urlscan.io logo urlscan.io
SecurityTrails logo

www.bfst.xyz Open in urlscan Pro
2606:4700:3031::ac43:dbcc  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.bfst.xyz/one.php
Submission: On June 19 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 6 countries across 10 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3031::ac43:dbcc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bfst.xyz.
This is the only time www.bfst.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.243.59.12 39572 (ADVANCEDH...)
4 2a04:4e42:1b:... 54113 (FASTLY)
1 185.225.208.133 13213 (UK2NET-AS)
1 2001:470:1f0a... 6939 (HURRICANE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
7 34.120.242.131 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.99.8.28 16276 (OVH)
1 35.190.71.96 15169 (GOOGLE)
1 2a00:1a28:151... 42708 (PORTLANE ...)
1 67.202.94.94 32748 (STEADFAST)
25 14
1    2606:4700:3031::ac43:dbcc (United States)

ASN13335 (CLOUDFLARENET, US)
www.bfst.xyz
1    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
zlsvr3xybeh4.com
4    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)
waust.at
1    2001:470:1f0a:716::2 (United States)

ASN6939 (HURRICANE, US)
livecounter.theyosh.nl
2    2606:4700::6811:c36b (United States)

ASN13335 (CLOUDFLARENET, US)
celeritascdn.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
7    34.120.242.131 (United States)

ASN15169 (GOOGLE, US)
cdn5.bfst.xyz
1    2606:4700:3034::6812:3647 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
1    192.99.8.28 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net
s4.histats.com
1    35.190.71.96 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com
onclickgenius.com
1    2a00:1a28:1510:9::5271 (Stockholm, Sweden)

ASN42708 (PORTLANE www.portlane.com, SE)
cdn.livecounter.theyosh.nl
1    67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
Domain Requested by
7 cdn5.bfst.xyz cdn.jsdelivr.net
4 cdn.jsdelivr.net www.bfst.xyz
2 celeritascdn.com www.bfst.xyz
1 whos.amung.us waust.at
1 cdn.livecounter.theyosh.nl livecounter.theyosh.nl
1 onclickgenius.com www.bfst.xyz
1 s4.histats.com s10.histats.com
1 ufpcdn.com www.bfst.xyz
1 s10.histats.com www.bfst.xyz
1 livecounter.theyosh.nl www.bfst.xyz
1 waust.at www.bfst.xyz
1 zlsvr3xybeh4.com www.bfst.xyz
1 www.bfst.xyz
25 13

This site contains no links.

Subject Issuer Validity Valid
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-06-08 -
2021-04-17		 10 months crt.sh
theyosh.nl
Let's Encrypt Authority X3		 2020-06-14 -
2020-09-12		 3 months crt.sh
histats.com
Let's Encrypt Authority X3		 2020-06-15 -
2020-09-13		 3 months crt.sh
cdn.livecounter.theyosh.nl
Let's Encrypt Authority X3		 2020-05-13 -
2020-08-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://www.bfst.xyz/one.php
Frame ID: EEC0BDB14CBDFCF1A2B583B0387D961C
Requests: 26 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 5C95672FAEF19C37A13A3961568CE33A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.livecounter.theyosh.nl/8935.html
Frame ID: F5236C34B8FD7986270821CFFD908CAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

25
Requests

28 %
HTTPS

46 %
IPv6

10
Domains

13
Subdomains

14
IPs

6
Countries

15615 kB
Transfer

19507 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://livecounter.theyosh.nl/8935.js HTTP 307
  • https://livecounter.theyosh.nl/8935.js
Request Chain 19
  • http://cdn.livecounter.theyosh.nl/8935.html HTTP 307
  • https://cdn.livecounter.theyosh.nl/8935.html

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set one.php
www.bfst.xyz/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:dbcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d57c7bdaa385418b509111f31cf22ff70751e41ecb49e9d5fd6da5309d569f4f

