urlscan.io logo urlscan.io
SecurityTrails logo

www.bfst.xyz Open in urlscan Pro
2606:4700:3037::681b:bd12  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.bfst.xyz/five.php
Submission Tags: falconsandbox
Submission: On October 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 6 countries across 10 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3037::681b:bd12, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bfst.xyz.
This is the only time www.bfst.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.243.59.13 39572 (ADVANCEDH...)
4 2a04:4e42:3::621 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2001:470:1f0a... 6939 (HURRICANE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
1 2 2a00:1a28:151... 42708 (PORTLANE ...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.99.0.58 16276 (OVH)
1 35.190.71.96 15169 (GOOGLE)
17 12
1    2606:4700:3037::681b:bd12 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bfst.xyz
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
presumptuouspasswords.com
4    2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
2    2001:470:1f0a:716::2 (Russian Federation)

ASN6939 (HURRICANE, US)
livecounter.theyosh.nl
2    2606:4700::6811:c46b (United States)

ASN13335 (CLOUDFLARENET, US)
celeritascdn.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    2a00:1a28:1510:9::5271 (Stockholm, Sweden)

ASN42708 (PORTLANE www.portlane.com, SE)
cdn.livecounter.theyosh.nl
1    2606:4700:3034::6812:3647 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
1    192.99.0.58 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net
s4.histats.com
1    35.190.71.96 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com
onclickgenius.com
Domain Requested by
4 cdn.jsdelivr.net www.bfst.xyz
2 cdn.livecounter.theyosh.nl 1 redirects livecounter.theyosh.nl
2 celeritascdn.com www.bfst.xyz
2 livecounter.theyosh.nl 1 redirects www.bfst.xyz
1 onclickgenius.com www.bfst.xyz
1 s4.histats.com s10.histats.com
1 ufpcdn.com www.bfst.xyz
1 s10.histats.com www.bfst.xyz
1 waust.at www.bfst.xyz
1 presumptuouspasswords.com www.bfst.xyz
1 www.bfst.xyz
0 34.120.21.99 Failed cdn.jsdelivr.net
17 12

This site contains no links.

Subject Issuer Validity Valid
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-05 -
2021-04-17		 6 months crt.sh
theyosh.nl
Let's Encrypt Authority X3		 2020-09-12 -
2020-12-11		 3 months crt.sh
cdn.livecounter.theyosh.nl
Let's Encrypt Authority X3		 2020-09-10 -
2020-12-09		 3 months crt.sh
histats.com
Let's Encrypt Authority X3		 2020-09-08 -
2020-12-07		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://www.bfst.xyz/five.php
Frame ID: F0261FA2E5D4B972AFAF40C9554783CA
Requests: 15 HTTP requests in this frame

Frame: https://cdn.livecounter.theyosh.nl/8935.html
Frame ID: B1E73459C0CD84FF12470445BDB00FD8
Requests: 1 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 598C9140EB137D52B402018BC31FEBF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

17
Requests

41 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

12
IPs

6
Countries

315 kB
Transfer

1054 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://livecounter.theyosh.nl/8935.js HTTP 301
  • https://livecounter.theyosh.nl/8935.js
Request Chain 9
  • http://cdn.livecounter.theyosh.nl/8935.html HTTP 301
  • https://cdn.livecounter.theyosh.nl/8935.html

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set five.php
www.bfst.xyz/ 		340 KB
119 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.bfst.xyz/five.php
Protocol
HTTP/1.1
Server
2606:4700:3037::681b:bd12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c38d394afa75f3a162be863e3c6481c0ab0a09d0df6cab011d454cebba478d62

