022 14:54:00 GMT
Date: Fri, 23 Dec 2022 10:51:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14524
Expires: Fri, 23 Dec 2022 14:54:00 GMT
Date: Fri, 23 Dec 2022 10:51:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14524
Expires: Fri, 23 Dec 2022 14:54:00 GMT
Date: Fri, 23 Dec 2022 10:51:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5659 bytes)
Hash
2d4cf077d410b94f1326e942304f9e9b
98fb13feecfada3cc8b467aa48d7cdf1ed8ab001
ec82cd83bfd4da849888b0535c9764cd4d462ef9e12c5934512858375908dfe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SsDKCzVoU9imPo79Eg4_JraYGSE82tq3DvQqtDD4611YT_G18AED5w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:44:23 GMT
age: 32853
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90b79dbf-e3b6-4ad2-b197-fb6b74218bd0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6139 bytes)
Hash
9de9a9418a2a6dbe33d5e7cdb3dbd8d8
227cdc06cd59c7814312e5c5ab98e428ebc0d68d
f9920b5ef389a504181ba8e5078ba056a88470c9bb8b5f9290618374e5e0c217

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90b79dbf-e3b6-4ad2-b197-fb6b74218bd0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6139
x-amzn-requestid: caacc528-02d9-44a8-992f-9fb2e62544f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhBhQFbgoAMF_nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37c6e-56b3cdd227cbc7884c48b380;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:36:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awwayqXwvaSXu7dBeXDT6taglVIWbH7gtqiBG3Badp53x9a0QyTBZQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 22:08:57 GMT
age: 45779
etag: "227cdc06cd59c7814312e5c5ab98e428ebc0d68d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb884452-5df2-48ab-a4ec-32115997faa9.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8077 bytes)
Hash
5f7de42ebe61ecc6711724d27f95eb4c
6ce397b409ef839c0dc05f8b252de815ebd8c8a1
19717a5dcc74517c24f1262ab65461a76318bce3f65f35588c4012dc84d7fddc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb884452-5df2-48ab-a4ec-32115997faa9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8077
x-amzn-requestid: c66fc249-f713-4224-9c5a-520f048ff2ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhCLGGv2IAMFisw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a37d7a-2ccd93dd6cd5b63c6cd49bff;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 21:41:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZM8BwKszwJEeP_iYPkg5reOkom9LgZVKx0whx1DapZr9CEKEJBPX0Q==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:58:39 GMT
age: 46397
etag: "6ce397b409ef839c0dc05f8b252de815ebd8c8a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0029f3f-e2c3-472b-b92b-917899b028d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11436 bytes)
Hash
6245b142f904aef8824a55847539c0e8
fdcf061d2b42818fb4d4767a6f449755a0b86610
5b593e66cbf266e4d551390774d2d391b9e42e348fb6a8447e5f37c574fc606f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0029f3f-e2c3-472b-b92b-917899b028d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11436
x-amzn-requestid: 03a50026-b390-40c1-87f2-c374611ebe40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk3RrHRQIAMFwtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a505a4-7fad45da7d9afcc118c87170;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hrLGzcFRNgKUbkNfRXjvFgyo3A4jzoBHNNkcZh4jGfzg2XpsVyAJUw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:41:43 GMT
age: 33013
etag: "fdcf061d2b42818fb4d4767a6f449755a0b86610"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9158 bytes)
Hash
1c618f418af677595dddd2e7ed9e6a1f
ef8fd938e82dec810c56e4497441c452012e5a22
677f7502d2a69e2bdfad9fa2329ce8c78b7e413b4d7bd9cb414a768e381819cb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9158
x-amzn-requestid: ef5c3ac0-6e78-40c7-9289-bb4e3e88c168
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: de9-RHoioAMFX4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a2a9f4-3562d612246d193e695803de;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 06:38:44 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: iC2m4ASg-8irGcO9z9FpwVQAumplbOlr8lAedeAiZRUtKuVbM6uU0g==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 06:01:27 GMT
age: 17429
etag: "ef8fd938e82dec810c56e4497441c452012e5a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11939 bytes)
Hash
38cc82b5e5d8c2fee6f51021e156ec81
eafb4e029313caabcdbdc1002abcab95f66e91b1
b8cad011e1a98ee4e896f00263495aab7f9cab986736a7a5b4187b8e94c46493