Request headers

Host
www.bfst.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 21:04:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d4b8cd8e84544651c17ff088429a1ba4b1592600687; expires=Sun, 19-Jul-20 21:04:47 GMT; path=/; domain=.bfst.xyz; HttpOnly; SameSite=Lax
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
cf-request-id
036fff0d780000dfb7b1259200000001
Server
cloudflare
CF-RAY
5a60345bf8a5dfb7-FRA
Content-Encoding
gzip
7028b257c6702101190fa525b7cc585c.js
zlsvr3xybeh4.com/70/28/b2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://zlsvr3xybeh4.com/70/28/b2/7028b257c6702101190fa525b7cc585c.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 19 Jun 2020 21:04:48 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
clappr.min.js
cdn.jsdelivr.net/clappr/latest/ 		517 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
3678609
x-cache
HIT, HIT
status
200
content-length
129747
etag
W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
x-served-by
cache-fra19174-FRA, cache-hhn4075-HHN
date
Fri, 19 Jun 2020 21:04:48 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/clappr.level-selector/latest/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2357507
x-cache
HIT, HIT
status
200
content-length
3061
etag
W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
x-served-by
cache-fra19136-FRA, cache-hhn4075-HHN
date
Fri, 19 Jun 2020 21:04:48 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
hlsjs-p2p-engine.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b2a9fc33b4980b4cb6942220c4da3aa782629e2450d4a39e6acf42acd52caae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
17476
x-cache
HIT, HIT
status
200
content-length
29239
etag
W/"1850f-ACFBIfepBOijzuyYJFNAHQLVjG4"
x-served-by
cache-fra19153-FRA, cache-hhn4075-HHN
date
Fri, 19 Jun 2020 21:04:48 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
clappr-plugin.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce60f4e35b1f1620ec5b5bcc3d32bd4951cce874d6628123f1c99ab6cd484c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
16769
x-cache
HIT, HIT
status
200
content-length
1083
etag
W/"a20-r6MbaNsbksPGr5OB89oRhWgkI2I"
x-served-by
cache-fra19172-FRA, cache-hhn4075-HHN
date
Fri, 19 Jun 2020 21:04:48 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
c.js
waust.at/ 		12 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://waust.at/c.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
1ac9d30429f149441d207de5b86e67f4101468d6c4981b1bddf33db4352ad0c5

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 21:04:48 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Jun 2020 19:57:35 GMT
ETag
W/"5ee6812f-2e43"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Connection
keep-alive
Expires
Sat, 20 Jun 2020 21:04:48 GMT
8935.js
livecounter.theyosh.nl/
Redirect Chain
  • http://livecounter.theyosh.nl/8935.js
  • https://livecounter.theyosh.nl/8935.js
374 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://livecounter.theyosh.nl/8935.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:470:1f0a:716::2 , United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software
nginx /
Resource Hash
d39584af654bfe9668855dc03d0b61cc679a56b3c2648e5fe54c5e1c544d78f8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-version
LUA:1.0
date
Fri, 19 Jun 2020 21:04:48 GMT
content-encoding
gzip
server
nginx
status
200
strict-transport-security
max-age=15768000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=691200
expires
Sat, 27 Jun 2020 21:04:48 GMT

Redirect headers

Location
https://livecounter.theyosh.nl/8935.js
Non-Authoritative-Reason
HSTS
compatibility.js
celeritascdn.com/script/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://celeritascdn.com/script/compatibility.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
2606:4700::6811:c36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5276e699eefcca56527509303965669f35a103318eb08f276ada469db48ba1e2

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 21:04:48 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
101
X-GUploader-UploadID
AAANsUn9i5qLGZ5zw9tc_20sUj1H6P386gd5u8hlJuQ7EJUuMaWs1jWVQHzsz-i5Cwb1t_KWu49Fef9aE_RfS5TW7EzIf8Pmww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Type
application/javascript
cf-request-id
036fff0ed5000005d08b0e5200000001
Last-Modified
Wed, 10 Jun 2020 10:22:53 GMT
Server
cloudflare
ETag
W/"da6e17e31183342946b4e67aa796c7e5"
Vary
Accept-Encoding
x-goog-hash
crc32c=EjspVA==, md5=2m4X4xGDNClGtOZ6p5bH5Q==
x-goog-generation
1591784573696789
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
20454
CF-RAY
5a60345e2a9405d0-FRA
Expires
Sat, 20 Jun 2020 01:04:48 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 20:57:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"-375139978"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
32123
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4547
X-Request-ID
954864066
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
index.m3u8
cdn5.bfst.xyz/live/a/ 		275 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://cdn5.bfst.xyz/live/a/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.242.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
45751167344e5194c86a02caa9c289c2e2e06f4e9d8bca888e6e84ae0f498fd3