Request headers

Host
www.bfst.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 20:40:10 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d7884c499460835f9ee420f3820e86fd81602535210; expires=Wed, 11-Nov-20 20:40:10 GMT; path=/; domain=.bfst.xyz; HttpOnly; SameSite=Lax
Vary
Accept-Encoding Accept-Encoding
X-Turbo-Charged-By
LiteSpeed
G7Cache-10G
EXPIRED
CF-Cache-Status
DYNAMIC
cf-request-id
05c023d51e00002b1a58b47200000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602535210"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5e13a2683f632b1a-FRA
Content-Encoding
gzip
7028b257c6702101190fa525b7cc585c.js
presumptuouspasswords.com/70/28/b2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://presumptuouspasswords.com/70/28/b2/7028b257c6702101190fa525b7cc585c.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/five.php
Protocol
HTTP/1.1
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://www.bfst.xyz/five.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Oct 2020 20:40:10 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
clappr.min.js
cdn.jsdelivr.net/clappr/latest/ 		517 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/five.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/five.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4029047
x-cache
HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
129736
etag
W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
x-served-by
cache-fra19168-FRA
date
Mon, 12 Oct 2020 20:40:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/clappr.level-selector/latest/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/five.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/five.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
3444577
x-cache
HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
3061
etag
W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
x-served-by
cache-fra19168-FRA
date
Mon, 12 Oct 2020 20:40:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
hlsjs-p2p-engine.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/five.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
815ad19de0c36aa2349618b875a1b275755c78115359305d1bea97762700e3ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/five.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
17782
x-cache
HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
29401
etag
W/"18868-wsqMiWrUQ2G3x6qtJpuhXL95XmY"
x-served-by
cache-fra19168-FRA
date
Mon, 12 Oct 2020 20:40:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clappr-plugin.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/five.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
75bd806cedfbb8345056d85741118c48d3d54b910410e9845a4f8d5073eeb558
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/five.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
25654
x-cache
HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
1137
etag
W/"b7a-xrHVogjSh9UgCA6avhjMzbTd9uk"
x-served-by
cache-fra19168-FRA
date
Mon, 12 Oct 2020 20:40:10 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
d.js
waust.at/ 		13 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://waust.at/d.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/five.php
Protocol
HTTP/1.1
Server
2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Referer
http://www.bfst.xyz/five.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 20:40:10 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1920
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
05c023d74c0000175a5da7c200000001
last-modified
Mon, 05 Oct 2020 15:47:10 GMT
Server
cloudflare
etag
W/"5f7b3ffe-3444"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602535211"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
CF-RAY
5e13a26bac9e175a-FRA
expires
Tue, 13 Oct 2020 20:08:10 GMT
8935.js
livecounter.theyosh.nl/
Redirect Chain
  • http://livecounter.theyosh.nl/8935.js
  • https://livecounter.theyosh.nl/8935.js
374 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://livecounter.theyosh.nl/8935.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/five.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:470:1f0a:716::2 , Russian Federation, ASN6939 (HURRICANE, US),
Reverse DNS
Software
nginx /
Resource Hash
d39584af654bfe9668855dc03d0b61cc679a56b3c2648e5fe54c5e1c544d78f8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.bfst.xyz/five.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-version
LUA:1.0
date
Mon, 12 Oct 2020 20:40:10 GMT
content-encoding
gzip
server
nginx
status
200
strict-transport-security
max-age=15768000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=691200
expires
Tue, 20 Oct 2020 20:40:10 GMT

Redirect headers

X-Version
LUA:1.0
Date
Mon, 12 Oct 2020 20:40:10 GMT
Server
nginx
Location
https://livecounter.theyosh.nl/8935.js
Strict-Transport-Security
max-age=15768000
Content-Type
text/html
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
162
compatibility.js
celeritascdn.com/script/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://celeritascdn.com/script/compatibility.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/five.php
Protocol
HTTP/1.1
Server
2606:4700::6811:c46b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer
http://www.bfst.xyz/five.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 20:40:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
1392
X-GUploader-UploadID
ABg5-UxkH0G-9-4VoNWEwVI0tS5BuUlU7cUGfFLQWBJjmNgGxxdIQrWo11Vs0yHVqzX_2GDCmkyR1_Hekw-Z5KAbFEE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Type
application/javascript
cf-request-id
05c023d79500002bd262936200000001
Last-Modified
Tue, 15 Sep 2020 12:10:32 GMT
Server
cloudflare
ETag
W/"c2bbc1e2544049cb035c321919bef2bc"
Vary
Accept-Encoding
x-goog-hash
crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
x-goog-generation
1600171832181211
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
20647
CF-RAY
5e13a26c2c3a2bd2-FRA
Expires
Tue, 13 Oct 2020 00:40:10 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/five.php
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
http://www.bfst.xyz/five.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 20:35:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"-375139978"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4746
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
X-IPLB-Request-ID
B99CAF83:93F4_2E69C9F0:0050_5F84BF2A_2D0AE:A8E2
Content-Length
4547
X-Request-ID
344689167
8935.html
cdn.livecounter.theyosh.nl/ Frame B1E7
Redirect Chain
  • http://cdn.livecounter.theyosh.nl/8935.html
  • https://cdn.livecounter.theyosh.nl/8935.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.livecounter.theyosh.nl/8935.html
Requested by
Host: livecounter.theyosh.nl
URL: http://livecounter.theyosh.nl/8935.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1a28:1510:9::5271 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
cdn.livecounter.theyosh.nl
:scheme
https
:path
/8935.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.bfst.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bfst.xyz/

