urlscan.io logo urlscan.io
SecurityTrails logo

www.bfst.xyz Open in urlscan Pro
2606:4700:3037::681b:bd12  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.bfst.xyz/two.php
Submission: On October 24 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 6 countries across 11 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3037::681b:bd12, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bfst.xyz.
This is the only time www.bfst.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 139.45.196.33 9002 (RETN-AS)
1 192.243.59.13 39572 (ADVANCEDH...)
4 2a04:4e42:1b:... 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 85.149.71.50 5390 (EURONET)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
2 139.45.196.108 9002 (RETN-AS)
14 34.120.50.37 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.99.0.58 16276 (OVH)
1 35.190.71.96 15169 (GOOGLE)
1 2 2a00:1a28:151... 42708 (PORTLANE ...)
35 15
1    2606:4700:3037::681b:bd12 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bfst.xyz
2    139.45.196.33 (Ascension Island)

ASN9002 (RETN-AS, EU)
geedoovu.net
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
presumptuouspasswords.com
4    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
2    85.149.71.50 (Arnhem, Netherlands)

ASN5390 (EURONET, NL)
livecounter.theyosh.nl
2    2606:4700::6810:5b06 (United States)

ASN13335 (CLOUDFLARENET, US)
celeritascdn.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    139.45.196.108 (Ascension Island)

ASN9002 (RETN-AS, EU)
onmarshtompor.com
14    34.120.50.37 (United States)

ASN15169 (GOOGLE, US)
PTR: 37.50.120.34.bc.googleusercontent.com
34.120.50.37
1    2606:4700:3034::6812:3647 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
1    192.99.0.58 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net
s4.histats.com
1    35.190.71.96 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com
onclickgenius.com
2    2a00:1a28:1510:9::5271 (Stockholm, Sweden)

ASN42708 (PORTLANE www.portlane.com, SE)
cdn.livecounter.theyosh.nl
Domain Requested by
4 cdn.jsdelivr.net www.bfst.xyz
2 cdn.livecounter.theyosh.nl 1 redirects livecounter.theyosh.nl
2 onmarshtompor.com geedoovu.net
2 celeritascdn.com www.bfst.xyz
2 livecounter.theyosh.nl 1 redirects www.bfst.xyz
2 geedoovu.net www.bfst.xyz
1 onclickgenius.com www.bfst.xyz
1 s4.histats.com s10.histats.com
1 ufpcdn.com www.bfst.xyz
1 s10.histats.com www.bfst.xyz
1 waust.at www.bfst.xyz
1 presumptuouspasswords.com www.bfst.xyz
1 www.bfst.xyz
35 13

This site contains no links.

Subject Issuer Validity Valid
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-05 -
2021-04-17		 6 months crt.sh
theyosh.nl
Let's Encrypt Authority X3		 2020-09-12 -
2020-12-11		 3 months crt.sh
histats.com
Let's Encrypt Authority X3		 2020-09-08 -
2020-12-07		 3 months crt.sh
cdn.livecounter.theyosh.nl
Let's Encrypt Authority X3		 2020-09-10 -
2020-12-09		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://www.bfst.xyz/two.php
Frame ID: A2501B35D1FA3B75F55C74E4631B70F0
Requests: 31 HTTP requests in this frame

Frame: http://onmarshtompor.com/fac.php
Frame ID: 43E143C4E5CF2D34E0F7320D53DEE095
Requests: 1 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: E40C0F46E74867C5D6F4B70BCC622439
Requests: 1 HTTP requests in this frame

Frame: https://cdn.livecounter.theyosh.nl/8935.html
Frame ID: F1AA73CC59270B14F48C33BF81036441
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

35
Requests

20 %
HTTPS

43 %
IPv6

11
Domains

13
Subdomains

15
IPs

6
Countries

13043 kB
Transfer

14826 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://livecounter.theyosh.nl/8935.js HTTP 301
  • https://livecounter.theyosh.nl/8935.js
Request Chain 27
  • http://cdn.livecounter.theyosh.nl/8935.html HTTP 301
  • https://cdn.livecounter.theyosh.nl/8935.html

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set two.php
www.bfst.xyz/ 		2 MB
603 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.bfst.xyz/two.php
Protocol
HTTP/1.1
Server
2606:4700:3037::681b:bd12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e10d6b04df8d4ffb9aa18d4ef93a03fad9cf0daef50ba86630d94a04a3c2614