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11939
x-amzn-requestid: a00e5ab5-ad16-4576-b046-381e36456998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqE94oAMFu5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-28687ad51eea1f6f3ce8cc86;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GZ4CbztfUpuPUplTacPrTbsufySu214BVAvkmxZe_PA2t89nsTFCdw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:37:14 GMT
age: 47682
etag: "eafb4e029313caabcdbdc1002abcab95f66e91b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
10d48b10752dd043ef911fe736536b8f
d880701c4fceaa30b84ef39d30d5266847780aa6
6f5445c341d431ef62b5c59e8818d795c8cd3e1b4d160a2b691aca2cc3f4821e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1167
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:51:57 GMT
Last-Modified: Fri, 23 Dec 2022 10:32:30 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

151.101.1.229

200 OK

24 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
IP
151.101.1.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65326)
Size
24 kB (23906 bytes)
Hash
77348602be5574ea01c6e042f63a9b12
1a0d5e8fdf352f8e58351f85152be5d141547e11
57e4cabfd2685370ba747eb1216a753a389200451202efd886758debf0d33a2a

HTTP Headers

GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.birdlifenepal.org
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Dec 2022 10:51:57 GMT
age: 23857671
x-served-by: cache-fra19178-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23906
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
10d48b10752dd043ef911fe736536b8f
d880701c4fceaa30b84ef39d30d5266847780aa6
6f5445c341d431ef62b5c59e8818d795c8cd3e1b4d160a2b691aca2cc3f4821e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1167
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:51:57 GMT
Last-Modified: Fri, 23 Dec 2022 10:32:30 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
10d48b10752dd043ef911fe736536b8f
d880701c4fceaa30b84ef39d30d5266847780aa6
6f5445c341d431ef62b5c59e8818d795c8cd3e1b4d160a2b691aca2cc3f4821e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6265
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:51:57 GMT
Last-Modified: Fri, 23 Dec 2022 09:07:33 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.0.0-beta.3/assets/owl.theme.default.min.css

104.17.24.14

200 OK

279 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.0.0-beta.3/assets/owl.theme.default.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1142), with no line terminators
Size
279 B (279 bytes)
Hash
422367b764fb612e6d5de25a6d3548eb
420de6cb19faac0d7bc3120e4c1f5659d0b8c18d
7bd0bbe4102430ee99ad5867e3cc146d601f7224fdeff12d3f49abf8ad8aa7ba

HTTP Headers

GET /ajax/libs/OwlCarousel2/2.0.0-beta.3/assets/owl.theme.default.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Dec 2022 10:51:57 GMT
content-type: text/css; charset=utf-8
content-length: 279
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-476"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4788520
expires: Wed, 13 Dec 2023 10:51:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q%2B%2FFbh9ADQEAdULA%2BGFmZ7oA6oAKB0PQq8HnR85Xk7BMhvxqfqA5ji6gAbIRloun9M6oU56PuqEbX3hDekK0HEUqVQB9ZMRFmvKz7e9S9Zae01yQAA2ped2XIB3j0X9ngnm3nKN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77e08b848fc11bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.mapbox.com/mapbox-gl-js/v2.3.0/mapbox-gl.css

143.204.50.3

200 OK

4.5 kB

URL HTTP/1.1
api.mapbox.com/mapbox-gl-js/v2.3.0/mapbox-gl.css
IP
143.204.50.3:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (35271), with no line terminators
Size
4.5 kB (4522 bytes)
Hash
1646f40f86dc1eb9ca8d1bf8db54cf31
054142a070bebeab248547411832954d7159372a
a2646a46e9cba4643800e6cf22eaf4a7d85cb2898ae2ee2c2b6a16bc6099760f

HTTP Headers

GET /mapbox-gl-js/v2.3.0/mapbox-gl.css HTTP/1.1
Host: api.mapbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 09 Nov 2022 01:19:29 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: "e1c40426e607d9e6076e76417e51eef5"
Last-Modified: Wed May 26 2021 00:27:39 GMT+0000 (Coordinated Universal Time)
Cache-Control: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CxaAwbLOLYQf4BKV68iaTb4u0E00JuQ4ad0DFM6gSpdg1whgk_glgA==
Age: 3835947