Response headers

status
200
server
nginx
date
Mon, 12 Oct 2020 20:40:11 GMT
content-type
text/html; charset=utf-8
expires
Fri, 16 Oct 2020 10:27:17 GMT
cache-control
max-age=691200
x-version
LUA:1.0
access-control-allow-origin
*
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 12 Oct 2020 20:40:11 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://cdn.livecounter.theyosh.nl/8935.html
Strict-Transport-Security
max-age=15768000
X-Content-Type-Options
nosniff
X-XSS-Protection
1
Referrer-Policy
strict-origin-when-cross-origin
index.m3u8
34.120.21.99/live/e/ 		0
0
Cookie set identify.html
ufpcdn.com/script/ Frame 598C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/five.php
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:3647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
ufpcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.bfst.xyz/five.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bfst.xyz/five.php

Response headers

Date
Mon, 12 Oct 2020 20:40:11 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d60989d3ff25765ed4f41e2e59050af991602535210; expires=Wed, 11-Nov-20 20:40:10 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=ae727899cea21a647075299911adf31f0fa4f40f-1602535211-1800-ATsIc+MO+XAfluKP8dcwBgH/SKT20fbYWZ/cMU/qVmvdziesmV8z37Unk+Ju+jEBzmQDtA7A70rUBzL74g22AaA=; path=/; expires=Mon, 12-Oct-20 21:10:11 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
05c023d7ef000005f9e1274200000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602535211"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5e13a26cbb9305f9-FRA
Content-Encoding
gzip
0.php
s4.histats.com/stats/ 		51 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4275943&@f16&@g1&@h1&@i1&@j1602535210979&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:48035786&@b3:1602535211&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fwww.bfst.xyz%2Ffive.php&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.0.58 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500326.ip-192-99-0.net
Software
/
Resource Hash
62d6e2c2fdfe6fac76c9cc0b01d04242e637d788071df02970f104977218df5a

Request headers

Referer
http://www.bfst.xyz/five.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 20:40:11 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
suurl.php
onclickgenius.com/script/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://onclickgenius.com/script/suurl.php?r=2466091&cbrandom=0.07689444431269021&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/five.php
Protocol
HTTP/1.1
Server
35.190.71.96 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.71.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
cb846f334e9b58c71e80c82aae3150fa702a40c592509028ccbd42c583cbfb5f

Request headers

Referer
http://www.bfst.xyz/five.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 12 Oct 2020 20:40:11 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
openresty
Via
1.1 google
Content-Type
application/javascript; charset=utf-8
chrome.js
celeritascdn.com/script/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://celeritascdn.com/script/chrome.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/five.php
Protocol
HTTP/1.1
Server
2606:4700::6811:c46b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer
http://www.bfst.xyz/five.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 20:40:11 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
350
X-GUploader-UploadID
ABg5-UzjdAhGvQK2XT7EqUMQ0h8TtggLA284hfvePTwegnuGVGTu-5C9Tv5kRLeA57rkuqI3C-TTPniuONITlOrjN9fAqlU3Sg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Type
application/javascript
cf-request-id
05c023d8b300002bd262942200000001
Last-Modified
Mon, 14 Sep 2020 09:15:29 GMT
Server
cloudflare
ETag
W/"ef6565ab259dafbc08468b4d0bb46762"
Vary
Accept-Encoding
x-goog-hash
crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
x-goog-generation
1600074929755781
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
37300
CF-RAY
5e13a26de8e22bd2-FRA
Expires
Tue, 13 Oct 2020 00:40:11 GMT
index.m3u8
34.120.21.99/live/e/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
34.120.21.99
URL
http://34.120.21.99/live/e/index.m3u8
Domain
34.120.21.99
URL
http://34.120.21.99/live/e/index.m3u8

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| trustedTypes string| DBs object| tyg object| _0x3f76 function| _0x5339 object| adcashMacros object| zoneSett object| urls object| iceConfig object| _0x585b function| _0x1442 function| runAdblock object| _0x4c8a function| _0xddae function| acPrefetch object| CTABPu string| b function| Zepto function| $ object| Clappr function| LevelSelector boolean| p2ploadedHls function| P2PEngine function| CDNByeClapprPlugin object| _Hasync object| playerElement object| player object| _wau string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| _0x30a0 function| ufpAttach object| CTAMAT number| delay object| adcashUfp function| chfh function| chfh2 string| _HST_cntval object| Histats object| _0x756f object| Cnac object| stamat function| NqPnfu452479513672728 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| _HistatsCounterGraphics_0_setValues object| _adas_v211fa function| jonIUBFjnvJDNvluc0.4789173154922548

0 Cookies