Request headers

Host
www.bfst.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dac3f0a0af149eb93554a3a5e90d1c2c21603549029; expires=Mon, 23-Nov-20 14:17:09 GMT; path=/; domain=.bfst.xyz; HttpOnly; SameSite=Lax
Vary
Accept-Encoding
CF-Cache-Status
HIT
Age
459
Expires
Sat, 24 Oct 2020 18:17:09 GMT
Cache-Control
public, max-age=14400
cf-request-id
05fc917d2200001f45a10e8000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Sl0UxcXMcbdb191w%2BEywX4DRfXWVAsfUpCPJleeE6y2%2Fy1ZTKe01SpJrfL0Hk6hqgcbkz0povcnUtQcDksku8JFWRjBmEN3HBCe6H8s7n9DtBzQjvX6xo1Q%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5e7451db6f0e1f45-FRA
Content-Encoding
gzip
apu.php
geedoovu.net/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://geedoovu.net/apu.php?zoneid=3611436&oo=1
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
HTTP/1.1
Server
139.45.196.33 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
fe1c12505381eb0ed9ea20e8a56318e9903a31ced79ef607f56ff8981993549f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
1a20afef27272dd16b074c8d39fa1a8e
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
http://www.bfst.xyz
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT
tag.min.js
geedoovu.net/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://geedoovu.net/tag.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
HTTP/1.1
Server
139.45.196.33 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
8f50523037ef65967a0ad29059cf17036edea07c866162b80d93db49ca521363
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
25508
X-Trace-Id
27a1e22bc23d691e326288130eee503f
Pragma
no-cache
Last-Modified
Thu, 22 Oct 2020 15:23:10 GMT
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT
7028b257c6702101190fa525b7cc585c.js
presumptuouspasswords.com/70/28/b2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://presumptuouspasswords.com/70/28/b2/7028b257c6702101190fa525b7cc585c.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
HTTP/1.1
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Oct 2020 14:17:10 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
clappr.min.js
cdn.jsdelivr.net/clappr/latest/ 		517 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
7297593
x-cache
HIT, HIT
status
200
content-length
129736
etag
W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
x-served-by
cache-fra19146-FRA, cache-hhn4054-HHN
date
Sat, 24 Oct 2020 14:17:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/clappr.level-selector/latest/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
7514126
x-cache
HIT, HIT
status
200
content-length
3061
etag
W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
x-served-by
cache-fra19151-FRA, cache-hhn4054-HHN
date
Sat, 24 Oct 2020 14:17:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
hlsjs-p2p-engine.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
815ad19de0c36aa2349618b875a1b275755c78115359305d1bea97762700e3ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
37834
x-cache
HIT, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
29401
etag
W/"18868-wsqMiWrUQ2G3x6qtJpuhXL95XmY"
x-served-by
cache-fra19136-FRA, cache-hhn4054-HHN
date
Sat, 24 Oct 2020 14:17:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clappr-plugin.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
75bd806cedfbb8345056d85741118c48d3d54b910410e9845a4f8d5073eeb558
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2451
x-cache
HIT, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
1137
etag
W/"b7a-xrHVogjSh9UgCA6avhjMzbTd9uk"
x-served-by
cache-fra19180-FRA, cache-hhn4054-HHN
date
Sat, 24 Oct 2020 14:17:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
d.js
waust.at/ 		13 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://waust.at/d.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
HTTP/1.1
Server
2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:10 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
189
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
05fc9180cc00002bf6ad009000000001
last-modified
Mon, 05 Oct 2020 15:46:56 GMT
Server
cloudflare
etag
W/"5f7b3ff0-3444"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BNq28rrxbr7ST6rpdlUIZjFCtBNySQZGhgMKcN%2BI%2FHFdOpL61%2F4XeHjKpR2qEKuUYK8vkNGwrE%2B3cn5cJZ8DFWj9dtn1fJztEEbEpSf70Wxuyzc1wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
CF-RAY
5e7451e1496c2bf6-FRA
expires
Sun, 25 Oct 2020 14:14:01 GMT
8935.js
livecounter.theyosh.nl/
Redirect Chain
  • http://livecounter.theyosh.nl/8935.js
  • https://livecounter.theyosh.nl/8935.js
374 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://livecounter.theyosh.nl/8935.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.149.71.50 Arnhem, Netherlands, ASN5390 (EURONET, NL),
Reverse DNS
Software
nginx /
Resource Hash
d39584af654bfe9668855dc03d0b61cc679a56b3c2648e5fe54c5e1c544d78f8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-version
LUA:1.0
date
Sat, 24 Oct 2020 14:17:14 GMT
content-encoding
gzip
server
nginx
status
200
strict-transport-security
max-age=15768000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=691200
expires
Sun, 01 Nov 2020 14:17:14 GMT