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.24.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Dec 2022 10:51:57 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 136790
expires: Wed, 13 Dec 2023 10:51:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muJGkUxtj2mDXF%2BJjeow%2F%2FnD3HIxLOXfOZCZkB6oo2RTCRDtR3sEXwB2f9VAupcBCtnt9hg1gjWYDljbOP1LsFldkmUpI2omeJuuBZh4Egs%2BGRK8hbfN9Inyswu9PhkXTkTJE6hK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77e08b849fc81bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.0.0-beta.3/assets/owl.carousel.min.css

104.17.24.14

200 OK

720 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.0.0-beta.3/assets/owl.carousel.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3592), with no line terminators
Size
720 B (720 bytes)
Hash
77a63c892e921a324f5bd9bf0f423d11
926298db0b99a5a3434a1366d87bedb34a0742d2
9fabb9ac46a7a63c5dcefd33852e2af9bee96c9f7b44e7fbfe63b22fb4bf6a39

HTTP Headers

GET /ajax/libs/OwlCarousel2/2.0.0-beta.3/assets/owl.carousel.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Dec 2022 10:51:57 GMT
content-type: text/css; charset=utf-8
content-length: 720
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-e08"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 17070815
expires: Wed, 13 Dec 2023 10:51:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcw8Mtmx3b0yiJ5sr9T8Y3Z9YK1zzIU%2B0O8D8z8%2BMzmLcvOWYklqC28Oc0Ojc2ytZqLvjGfrRq9%2BGwc3RfIZW%2Bl3TqFM%2BkUjt91IPS%2BfgrynrsI0wW7Id4hhtQPBySYntsFd0o0%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77e08b849fca1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
10d48b10752dd043ef911fe736536b8f
d880701c4fceaa30b84ef39d30d5266847780aa6
6f5445c341d431ef62b5c59e8818d795c8cd3e1b4d160a2b691aca2cc3f4821e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1167
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:51:57 GMT
Last-Modified: Fri, 23 Dec 2022 10:32:30 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
f2fb6ab3208f17af37d51c860b2a8cea
7fdbf7bd78230029e64e09856cdfeef9b37acbe1
42750390884b223b1cd510f96f12811c0ae158e4eddf79e11de6917b959a08bf

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:51:57 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "7A3BABC5028E48E8410593BEA6889B6144372770"
Expires: Fri, 23 Dec 2022 22:00:00 GMT
Last-Modified: Fri, 23 Dec 2022 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 530
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77e08b84ca4bb50f-OSL

www.birdlifenepal.org/

202.166.193.69

200 OK

56 kB

URL HTTP/1.1
www.birdlifenepal.org/
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (867), with CRLF, LF line terminators
Size
56 kB (56543 bytes)
Hash
36afa1ca80aed2a4c598350ef58b8094
e86d5bfa014c53db71de6b05c063c8f1dbb23f86
97205c3341a99ba7f8bde0f2466dab6c426af45614a0b5f0d7e0ab5a5e80a9e3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:51:55 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4; expires=Fri, 23-Dec-2022 12:51:56 GMT; path=/; HttpOnly
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

api.mapbox.com/mapbox-gl-js/v2.3.0/mapbox-gl.js

143.204.50.3

200 OK

225 kB

URL HTTP/1.1
api.mapbox.com/mapbox-gl-js/v2.3.0/mapbox-gl.js
IP
143.204.50.3:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (64170)
Size
225 kB (225280 bytes)
Hash
4f0bd0f06dbe0bc62eeb90a63cdf0715
af1a2e1bf7dfba972eac7d095fa613f6fb42cafd
ba5fb1357842cb3786f740e4e2308491bd3ebc9dcd5bd5535e8333e5d4cbea78

HTTP Headers

GET /mapbox-gl-js/v2.3.0/mapbox-gl.js HTTP/1.1
Host: api.mapbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 31 Aug 2022 08:09:29 GMT
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: "a7672b6a5c894e783270197e99036a8c"
Last-Modified: Wed May 26 2021 00:27:18 GMT+0000 (Coordinated Universal Time)
Cache-Control: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tPuvt6_cOCCWMwxfMhA6h7PtDprUN9wl4YbTftseo4JW6Ly2dqTNZA==
Age: 9859349

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
db28606dc76e7c8d91594dfcd6ed039e
ba91c6bfcb709fe2f2a5c42a1dcbdff94dd6e446
e4914f72fd7d4fa0cfe4bb434e3d03c734f77cd276d4adf8a5fea6b133282451