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 21:04:48 GMT
Via
1.1 google
Last-Modified
Fri, 19 Jun 2020 21:04:39 GMT
Server
nginx/1.12.2
ETag
"5eed2867-113"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
275
Cookie set identify.html
ufpcdn.com/script/ Frame 5C95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:3647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
ufpcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.bfst.xyz/one.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bfst.xyz/one.php

Response headers

Date
Fri, 19 Jun 2020 21:04:48 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d57d53cbae88deb4c6f56df64cb1e5f561592600688; expires=Sun, 19-Jul-20 21:04:48 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=c414084244486601246a6d7405c22fa133a37476-1592600688-1800-ASMouUd6V5gqKQYzPcj3YvefvJhF7RTeZRUOeta+gMv2FH0b6DV7GWvv9K9VI8RyE8i2hpQ+caR8swWsuHYup3g=; path=/; expires=Fri, 19-Jun-20 21:34:48 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
036fff0f3c00000610acba8200000001
Server
cloudflare
CF-RAY
5a60345ecc3c0610-FRA
Content-Encoding
gzip
0.php
s4.histats.com/stats/ 		50 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4275943&@f16&@g1&@h1&@i1&@j1592600688436&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:18361241&@b3:1592600688&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fwww.bfst.xyz%2Fone.php&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
20e35b698954de09344400d58fe71cea72d9d075d74c771341fc964cec563bf2

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 21:04:48 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8
index.m3u8
cdn5.bfst.xyz/live/a/ 		275 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://cdn5.bfst.xyz/live/a/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.242.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
93cca4066f3908a818c05b76cc411449996fcfcf3ff541a4c0762b2764f36176

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 21:04:48 GMT
Via
1.1 google
Last-Modified
Fri, 19 Jun 2020 21:04:39 GMT
Server
nginx/1.12.2
ETag
"5eed2867-113"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
275
1592600649672.ts
cdn5.bfst.xyz/live/a/ 		0
0
4b1422ae-4cbb-4676-b6d8-7a7c89f4492b
http://www.bfst.xyz/ 		62 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.bfst.xyz/4b1422ae-4cbb-4676-b6d8-7a7c89f4492b
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3fbf1f4fd736c11a29c08193067b2abfd3714e9bea25bfebe66ada96dcec63be

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
63944
Content-Type
text/javascript
suurl.php
onclickgenius.com/script/ 		0
162 B 		Script
General
Check archive.org
Download Go to
Full URL
http://onclickgenius.com/script/suurl.php?r=2466091&cbrandom=0.3147446944539998&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com&ufp=20824979786589913771304174430
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
35.190.71.96 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.71.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 19 Jun 2020 21:04:48 GMT
Via
1.1 google
Referrer-Policy
no-referrer
Server
openresty
chrome.js
celeritascdn.com/script/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://celeritascdn.com/script/chrome.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
2606:4700::6811:c36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3a6d0687bc6cd69e27955c3051fa89152fb07c558184d2873c02764d531b5e

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 21:04:48 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
2527
X-GUploader-UploadID
AAANsUlysVrlpgpJhyUPKiCi6OtxvKOJcVMv6m9EIvggLFCvgopJEfhQmdVfOpdr8L-Ljrx97_Dk1seQo1jQzqFxOoQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Type
application/javascript
cf-request-id
036fff0fc9000005d08b0f9200000001
Last-Modified
Wed, 10 Jun 2020 10:22:54 GMT
Server
cloudflare
ETag
W/"1f956080b1d0e84c1bb00c4c1b61a30e"
Vary
Accept-Encoding
x-goog-hash
crc32c=82Zyjw==, md5=H5VggLHQ6EwbsAxMG2GjDg==
x-goog-generation
1591784574647143
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
37268
CF-RAY
5a60345fae7f05d0-FRA
Expires
Sat, 20 Jun 2020 01:04:48 GMT
8935.html
cdn.livecounter.theyosh.nl/ Frame F523
Redirect Chain
  • http://cdn.livecounter.theyosh.nl/8935.html
  • https://cdn.livecounter.theyosh.nl/8935.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.livecounter.theyosh.nl/8935.html
Requested by
Host: livecounter.theyosh.nl
URL: https://livecounter.theyosh.nl/8935.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1a28:1510:9::5271 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
cdn.livecounter.theyosh.nl
:scheme
https
:path
/8935.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.bfst.xyz/one.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bfst.xyz/one.php