Redirect headers

X-Version
LUA:1.0
Date
Sat, 24 Oct 2020 14:17:10 GMT
Server
nginx
Location
https://livecounter.theyosh.nl/8935.js
Strict-Transport-Security
max-age=15768000
Content-Type
text/html
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
162
compatibility.js
celeritascdn.com/script/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://celeritascdn.com/script/compatibility.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
HTTP/1.1
Server
2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
418
X-GUploader-UploadID
ABg5-UxkH0G-9-4VoNWEwVI0tS5BuUlU7cUGfFLQWBJjmNgGxxdIQrWo11Vs0yHVqzX_2GDCmkyR1_Hekw-Z5KAbFEE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Type
application/javascript
cf-request-id
05fc9180f1000005b797061000000001
Last-Modified
Tue, 15 Sep 2020 12:10:32 GMT
Server
cloudflare
ETag
W/"c2bbc1e2544049cb035c321919bef2bc"
Vary
Accept-Encoding
x-goog-hash
crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
x-goog-generation
1600171832181211
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
20647
CF-RAY
5e7451e188d005b7-FRA
Expires
Sat, 24 Oct 2020 18:17:10 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:11:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"-375139978"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
32124
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
X-IPLB-Request-ID
526614D3:C708_2E69C9F0:0050_5F943766_364F0:15A0B
Content-Length
4547
X-Request-ID
594478439
options
onmarshtompor.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://onmarshtompor.com/options?option_args=CKy23AESIDQ3NjFiNmNmNGRmODRhMDE5MWRjMDA3ZTk5MDI4ODcwGi9odHRwOi8vZ2VlZG9vdnUubmV0L2FwdS5waHA_em9uZWlkPTM2MTE0MzYmb289MSIbaHR0cDovL3d3dy5iZnN0Lnh5ei90d28ucGhw
Protocol
HTTP/1.1
Server
139.45.196.108 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.bfst.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sat, 24 Oct 2020 14:17:10 GMT
Connection
keep-alive
Access-Control-Allow-Origin
http://www.bfst.xyz
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
options
onmarshtompor.com/ 		0
0
fac.php
onmarshtompor.com/ Frame 43E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://onmarshtompor.com/fac.php
Requested by
Host: geedoovu.net
URL: http://geedoovu.net/tag.min.js
Protocol
HTTP/1.1
Server
139.45.196.108 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
onmarshtompor.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.bfst.xyz/two.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bfst.xyz/two.php

Response headers

Server
nginx
Date
Sat, 24 Oct 2020 14:17:10 GMT
Content-Type
text/html; charset=utf8
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
X-Trace-Id
38d5f2dfbfe7a42c390d5d027d5366e3
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
index.m3u8
34.120.50.37/live/b/ 		267 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
623cf1d0c2d3c96f77a75af32ba02f854d4f0c5221b0d5367e19fb4bfa6ed920

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:10 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:17:02 GMT
Server
nginx/1.12.2
ETag
"5f94375e-10b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
267
Cookie set identify.html
ufpcdn.com/script/ Frame E40C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:3647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
ufpcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.bfst.xyz/two.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bfst.xyz/two.php