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:51:58 GMT
Last-Modified: Fri, 23 Dec 2022 10:00:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
db28606dc76e7c8d91594dfcd6ed039e
ba91c6bfcb709fe2f2a5c42a1dcbdff94dd6e446
e4914f72fd7d4fa0cfe4bb434e3d03c734f77cd276d4adf8a5fea6b133282451

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:51:58 GMT
Last-Modified: Fri, 23 Dec 2022 10:00:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ea9c31594ac9f34e2252b1060d6ef126
7c87a00090fb43b36d9f00594f6b1cfc2d51da35
7ca1db2bd01be12adceccfc5f5f586a5b401b33ff2d7bd3662c91e70ff41cbb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3169
Cache-Control: max-age=125021
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:51:58 GMT
Etag: "63a4c14a-117"
Expires: Sat, 24 Dec 2022 21:35:39 GMT
Last-Modified: Thu, 22 Dec 2022 20:42:50 GMT
Server: ECS (amb/6BAE)
X-Cache: HIT
Content-Length: 279

www.birdlifenepal.org/public/front/css/style.css

202.166.193.69

200 OK

46 kB

URL HTTP/1.1
www.birdlifenepal.org/public/front/css/style.css
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
assembler source, ASCII text, with CRLF line terminators
Size
46 kB (45690 bytes)
Hash
519a16d62995b849da1fecbeffad24bd
6be0c087ccc58b6d305aa7362a7c70d031d96807
875494e79e41997a4b43db74b4d8099e1052591527d7f9788855ad392156fffe

HTTP Headers

GET /public/front/css/style.css HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:51:57 GMT
Server: Apache
Last-Modified: Wed, 23 Mar 2022 06:26:00 GMT
ETag: "17c221-b27a-5dadccd904e00"
Accept-Ranges: bytes
Content-Length: 45690
Connection: close
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:51:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:51:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.birdlifenepal.org/public/front/js/main.js

202.166.193.69

200 OK

20 kB

URL HTTP/1.1
www.birdlifenepal.org/public/front/js/main.js
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
ASCII text, with CRLF line terminators
Size
20 kB (19953 bytes)
Hash
2aa379dc116178b9d7a922d1e906c1bc
ceac9be0e2a47a8bd17e5df73df85e7390eeb4ac
58841f27968728a1090239486a929add08708a4578039714b80fd102142d455d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /public/front/js/main.js HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:51:58 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 16:20:37 GMT
ETag: "17c21b-4df1-5e6723ec03f40"
Accept-Ranges: bytes
Content-Length: 19953
Connection: close
Content-Type: application/javascript

www.birdlifenepal.org/public/front/js/map.js

202.166.193.69

200 OK

23 kB

URL HTTP/1.1
www.birdlifenepal.org/public/front/js/map.js
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
ASCII text, with very long lines (1004)
Size
23 kB (23239 bytes)
Hash
e695d2f7a0144f7ce8997daf843f3c85
117cb8292211620c5f3955dd4e31388dd58dd39e
a85b6ee368bb9a4e38adc4d20c43979019f57592b8927b53f0dcbf664e7dd9d6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /public/front/js/map.js HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:51:58 GMT
Server: Apache
Last-Modified: Wed, 02 Mar 2022 17:11:38 GMT
ETag: "17c21c-5ac7-5d93f5fdc6680"
Accept-Ranges: bytes
Content-Length: 23239
Connection: close
Content-Type: application/javascript

www.birdlifenepal.org/public/front/images/icon/location-icon-1.png

202.166.193.69

200 OK

1.6 kB

URL HTTP/1.1
www.birdlifenepal.org/public/front/images/icon/location-icon-1.png
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
PNG image data, 40 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1649 bytes)
Hash
2045963a92a95b3cb3f7c8ab8f0ffd2d
06481ad53251f1674172fba43e91a007182d8fd8
f9a3988041361cf3dcae43283dcdb308f134b83a83c3bd88fafb43632eaa2477