Response headers

status
200
server
nginx
date
Fri, 19 Jun 2020 21:04:48 GMT
content-type
text/html; charset=utf-8
expires
Fri, 26 Jun 2020 09:42:09 GMT
cache-control
max-age=691200
x-version
LUA:1.0
access-control-allow-origin
*
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip

Redirect headers

Location
https://cdn.livecounter.theyosh.nl/8935.html
Non-Authoritative-Reason
HSTS
/
whos.amung.us/pingjs/ 		31 B
215 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=2rn7r5r64q&t=&c=c&y=&a=0&d=0.832&v=22&r=3498
Requested by
Host: waust.at
URL: http://waust.at/c.js
Protocol
HTTP/1.1
Server
67.202.94.94 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
e2f8336bb08aaba0344e788b78fae019eaaef6aaa843c0ce91f1d91fd794b716

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Jun 2020 21:04:48 GMT
content-encoding
gzip
transfer-encoding
chunked
content-type
text/javascript;charset=UTF-8
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
1592600649657.ts
cdn5.bfst.xyz/live/a/ 		8 MB
8 MB 		XHR
General
Check archive.org
Download Go to
Full URL
http://cdn5.bfst.xyz/live/a/1592600649657.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.242.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 21:04:49 GMT
Via
1.1 google
Last-Modified
Fri, 19 Jun 2020 21:04:19 GMT
Server
nginx/1.12.2
ETag
"5eed2853-7c6e40"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
8154688
1592600659658.ts
cdn5.bfst.xyz/live/a/ 		7 MB
7 MB 		XHR
General
Check archive.org
Download Go to
Full URL
http://cdn5.bfst.xyz/live/a/1592600659658.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.242.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 21:04:51 GMT
Via
1.1 google
Last-Modified
Fri, 19 Jun 2020 21:04:29 GMT
Server
nginx/1.12.2
ETag
"5eed285d-746be0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
7629792
1592600669642.ts
cdn5.bfst.xyz/live/a/ 		3 MB
0 		XHR
General
Check archive.org
Download Go to
Full URL
http://cdn5.bfst.xyz/live/a/1592600669642.ts
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.242.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 21:04:53 GMT
Via
1.1 google
Last-Modified
Fri, 19 Jun 2020 21:04:39 GMT
Server
nginx/1.12.2
ETag
"5eed2867-7d6388"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
8217480
index.m3u8
cdn5.bfst.xyz/live/a/ 		275 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://cdn5.bfst.xyz/live/a/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.242.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
8f1641c7d32dd4288b538fb1e4cff38447be4344b0e0178ff208e11c4841b8d1

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 21:04:58 GMT
Via
1.1 google
Last-Modified
Fri, 19 Jun 2020 21:04:49 GMT
Server
nginx/1.12.2
ETag
"5eed2871-113"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
275
index.m3u8
cdn5.bfst.xyz/live/a/ 		275 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://cdn5.bfst.xyz/live/a/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.120.242.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
fb085a9fec65d40dfa045203885a41f5e12aef3b3421a73436e253457449c2d7

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 19 Jun 2020 21:04:58 GMT
Via
1.1 google
Last-Modified
Fri, 19 Jun 2020 21:04:49 GMT
Server
nginx/1.12.2
ETag
"5eed2871-113"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
275

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn5.bfst.xyz
URL
http://cdn5.bfst.xyz/live/a/1592600649672.ts

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _0x3f76 function| _0x5339 object| adcashMacros object| zoneSett object| urls object| iceConfig object| _0x585b function| _0x1442 function| runAdblock object| _0x4c8a function| _0xddae function| acPrefetch object| CTABPu string| b function| Zepto function| $ object| Clappr function| LevelSelector boolean| p2ploaded function| P2PEngine function| CDNByeClapprPlugin object| _Hasync object| playerElement object| player object| _wau object| WAU_ren function| WAU_classic function| WAU_classic_request function| WAU_r_c function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_cps function| docReady object| _0xf5df function| ufpAttach object| CTAMAT number| delay object| adcashUfp function| chfh function| chfh2 string| _HST_cntval object| Histats object| _0x1c4e object| Cnac object| stamat function| NqPnfu2464467203611309 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| _HistatsCounterGraphics_0_setValues object| x string| x1 string| x2

11 Cookies

Domain/Path Name / Value
.ufpcdn.com/ Name: __cf_bm
Value: c414084244486601246a6d7405c22fa133a37476-1592600688-1800-ASMouUd6V5gqKQYzPcj3YvefvJhF7RTeZRUOeta+gMv2FH0b6DV7GWvv9K9VI8RyE8i2hpQ+caR8swWsuHYup3g=
www.bfst.xyz/ Name: adcashufpv3
Value: 20824979786589913771304174430
www.bfst.xyz/ Name: HstPt4275943
Value: 1
www.bfst.xyz/ Name: HstCnv4275943
Value: 1
www.bfst.xyz/ Name: HstCla4275943
Value: 1592600688436
www.bfst.xyz/ Name: HstCns4275943
Value: 1
www.bfst.xyz/ Name: HstCmu4275943
Value: 1592600688436
www.bfst.xyz/ Name: HstPn4275943
Value: 1
www.bfst.xyz/ Name: HstCfa4275943
Value: 1592600688436
ufpcdn.com/ Name: adcashufpv3
Value: 20824979786589913771304174430
.bfst.xyz/ Name: __cfduid
Value: d4b8cd8e84544651c17ff088429a1ba4b1592600687

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.livecounter.theyosh.nl
cdn5.bfst.xyz
celeritascdn.com
livecounter.theyosh.nl
onclickgenius.com
s10.histats.com
s4.histats.com
ufpcdn.com
waust.at
whos.amung.us
www.bfst.xyz
zlsvr3xybeh4.com
cdn5.bfst.xyz
185.225.208.133
192.243.59.12
192.99.8.28
2001:470:1f0a:716::2
2606:4700:3031::ac43:dbcc
2606:4700:3034::6812:3647
2606:4700::6811:c36b
2a00:1a28:1510:9::5271
2a04:4e42:1b::621
34.120.242.131
35.190.71.96
46.105.201.240
67.202.94.94
1ac9d30429f149441d207de5b86e67f4101468d6c4981b1bddf33db4352ad0c5
20e35b698954de09344400d58fe71cea72d9d075d74c771341fc964cec563bf2
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3fbf1f4fd736c11a29c08193067b2abfd3714e9bea25bfebe66ada96dcec63be
45751167344e5194c86a02caa9c289c2e2e06f4e9d8bca888e6e84ae0f498fd3
5276e699eefcca56527509303965669f35a103318eb08f276ada469db48ba1e2
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
8f1641c7d32dd4288b538fb1e4cff38447be4344b0e0178ff208e11c4841b8d1
93cca4066f3908a818c05b76cc411449996fcfcf3ff541a4c0762b2764f36176
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
b2a9fc33b4980b4cb6942220c4da3aa782629e2450d4a39e6acf42acd52caae6
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
ce60f4e35b1f1620ec5b5bcc3d32bd4951cce874d6628123f1c99ab6cd484c55
d39584af654bfe9668855dc03d0b61cc679a56b3c2648e5fe54c5e1c544d78f8
d57c7bdaa385418b509111f31cf22ff70751e41ecb49e9d5fd6da5309d569f4f
e2f8336bb08aaba0344e788b78fae019eaaef6aaa843c0ce91f1d91fd794b716
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb085a9fec65d40dfa045203885a41f5e12aef3b3421a73436e253457449c2d7
ff3a6d0687bc6cd69e27955c3051fa89152fb07c558184d2873c02764d531b5e