Response headers

Date
Sat, 24 Oct 2020 14:17:10 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=daddfcac24c732457ec055e6292478b1c1603549030; expires=Mon, 23-Nov-20 14:17:10 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=54773435e3f007b753005d1d15526a8b99cd289d-1603549030-1800-AWVwgfqEc+fqy/3cqDdnuyHpwu9ndYnk01pP8IxSDjpktpntY2Bg88nKaDiJcW1YC5YWLB60nP+14XhrS/LcXCQ=; path=/; expires=Sat, 24-Oct-20 14:47:10 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
05fc9181540000c2ea1fb0d000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pUY3N%2FtuWo8DdQ7gdeYmnoSrnzHJIsMIe%2FQjHuqVSC3DuM69NfQh0dyya62lOE13GuDHgIhuPWxus%2FduLmkO5Ec95h7H7DlQ%2BBIomcTkbpykWrv32Gha"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5e7451e21eacc2ea-FRA
Content-Encoding
gzip
0.php
s4.histats.com/stats/ 		52 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4275943&@f16&@g1&@h1&@i1&@j1603549030733&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-176849335&@b3:1603549031&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fwww.bfst.xyz%2Ftwo.php&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.0.58 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500326.ip-192-99-0.net
Software
/
Resource Hash
f485d2f3275acaa46a49797181cce77f13b3299e65b1dd981a8623613ea3d8fc

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:11 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
index.m3u8
34.120.50.37/live/b/ 		267 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
623cf1d0c2d3c96f77a75af32ba02f854d4f0c5221b0d5367e19fb4bfa6ed920

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:10 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:17:02 GMT
Server
nginx/1.12.2
ETag
"5f94375e-10b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
267
1603548996550.ts
34.120.50.37/live/b/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/1603548996550.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
e6951917fc6d0c4af8cd3d1f4ae7500c95c4ec64c13d7f0af3f6a371cde534a3

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:10 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:16:40 GMT
Server
nginx/1.12.2
ETag
"5f943748-1a9284"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
1741444
382bd742-23aa-483e-8ae1-c970d214d49e
http://www.bfst.xyz/ 		62 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.bfst.xyz/382bd742-23aa-483e-8ae1-c970d214d49e
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
084d101cc0609fd6400a3ced2d12a956ca33c8e8964e4b92380c35e7d0f64531

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
63944
Content-Type
text/javascript
suurl.php
onclickgenius.com/script/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://onclickgenius.com/script/suurl.php?r=2466091&cbrandom=0.25680797224521745&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
HTTP/1.1
Server
35.190.71.96 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.71.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
fec9dab3fef0cf2756da64a5d8020a36fa94e8bfdef39d664dfaefe5c91e5849

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Oct 2020 14:17:11 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
openresty
Via
1.1 google
Content-Type
application/javascript; charset=utf-8
chrome.js
celeritascdn.com/script/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://celeritascdn.com/script/chrome.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/two.php
Protocol
HTTP/1.1
Server
2606:4700::6810:5b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
3085
X-GUploader-UploadID
ABg5-UzjdAhGvQK2XT7EqUMQ0h8TtggLA284hfvePTwegnuGVGTu-5C9Tv5kRLeA57rkuqI3C-TTPniuONITlOrjN9fAqlU3Sg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Type
application/javascript
cf-request-id
05fc91821a000005b73a156000000001
Last-Modified
Mon, 14 Sep 2020 09:15:29 GMT
Server
cloudflare
ETag
W/"ef6565ab259dafbc08468b4d0bb46762"
Vary
Accept-Encoding
x-goog-hash
crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
x-goog-generation
1600074929755781
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
37300
CF-RAY
5e7451e35e6f05b7-FRA
Expires
Sat, 24 Oct 2020 18:17:10 GMT
1603549000703.ts
34.120.50.37/live/b/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/1603549000703.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
cf0d112b84ba95ca4d84d3a997b0400d148c1de95b2ac13a0f8adc8f2cc663fd

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:11 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:16:45 GMT
Server
nginx/1.12.2
ETag
"5f94374d-1d28ec"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
1911020
1603549005961.ts
34.120.50.37/live/b/ 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/1603549005961.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
55de8be1df303d10da70869a9a287e6519e0b02384567b4b3ea82a7d1378dfe2

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:11 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:16:54 GMT
Server
nginx/1.12.2
ETag
"5f943756-2caaf4"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
2927348
1603549014284.ts
34.120.50.37/live/b/ 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/1603549014284.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
01bff8b543e720a25d9755517ddd4646a67d8c0b6c7b2720d2e23fc2baebd91b

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:11 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:17:02 GMT
Server
nginx/1.12.2
ETag
"5f94375e-283678"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
2635384
index.m3u8
34.120.50.37/live/b/ 		267 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
27af323b19287a27d95444925a79c1a8334f2f8e7ef5fb91cea5148d79b7cdaf