HTTP Headers

GET /public/front/images/icon/location-icon-1.png HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:51:59 GMT
Server: Apache
Last-Modified: Fri, 26 Mar 2021 07:03:06 GMT
ETag: "17c162-671-5be6b1fb09e80"
Accept-Ranges: bytes
Content-Length: 1649
Connection: close
Content-Type: image/png

www.birdlifenepal.org/public/front/images/icon/calendar-icon-1.png

202.166.193.69

200 OK

1.2 kB

URL HTTP/1.1
www.birdlifenepal.org/public/front/images/icon/calendar-icon-1.png
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
PNG image data, 40 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1167 bytes)
Hash
00a3c79459e8d37932c14326fb878df3
e716ca1207fa06a70d960c7768a8c3f9efd5cd2e
fb3c581c6048e5d0c9f2399e94086ad6823cd66487db6967160b29b45d7bcaab

HTTP Headers

GET /public/front/images/icon/calendar-icon-1.png HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:51:59 GMT
Server: Apache
Last-Modified: Fri, 26 Mar 2021 07:03:20 GMT
ETag: "17c166-48f-5be6b20863e00"
Accept-Ranges: bytes
Content-Length: 1167
Connection: close
Content-Type: image/png

www.birdlifenepal.org/public/uploads/slidermini-3.png

202.166.193.69

200 OK

327 kB

URL HTTP/1.1
www.birdlifenepal.org/public/uploads/slidermini-3.png
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
PNG image data, 470 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
327 kB (326779 bytes)
Hash
5e7c71901743282b341924b4a8c8b42a
b31d90320504143f1adcbca1e2b972a59078d744
366af549963ce74a8d1e51bf8c74296491811e0aadeca6925e519c5d9da0dab6

HTTP Headers

GET /public/uploads/slidermini-3.png HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:51:58 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 02:39:23 GMT
ETag: "1580b8-4fc7b-5d6d7b1366cc0"
Accept-Ranges: bytes
Content-Length: 326779
Connection: close
Content-Type: image/png

www.birdlifenepal.org/public/uploads/slider-9.png

202.166.193.69

200 OK

627 kB

URL HTTP/1.1
www.birdlifenepal.org/public/uploads/slider-9.png
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
PNG image data, 1590 x 650, 8-bit/color RGBA, non-interlaced\012- data
Size
627 kB (627326 bytes)
Hash
ffe5006e8f3116df88eeda59534b63ff
55363f52a53acde1e41a538152eb1bfa9d5c588a
988183a78a433f1df1b89e5f43623c48571a1fdd9ae557afb3913358b35be941

HTTP Headers

GET /public/uploads/slider-9.png HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:51:58 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2022 05:36:45 GMT
ETag: "1580a9-9927e-5d5fce3455540"
Accept-Ranges: bytes
Content-Length: 627326
Connection: close
Content-Type: image/png

www.birdlifenepal.org/chhimekichara/get_district_by_province

202.166.193.69

200 OK

46 B

URL HTTP/1.1
www.birdlifenepal.org/chhimekichara/get_district_by_province
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
a33fa646f13b08b314ed5b081d947d14
9bff5c5c9384957c73c28f02acae4141f69d4197
d592b8c368fbeb1b4ba26ba5c068015693bdc2e4dcb108c3ade6c01499cb4b8f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /chhimekichara/get_district_by_province HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://www.birdlifenepal.org
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:51:59 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4; expires=Fri, 23-Dec-2022 12:52:00 GMT; path=/; httponly
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.birdlifenepal.org/public/uploads/slidermini-4.png

202.166.193.69

200 OK

294 kB

URL HTTP/1.1
www.birdlifenepal.org/public/uploads/slidermini-4.png
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
PNG image data, 470 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
294 kB (293661 bytes)
Hash
6f26e9d863dbd1aef0900c9db29adaa4
02a991af815b098e1a221232b353108fa21f0aaa
aa072f335dcf24840b61ded738c7379dfae6c459b7f750a6cd541205ed37a5ff

HTTP Headers

GET /public/uploads/slidermini-4.png HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:51:58 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 02:42:09 GMT
ETag: "15808e-47b1d-5d6d7bb1b6240"
Accept-Ranges: bytes
Content-Length: 293661
Connection: close
Content-Type: image/png

www.birdlifenepal.org/public/uploads/slidermini-5.png

202.166.193.69

200 OK

373 kB

URL HTTP/1.1
www.birdlifenepal.org/public/uploads/slidermini-5.png
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
PNG image data, 470 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
373 kB (373146 bytes)
Hash
f26cd8c3d254b826238dd471560d73db
11b82a13d9f24722939347ca56b7d961cb6372d1
1678a153164424e2b178cb2a85178e33bfb7a5535f76fd7d7ebe7a07f0123d06