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:14 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:17:11 GMT
Server
nginx/1.12.2
ETag
"5f943767-10b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
267
1603549022768.ts
34.120.50.37/live/b/ 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/1603549022768.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
0b5fd704a77056a886bad2d33a666f2f27f9256dc0db4a56bc7bd03b17f1ddf2

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:14 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:17:11 GMT
Server
nginx/1.12.2
ETag
"5f943767-3224e0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
3286240
8935.html
cdn.livecounter.theyosh.nl/ Frame F1AA
Redirect Chain
  • http://cdn.livecounter.theyosh.nl/8935.html
  • https://cdn.livecounter.theyosh.nl/8935.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.livecounter.theyosh.nl/8935.html
Requested by
Host: livecounter.theyosh.nl
URL: http://livecounter.theyosh.nl/8935.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1a28:1510:9::5271 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
cdn.livecounter.theyosh.nl
:scheme
https
:path
/8935.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.bfst.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bfst.xyz/

Response headers

status
200
server
nginx
date
Sat, 24 Oct 2020 14:17:18 GMT
content-type
text/html; charset=utf-8
expires
Sun, 01 Nov 2020 10:32:27 GMT
cache-control
max-age=691200
x-version
LUA:1.0
access-control-allow-origin
*
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip

Redirect headers

Server
nginx
Date
Sat, 24 Oct 2020 14:17:18 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://cdn.livecounter.theyosh.nl/8935.html
Strict-Transport-Security
max-age=15768000
X-Content-Type-Options
nosniff
X-XSS-Protection
1
Referrer-Policy
strict-origin-when-cross-origin
index.m3u8
34.120.50.37/live/b/ 		267 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
37314ee463dcf675a5e1731535dd75636509f88e64c540633c4cc169c9f2e294

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:18 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:17:17 GMT
Server
nginx/1.12.2
ETag
"5f94376d-10b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
267
index.m3u8
34.120.50.37/live/b/ 		267 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
37314ee463dcf675a5e1731535dd75636509f88e64c540633c4cc169c9f2e294

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:22 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:17:17 GMT
Server
nginx/1.12.2
ETag
"5f94376d-10b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
267
index.m3u8
34.120.50.37/live/b/ 		267 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
37314ee463dcf675a5e1731535dd75636509f88e64c540633c4cc169c9f2e294

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:25 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:17:17 GMT
Server
nginx/1.12.2
ETag
"5f94376d-10b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
267
index.m3u8
34.120.50.37/live/b/ 		267 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
37314ee463dcf675a5e1731535dd75636509f88e64c540633c4cc169c9f2e294

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:25 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:17:17 GMT
Server
nginx/1.12.2
ETag
"5f94376d-10b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
267
index.m3u8
34.120.50.37/live/b/ 		267 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
4424b015bcdf9f2854e5c704c14a240326084e1ccf58ef63fe699fbcbe6e4603

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:28 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:17:25 GMT
Server
nginx/1.12.2
ETag
"5f943775-10b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
267
index.m3u8
34.120.50.37/live/b/ 		267 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://34.120.50.37/live/b/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.50.37 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
37.50.120.34.bc.googleusercontent.com
Software
nginx/1.12.2 /
Resource Hash
8508647c069c1671387115a88aa1ca38eea5301f95df98adc733fb1bbe37fbc5

Request headers

Referer
http://www.bfst.xyz/two.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 24 Oct 2020 14:17:28 GMT
Via
1.1 google
Last-Modified
Sat, 24 Oct 2020 14:17:25 GMT
Server
nginx/1.12.2
ETag
"5f943775-10b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
267

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
onmarshtompor.com
URL
http://onmarshtompor.com/options?option_args=CKy23AESIDQ3NjFiNmNmNGRmODRhMDE5MWRjMDA3ZTk5MDI4ODcwGi9odHRwOi8vZ2VlZG9vdnUubmV0L2FwdS5waHA_em9uZWlkPTM2MTE0MzYmb289MSIbaHR0cDovL3d3dy5iZnN0Lnh5ei90d28ucGhw

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| trustedTypes string| gqj object| tje string| k object| _atoqudqt68e object| skf3js6xq2 object| zfgformats function| setImmediate function| clearImmediate function| _chcpvwj function| _dgaqzg function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup object| _0x3f76 function| _0x5339 object| adcashMacros object| zoneSett object| urls object| iceConfig object| _0x585b function| _0x1442 function| runAdblock object| _0x4c8a function| _0xddae function| acPrefetch object| CTABPu string| b function| Zepto function| $ object| Clappr function| LevelSelector boolean| p2ploadedHls function| P2PEngine function| CDNByeClapprPlugin object| _Hasync object| playerElement object| player object| _wau string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| _0x30a0 function| ufpAttach object| CTAMAT number| delay object| adcashUfp function| chfh function| chfh2 string| _HST_cntval object| Histats object| _0x756f object| Cnac object| stamat function| NqPnfu26914270898692183 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| _HistatsCounterGraphics_0_setValues object| _adas_v211fa function| jonIUBFjnvJDNvluc0.34020324673759994

9 Cookies

Domain/Path Name / Value
www.bfst.xyz/ Name: adcashufpv3
Value: 104377705810060136692097863850
www.bfst.xyz/ Name: HstPt4275943
Value: 1
www.bfst.xyz/ Name: HstCnv4275943
Value: 1
www.bfst.xyz/ Name: HstCla4275943
Value: 1603549030733
www.bfst.xyz/ Name: HstCns4275943
Value: 1
www.bfst.xyz/ Name: HstCmu4275943
Value: 1603549030733
www.bfst.xyz/ Name: HstPn4275943
Value: 1
www.bfst.xyz/ Name: HstCfa4275943
Value: 1603549030733
.bfst.xyz/ Name: __cfduid
Value: dac3f0a0af149eb93554a3a5e90d1c2c21603549029

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.livecounter.theyosh.nl
celeritascdn.com
geedoovu.net
livecounter.theyosh.nl
onclickgenius.com
onmarshtompor.com
presumptuouspasswords.com
s10.histats.com
s4.histats.com
ufpcdn.com
waust.at
www.bfst.xyz
onmarshtompor.com
139.45.196.108
139.45.196.33
192.243.59.13
192.99.0.58
2606:4700:20::681a:407
2606:4700:3034::6812:3647
2606:4700:3037::681b:bd12
2606:4700::6810:5b06
2a00:1a28:1510:9::5271
2a04:4e42:1b::621
34.120.50.37
35.190.71.96
46.105.201.240
85.149.71.50
01bff8b543e720a25d9755517ddd4646a67d8c0b6c7b2720d2e23fc2baebd91b
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
084d101cc0609fd6400a3ced2d12a956ca33c8e8964e4b92380c35e7d0f64531
0b5fd704a77056a886bad2d33a666f2f27f9256dc0db4a56bc7bd03b17f1ddf2
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
27af323b19287a27d95444925a79c1a8334f2f8e7ef5fb91cea5148d79b7cdaf
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
37314ee463dcf675a5e1731535dd75636509f88e64c540633c4cc169c9f2e294
4424b015bcdf9f2854e5c704c14a240326084e1ccf58ef63fe699fbcbe6e4603
55de8be1df303d10da70869a9a287e6519e0b02384567b4b3ea82a7d1378dfe2
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
623cf1d0c2d3c96f77a75af32ba02f854d4f0c5221b0d5367e19fb4bfa6ed920
75bd806cedfbb8345056d85741118c48d3d54b910410e9845a4f8d5073eeb558
815ad19de0c36aa2349618b875a1b275755c78115359305d1bea97762700e3ef
8508647c069c1671387115a88aa1ca38eea5301f95df98adc733fb1bbe37fbc5
8e10d6b04df8d4ffb9aa18d4ef93a03fad9cf0daef50ba86630d94a04a3c2614
8f50523037ef65967a0ad29059cf17036edea07c866162b80d93db49ca521363
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
cf0d112b84ba95ca4d84d3a997b0400d148c1de95b2ac13a0f8adc8f2cc663fd
d39584af654bfe9668855dc03d0b61cc679a56b3c2648e5fe54c5e1c544d78f8
e6951917fc6d0c4af8cd3d1f4ae7500c95c4ec64c13d7f0af3f6a371cde534a3
f485d2f3275acaa46a49797181cce77f13b3299e65b1dd981a8623613ea3d8fc
fe1c12505381eb0ed9ea20e8a56318e9903a31ced79ef607f56ff8981993549f
fec9dab3fef0cf2756da64a5d8020a36fa94e8bfdef39d664dfaefe5c91e5849