HTTP Headers

GET /public/uploads/slidermini-5.png HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:51:59 GMT
Server: Apache
Last-Modified: Mon, 31 Jan 2022 02:45:14 GMT
ETag: "15810d-5b19a-5d6d7c6224280"
Accept-Ranges: bytes
Content-Length: 373146
Connection: close
Content-Type: image/png

www.birdlifenepal.org/chhimekichara/get_search_result

202.166.193.69

500 Internal Server Error

5.8 kB

URL HTTP/1.1
www.birdlifenepal.org/chhimekichara/get_search_result
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
5.8 kB (5761 bytes)
Hash
6206ce80a96aa53d0618bce1c9e3aea3
8c1cf58b9198772edb4f92934ad6f5fd7253421e
e9d9f313cb867a3ce86420d9394ee0229da35bda567bdd06d34ee59ffdb93e7c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /chhimekichara/get_search_result HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://www.birdlifenepal.org
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0

HTTP/1.1 500 Internal Server Error
Date: Fri, 23 Dec 2022 10:52:00 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4; expires=Fri, 23-Dec-2022 12:52:01 GMT; path=/; httponly
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.birdlifenepal.org/public/uploads/publication-105.png

202.166.193.69

200 OK

73 kB

URL HTTP/1.1
www.birdlifenepal.org/public/uploads/publication-105.png
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type
PNG image data, 200 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
73 kB (72811 bytes)
Hash
0d74feabbc33bb21b8787998ab81e583
925b396aac355c32e086d3fc84a70b2549815b88
85d2caaf3722c21af2d0179ebe9d5c950956cafadf3960ffc3daac339c2bb02e

HTTP Headers

GET /public/uploads/publication-105.png HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:52:01 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 04:44:17 GMT
ETag: "158139-11c6b-5ecc5f59d6a40"
Accept-Ranges: bytes
Content-Length: 72811
Connection: close
Content-Type: image/png

html2canvas.hertzen.com/dist/html2canvas.js

172.67.203.102

200 OK

0 B

URL HTTP/2
html2canvas.hertzen.com/dist/html2canvas.js
IP
172.67.203.102:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/html2canvas.js HTTP/1.1
Host: html2canvas.hertzen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Dec 2022 10:51:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 22 Jan 2022 16:56:04 GMT
access-control-allow-origin: *
etag: W/"61ec3724-6bcc6"
expires: Thu, 22 Dec 2022 02:03:25 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 29C4:2184:1F290A:354DB3:62D04A74
via: 1.1 varnish
age: 238
x-served-by: cache-bma1666-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1657934213.692544,VS0,VE104
vary: Accept-Encoding
x-fastly-request-id: bb636bd49ec6cbcb28b9b4476da2cd0908a6ac3f
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8d55q%2BZswLYX6GAq7vc0smP%2B3EFGkzOCmZJyTacQC5x1NaitqgPB3v36QZU51gdPx0LRQQnH%2Fn25%2BMNzRS6%2FYhgEN7l90p%2FGCXVMALhSizuNysOsbG04HeZtj%2F87OvUaO267WKDX%2Fsdvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77e08b888b46b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Poppins:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Dec 2022 10:51:58 GMT
date: Fri, 23 Dec 2022 10:51:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.birdlifenepal.org/public/uploads/publication-104.png

202.166.193.69

200 OK

0 B

URL HTTP/1.1
www.birdlifenepal.org/public/uploads/publication-104.png
IP
202.166.193.69:0
ASN
#17501 WorldLink Communications Pvt Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /public/uploads/publication-104.png HTTP/1.1
Host: www.birdlifenepal.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Cookie: ci_session=v4l4qp1d34nu6fru3jce1e6erdp7nos4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 10:52:01 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 04:41:32 GMT
ETag: "158077-1a25c-5ecc5ebc7b700"
Accept-Ranges: bytes
Content-Length: 107100
Connection: close
Content-Type: image/png

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.birdlifenepal.org
Connection: keep-alive
Referer: https://www.birdlifenepal.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 23 Dec 2022 10:51:58 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 65b2c4376259636255a85a77f4dd7b04
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77e08b882a58b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP