Submitted URL: http://bemestarvida.site/
Effective URL: https://bemestarvida.site/presell/
Submission: On December 07 via manual from BR — Scanned from IT

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 28 HTTP transactions. The main IP is 172.67.164.159, located in United States and belongs to CLOUDFLARENET, US. The main domain is bemestarvida.site.
TLS certificate: Issued by WE1 on November 14th 2024. Valid for: 3 months.
This is the only time bemestarvida.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 172.67.164.159 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
3 172.67.184.158 13335 (CLOUDFLAR...)
28 4
Apex Domain
Subdomains
Transfer
14 bemestarvida.site
bemestarvida.site
261 KB
3 cdnfonts.com
fonts.cdnfonts.com — Cisco Umbrella Rank: 8447
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
5 KB
0 facebook.net Failed
connect.facebook.net Failed
0 converteai.net Failed
scripts.converteai.net Failed
images.converteai.net Failed
cdn.converteai.net Failed
28 5
Domain Requested by
14 bemestarvida.site bemestarvida.site
3 fonts.cdnfonts.com bemestarvida.site
fonts.cdnfonts.com
1 cdnjs.cloudflare.com bemestarvida.site
0 connect.facebook.net Failed bemestarvida.site
0 cdn.converteai.net Failed bemestarvida.site
0 images.converteai.net Failed bemestarvida.site
0 scripts.converteai.net Failed bemestarvida.site
28 7

This site contains no links.

Subject Issuer Validity Valid
bemestarvida.site
WE1
2024-11-14 -
2025-02-12
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
cdnfonts.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://bemestarvida.site/presell/
Frame ID: 598AC2FDCA53800283555653DBC67566
Requests: 28 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://bemestarvida.site/ HTTP 307
    https://bemestarvida.site/ Page URL
  2. https://bemestarvida.site/presell/ Page URL

Page Statistics

28
Requests

64 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

4
IPs

2
Countries

268 kB
Transfer

889 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bemestarvida.site/ HTTP 307
    https://bemestarvida.site/ Page URL
  2. https://bemestarvida.site/presell/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bemestarvida.site/ HTTP 307
  • https://bemestarvida.site/

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
bemestarvida.site/
Redirect Chain
  • http://bemestarvida.site/
  • https://bemestarvida.site/
238 B
812 B
Document
General
Full URL
https://bemestarvida.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94206693bc579c3b155f39b88ada8022c6edccd4213e7cfc965065077c84a2fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ee703d11c798f41-FRA
content-encoding
zstd
content-type
text/html
date
Sat, 07 Dec 2024 19:45:14 GMT
last-modified
Sat, 16 Nov 2024 02:50:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqsZj%2BtS1aY5%2Bm4cWDqCADS9xbLdy%2BR5d7vVbufjQol5AXQxzEkUcm6m4NEmHZUfO4Fv7xzvaMZU6AqzghhAHRyMGCZ0iJ19nglSKG56lPMEHMUmz%2FHcQrl%2FZ2kCfNrfuXt5Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=30458&min_rtt=27958&rtt_var=12845&sent=8&recv=8&lost=0&retrans=0&sent_bytes=3890&recv_bytes=2289&delivery_rate=136715&cwnd=251&unsent_bytes=0&cid=74826344e2f0e0da&ts=374&x=0"
vary
Accept-Encoding

Redirect headers

Location
https://bemestarvida.site/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
bemestarvida.site/presell/
38 KB
11 KB
Document
General
Full URL
https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e527e25b9e3bbc3c377d954877f01a4701c96892cf9b1711eb3553c194b09846

Request headers

Referer
https://bemestarvida.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ee703d33f5d8f41-FRA
content-encoding
zstd
content-type
text/html
date
Sat, 07 Dec 2024 19:45:15 GMT
last-modified
Thu, 21 Nov 2024 17:21:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pWrKF%2Bk61Uq%2FGTX3hzoO1xXxsfdb36hGpgqjzOGzn45vp6o3cAD4Pk%2BUHGIETMEDYYoop6WLH2rhPRg7OkmUZijafriZZeP%2B4hQk0vWCyOfISrH%2Fc4UMpPUzPYzUXLqU86VTdg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=29903&min_rtt=27958&rtt_var=8184&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5522&recv_bytes=2505&delivery_rate=136715&cwnd=255&unsent_bytes=0&cid=74826344e2f0e0da&ts=724&x=0"
vary
Accept-Encoding
favicon.ico
bemestarvida.site/
279 B
688 B
Other
General
Full URL
https://bemestarvida.site/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bemestarvida.site/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRvGR8QoHnkFh32rem05czOAfa3vP%2BPD3Nn0dCToIwTzIlYAxmBby8525vh51qXPsGW1%2FvkdLIqhp2pQbRlh8YMdGwWFeOfoz0MZ2CPqXMOTXg7R79VJsprzh67O6lCrRllE9g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ee703d33f5c8f41-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=30156&min_rtt=27958&rtt_var=10237&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4768&recv_bytes=2505&delivery_rate=136715&cwnd=253&unsent_bytes=0&cid=74826344e2f0e0da&ts=563&x=0"
date
Sat, 07 Dec 2024 19:45:14 GMT
content-type
text/html; charset=iso-8859-1
vary
Accept-Encoding
server
cloudflare
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bemestarvida.site
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5f5628a2-11846"
age
836604
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8tlRBpKrVtfdwaPYRLLyIL%2FNqNtDFXoqeeuGgK5e5dbz%2BdCvlEUE2soLnAs7jBcmAXRJ643CrM6U44qY1R5P4yyNhjNF6aozjDm4BOUXo9FnZgnRmsU55bWuaCjqUhP2xadPJEX"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 19:45:15 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ee703d9af241976-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4216
server
cloudflare
rift-soft-2
fonts.cdnfonts.com/css/
2 KB
904 B
Stylesheet
General
Full URL
https://fonts.cdnfonts.com/css/rift-soft-2
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a21fbb915f790da4c5b075c8a7f06df0140db216c4bf9caee27fb5fae2793b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bemestarvida.site/

Response headers

cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
1736638
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PWhWi4X4HHpmEwdurC2IBWmyrYTdADWKTMqz8ktEn24GOloTwj9UBPO9UX1IOZhBSaSYMv4wpHZcQC2sTPS%2FayPakRDW%2F1s%2FPF3lJbaut2g5V%2F1q13YT6c9fygzRK9jRW1AgucA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ee703d97bf4d247-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=10490&min_rtt=10189&rtt_var=3418&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3930&recv_bytes=2294&delivery_rate=351848&cwnd=248&unsent_bytes=0&cid=3f30a516d535f944&ts=89&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
last-modified
Sun, 17 Nov 2024 17:21:17 GMT
sf-ui-display
fonts.cdnfonts.com/css/
2 KB
760 B
Stylesheet
General
Full URL
https://fonts.cdnfonts.com/css/sf-ui-display
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44deeb8db95ea8810c40490cdd8545a651358737ea0be0947a6cfa1a56b04aeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bemestarvida.site/

Response headers

cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
653854
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1jjcr7MC8M8BKWg%2BbkYDUm%2FPwSiEaQmV9m8Urs%2BxZIavMoVKo4LSg9K%2B8nNcsUtXoy9vP0ECCEOLX5H17wnmzYAC6zGBiAvw1466DhVKtYgYVbiNg50EAW60y4%2B52gvetB6ljWI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ee703d97bf7d247-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=10490&min_rtt=10189&rtt_var=3418&sent=9&recv=8&lost=0&retrans=0&sent_bytes=4900&recv_bytes=2294&delivery_rate=351848&cwnd=248&unsent_bytes=0&cid=3f30a516d535f944&ts=89&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
last-modified
Sat, 30 Nov 2024 06:07:41 GMT
instagram-sans-2
fonts.cdnfonts.com/css/
1 KB
674 B
Stylesheet
General
Full URL
https://fonts.cdnfonts.com/css/instagram-sans-2
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d71c770ebbbadcf354c64ea0e4cad1506e154ccd58a82ea935d0055493d3fe1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bemestarvida.site/

Response headers

cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
1451723
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vAv%2B2nca3zStyEa%2B7hDa%2BsOyXjwJ8tcRCgdBWk2KXHnFu3wuIWkdymCMQS5W2SFyV0SYozC%2F31qiwVtoyJAAuWwptDrVD5CnDMEA%2FFAFq9ONAAnWB4XC0XKYP%2F1i0K%2FwMWCq%2BTw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ee703d97bfad247-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=10490&min_rtt=10189&rtt_var=3418&sent=12&recv=8&lost=0&retrans=0&sent_bytes=5726&recv_bytes=2294&delivery_rate=351848&cwnd=248&unsent_bytes=0&cid=3f30a516d535f944&ts=90&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
last-modified
Thu, 21 Nov 2024 00:29:52 GMT
player.js
scripts.converteai.net/c2f685e0-76e3-41ed-953c-9ca805c954e6/players/67353151c47cdc000bd9ef13/
0
0

smartplayer.min.js
scripts.converteai.net/lib/js/smartplayer/v1/
0
0

thumbnail.jpg
images.converteai.net/c2f685e0-76e3-41ed-953c-9ca805c954e6/players/67353151c47cdc000bd9ef13/
0
0

main.m3u8
cdn.converteai.net/c2f685e0-76e3-41ed-953c-9ca805c954e6/6735311fc47cdc000bd9eec4/
0
0

player.js
scripts.converteai.net/c2f685e0-76e3-41ed-953c-9ca805c954e6/players/67360c1f2eb080000b6d5855/
0
0

thumbnail.jpg
images.converteai.net/c2f685e0-76e3-41ed-953c-9ca805c954e6/players/67360c1f2eb080000b6d5855/
0
0

main.m3u8
cdn.converteai.net/c2f685e0-76e3-41ed-953c-9ca805c954e6/67360bf8dc7073000cacc0a0/
0
0

998006aeaf8bd950.css
bemestarvida.site/presell/_next/static/css/
37 KB
8 KB
Stylesheet
General
Full URL
https://bemestarvida.site/presell/_next/static/css/998006aeaf8bd950.css
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a867285d8f2d3ea5e47d272b17db3f6d6a6f7130a0a968b9ca0811050eacb9ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bemestarvida.site
Referer
https://bemestarvida.site/presell/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"944e-6276f7ff5bb2b-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EuqfBqoTslH1sTCPkMS1x4UMxBcZUZOOyt7od0XW8vUyMLTKjkp8QZxLzejc49UNrEaw069ruR6KYr3HFdlv8OCACeiZiHdLfAyd3bhCvyHqZhK76cFEyZn3q3hjjS93ArQt1w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=34131&min_rtt=27958&rtt_var=12059&sent=76&recv=23&lost=0&retrans=0&sent_bytes=59750&recv_bytes=3584&delivery_rate=540911&cwnd=255&unsent_bytes=21896&cid=74826344e2f0e0da&ts=1157&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/css
last-modified
Thu, 21 Nov 2024 17:21:41 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee703d6eca18f41-FRA
accept-ranges
bytes
content-length
7567
server
cloudflare
d0320de32467736e.css
bemestarvida.site/presell/_next/static/css/
812 B
745 B
Stylesheet
General
Full URL
https://bemestarvida.site/presell/_next/static/css/d0320de32467736e.css
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4a68468230a32268e6d28fd29866bc9c7054e11e57b6d2f201ad63e844c152

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bemestarvida.site
Referer
https://bemestarvida.site/presell/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"32c-6276f7ff02d49-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zvU5Ayy0zHtLHt%2FMc3KLEnxxtFtk62WyweqMjdak0d9QpgwGHpt9PoPmn9jdJr%2FvfmdlqDv1ky0jSmh8vi53lsh2lGe1n6SF5Y5S368MxRt7%2Bvbv%2BTCNY3IllNpgxnoHn95%2FMw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=34131&min_rtt=27958&rtt_var=12059&sent=32&recv=23&lost=0&retrans=0&sent_bytes=16742&recv_bytes=3584&delivery_rate=540911&cwnd=255&unsent_bytes=0&cid=74826344e2f0e0da&ts=1149&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/css
last-modified
Thu, 21 Nov 2024 17:21:41 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee703d6eca38f41-FRA
accept-ranges
bytes
content-length
252
server
cloudflare
webpack-5f79d623f31defb0.js
bemestarvida.site/presell/_next/static/chunks/
2 KB
2 KB
Script
General
Full URL
https://bemestarvida.site/presell/_next/static/chunks/webpack-5f79d623f31defb0.js
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b8bf89677c5e80172351d6b25d2a1dcdb93687719ab8b01f6e5a3b555fec28d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bemestarvida.site
Referer
https://bemestarvida.site/presell/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"8a4-6276f7ffb684d-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1C17c7i%2FtT6paW0goY6Wa6Dgg30xtsJidaiVWTusJ9cdtT3dhvtwNf%2FIk%2FP%2BqbgKzkUele8PUrp5%2BWRv2KfKkR4GjUM%2FuHwntHR2H2HoivhKoRuw1PIAWT3mboen6jEOYR%2FWw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=28254&min_rtt=27951&rtt_var=165&sent=199&recv=67&lost=0&retrans=0&sent_bytes=207667&recv_bytes=3584&delivery_rate=4023587&cwnd=298&unsent_bytes=0&cid=74826344e2f0e0da&ts=1319&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 17:21:42 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee703d6fca88f41-FRA
accept-ranges
bytes
content-length
1054
server
cloudflare
framework-2c0fa632eea9ca9a.js
bemestarvida.site/presell/_next/static/chunks/
138 KB
45 KB
Script
General
Full URL
https://bemestarvida.site/presell/_next/static/chunks/framework-2c0fa632eea9ca9a.js
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9163921f406a112de06bc5c1b178e1e6a771cf457951ce09124071002bf1dd66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bemestarvida.site
Referer
https://bemestarvida.site/presell/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"22695-6276f802304fc-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zLpYDclQpIKfCGz4YapFMy7o%2F1oAKJa%2BUBVCXhSItmhvgkwtk8FJAqNdcqnXYVAmkrlBxUbdzvxZcpRRGzSlPVacyTI6%2By3Ohx5u5mlunjUScpwc90%2For%2F4WFkRLKGMSakFAMA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=28728&min_rtt=27956&rtt_var=737&sent=127&recv=42&lost=0&retrans=0&sent_bytes=119142&recv_bytes=3584&delivery_rate=1542221&cwnd=255&unsent_bytes=29624&cid=74826344e2f0e0da&ts=1187&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 17:21:44 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee703d6fca98f41-FRA
accept-ranges
bytes
content-length
45270
server
cloudflare
main-570fdb53415e1c1f.js
bemestarvida.site/presell/_next/static/chunks/
107 KB
32 KB
Script
General
Full URL
https://bemestarvida.site/presell/_next/static/chunks/main-570fdb53415e1c1f.js
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa12999290cc367403ee5cd7db9d928a1ac0d74afe8ae3ff1ace602490bec3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bemestarvida.site
Referer
https://bemestarvida.site/presell/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1abdf-6276f801d483a-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jp4D5ANu8dSY2Qr9CbA9jpYyMY6d%2Fk%2FK3%2F3ED%2Fgeldw1%2Bbl39XoXFmERaabSz4gpsJnClN6e%2F9WVBdz8rNJcNhOhNUUT2d2uxeWiEicOZQPYtboD8BdmRquJUxEGMCfZSdfHHw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=32689&min_rtt=27958&rtt_var=9283&sent=76&recv=25&lost=0&retrans=0&sent_bytes=59750&recv_bytes=3584&delivery_rate=540911&cwnd=255&unsent_bytes=21896&cid=74826344e2f0e0da&ts=1177&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 17:21:44 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee703d6fcab8f41-FRA
accept-ranges
bytes
content-length
31775
server
cloudflare
_app-ac2d686ea91d93b5.js
bemestarvida.site/presell/_next/static/chunks/pages/
174 KB
62 KB
Script
General
Full URL
https://bemestarvida.site/presell/_next/static/chunks/pages/_app-ac2d686ea91d93b5.js
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93bbdcb3dc8b6ed21594611184ee85d5a70b616f1253600f54f7866ff2b572c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bemestarvida.site
Referer
https://bemestarvida.site/presell/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
"2b8de-6276f800c6014-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rhKxkKod0AiMijpFyB1R0CVHcK63qemH85LCw5QpFfa6JRKMX9uiN%2FmSoUTwyMGxjj%2F6NiNdb7Njz0UU%2FFsknteGOCrBTXdDiBtame8wpPjbgYrATNF5EHaxioJirqQ7e1hMtw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ee703d6fcac8f41-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=28307&min_rtt=27951&rtt_var=93&sent=204&recv=72&lost=0&retrans=0&sent_bytes=210150&recv_bytes=3584&delivery_rate=4023587&cwnd=303&unsent_bytes=0&cid=74826344e2f0e0da&ts=1425&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 17:21:43 GMT
vary
Accept-Encoding
server
cloudflare
75fc9c18-a3798abb334869a5.js
bemestarvida.site/presell/_next/static/chunks/
58 KB
19 KB
Script
General
Full URL
https://bemestarvida.site/presell/_next/static/chunks/75fc9c18-a3798abb334869a5.js
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0ba7ed03fe326bd3e92200e55f53e1c5dd3fc9de5fda7e4bc33bb51aaaf5fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bemestarvida.site
Referer
https://bemestarvida.site/presell/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"e7ae-6276f802e7e81-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QEMfqFudeuRQuJBWBodGMKPbE7kdT4jojVRSOb0746Etn3kUa6zl2S%2FKtjwzRmk7icNOrCCZWQACI6coYSlHXSTZq0AQ4Np4U0t4D5sypzUZWkyhQlHBbqkZZyyF1i2ZjNKm3g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=34131&min_rtt=27958&rtt_var=12059&sent=34&recv=23&lost=0&retrans=0&sent_bytes=17553&recv_bytes=3584&delivery_rate=540911&cwnd=255&unsent_bytes=0&cid=74826344e2f0e0da&ts=1152&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 17:21:45 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee703d6fcad8f41-FRA
accept-ranges
bytes
content-length
18811
server
cloudflare
973-82a84aa4d41d34c2.js
bemestarvida.site/presell/_next/static/chunks/
220 KB
72 KB
Script
General
Full URL
https://bemestarvida.site/presell/_next/static/chunks/973-82a84aa4d41d34c2.js
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a41f5b6bed8ff5f9d2139257f500f796e22bd4e9f03d8ec348976be935703b46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bemestarvida.site
Referer
https://bemestarvida.site/presell/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
"371da-6276f8028e0ff-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FeL2FSKqMUZVOmvdLcbHry2aLD4ZEwPSQXZejTQ8Ix0AIUvqXmS%2FTvDtpmOsE1Lx41%2F4uoAN99%2BnRcUHPjzHiTubznXQ%2F0pdxou9hzX9HEWVRPejP%2B0NqgA32ikkCExrjuhp%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ee703d6fcb08f41-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=34131&min_rtt=27958&rtt_var=12059&sent=55&recv=23&lost=0&retrans=0&sent_bytes=37223&recv_bytes=3584&delivery_rate=540911&cwnd=255&unsent_bytes=0&cid=74826344e2f0e0da&ts=1156&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 17:21:45 GMT
vary
Accept-Encoding
server
cloudflare
index-9079725f41580896.js
bemestarvida.site/presell/_next/static/chunks/pages/
37 KB
9 KB
Script
General
Full URL
https://bemestarvida.site/presell/_next/static/chunks/pages/index-9079725f41580896.js
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3057588dd45080fce49454c375abdd64e0764b04c6b3d5dde44ac6a903a4da4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bemestarvida.site
Referer
https://bemestarvida.site/presell/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"948c-6276f80120d36-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RjsVGn3dBZ%2BNKjEVbgzxpjLl%2BVzMnq77EcbQQV9UPoqHS3WraXx3Ld%2Bx06LFX2xTaRji3PzBYaEPyp3aW5L3%2FLiyYA%2FIcoDEYUg1SBUOfHBgDDvwCkZ%2F0qaDUXE627%2BPFS%2FSVg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=34131&min_rtt=27958&rtt_var=12059&sent=76&recv=23&lost=0&retrans=0&sent_bytes=59750&recv_bytes=3584&delivery_rate=540911&cwnd=255&unsent_bytes=21896&cid=74826344e2f0e0da&ts=1171&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 17:21:43 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee703d6fcb18f41-FRA
accept-ranges
bytes
content-length
8569
server
cloudflare
_buildManifest.js
bemestarvida.site/presell/_next/static/FQm6_TEXMGu5wLtGjDAkl/
475 B
790 B
Script
General
Full URL
https://bemestarvida.site/presell/_next/static/FQm6_TEXMGu5wLtGjDAkl/_buildManifest.js
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8def5a216f0d085e744e83d849592151400cd17a431b22280bb408998bfc82ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bemestarvida.site
Referer
https://bemestarvida.site/presell/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"1db-6276f7fea8fc7-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmaCBAsvunqGUVhA7jawTpN3yaKWwOOYutd%2FY4w5kGZ8ZYfJM565AEaUcbzVv9zeKFc07auJECCUBSTUlPoYVsPEVdeVEi%2F%2Bqsw7bKvBhK9j6gOBDR4ADorMTKj4b3xPNHfWTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=28254&min_rtt=27951&rtt_var=165&sent=202&recv=67&lost=0&retrans=0&sent_bytes=209294&recv_bytes=3584&delivery_rate=4023587&cwnd=298&unsent_bytes=0&cid=74826344e2f0e0da&ts=1328&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 17:21:41 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee703d6fcb28f41-FRA
accept-ranges
bytes
content-length
290
server
cloudflare
_ssgManifest.js
bemestarvida.site/presell/_next/static/FQm6_TEXMGu5wLtGjDAkl/
77 B
551 B
Script
General
Full URL
https://bemestarvida.site/presell/_next/static/FQm6_TEXMGu5wLtGjDAkl/_ssgManifest.js
Requested by
Host: bemestarvida.site
URL: https://bemestarvida.site/presell/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.164.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bemestarvida.site
Referer
https://bemestarvida.site/presell/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"4d-6276f7fe4f245-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FT3QANg6BlqVlVSEQUZHGHr%2FqjSNOb16JfV0RYC9Nxn342ftf4JDgbdKpNguW447Iy3GOZzGkj8ik1i7Yqvvi4TNKkPevZxv1abehUYSyHioGSE3IeIAbwURXGZFU44mTurSNw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=29137&min_rtt=27956&rtt_var=2083&sent=92&recv=36&lost=0&retrans=0&sent_bytes=78183&recv_bytes=3584&delivery_rate=923642&cwnd=255&unsent_bytes=21896&cid=74826344e2f0e0da&ts=1184&x=0"
date
Sat, 07 Dec 2024 19:45:15 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 17:21:40 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee703d71cda8f41-FRA
accept-ranges
bytes
content-length
61
server
cloudflare
Instagram%20Sans%20Bold.woff
fonts.cdnfonts.com/s/93599/
0
0

sf-ui-display-medium-58646be638f96.woff
fonts.cdnfonts.com/s/14247/
0
0

fbevents.js
connect.facebook.net/en_US/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
scripts.converteai.net
URL
https://scripts.converteai.net/c2f685e0-76e3-41ed-953c-9ca805c954e6/players/67353151c47cdc000bd9ef13/player.js
Domain
scripts.converteai.net
URL
https://scripts.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Domain
images.converteai.net
URL
https://images.converteai.net/c2f685e0-76e3-41ed-953c-9ca805c954e6/players/67353151c47cdc000bd9ef13/thumbnail.jpg
Domain
cdn.converteai.net
URL
https://cdn.converteai.net/c2f685e0-76e3-41ed-953c-9ca805c954e6/6735311fc47cdc000bd9eec4/main.m3u8
Domain
scripts.converteai.net
URL
https://scripts.converteai.net/c2f685e0-76e3-41ed-953c-9ca805c954e6/players/67360c1f2eb080000b6d5855/player.js
Domain
images.converteai.net
URL
https://images.converteai.net/c2f685e0-76e3-41ed-953c-9ca805c954e6/players/67360c1f2eb080000b6d5855/thumbnail.jpg
Domain
cdn.converteai.net
URL
https://cdn.converteai.net/c2f685e0-76e3-41ed-953c-9ca805c954e6/67360bf8dc7073000cacc0a0/main.m3u8
Domain
fonts.cdnfonts.com
URL
https://fonts.cdnfonts.com/s/93599/Instagram%20Sans%20Bold.woff
Domain
fonts.cdnfonts.com
URL
https://fonts.cdnfonts.com/s/14247/sf-ui-display-medium-58646be638f96.woff
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://bemestarvida.site/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://bemestarvida.site/presell/
Message:
<link rel=preload> uses an unsupported `as` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bemestarvida.site
cdn.converteai.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.cdnfonts.com
images.converteai.net
scripts.converteai.net
cdn.converteai.net
connect.facebook.net
fonts.cdnfonts.com
images.converteai.net
scripts.converteai.net
104.17.24.14
172.67.164.159
172.67.184.158
1d4a68468230a32268e6d28fd29866bc9c7054e11e57b6d2f201ad63e844c152
3057588dd45080fce49454c375abdd64e0764b04c6b3d5dde44ac6a903a4da4e
39a21fbb915f790da4c5b075c8a7f06df0140db216c4bf9caee27fb5fae2793b
44deeb8db95ea8810c40490cdd8545a651358737ea0be0947a6cfa1a56b04aeb
4b8bf89677c5e80172351d6b25d2a1dcdb93687719ab8b01f6e5a3b555fec28d
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6d71c770ebbbadcf354c64ea0e4cad1506e154ccd58a82ea935d0055493d3fe1
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
8def5a216f0d085e744e83d849592151400cd17a431b22280bb408998bfc82ef
9163921f406a112de06bc5c1b178e1e6a771cf457951ce09124071002bf1dd66
93bbdcb3dc8b6ed21594611184ee85d5a70b616f1253600f54f7866ff2b572c9
94206693bc579c3b155f39b88ada8022c6edccd4213e7cfc965065077c84a2fd
a41f5b6bed8ff5f9d2139257f500f796e22bd4e9f03d8ec348976be935703b46
a867285d8f2d3ea5e47d272b17db3f6d6a6f7130a0a968b9ca0811050eacb9ec
e527e25b9e3bbc3c377d954877f01a4701c96892cf9b1711eb3553c194b09846
efa12999290cc367403ee5cd7db9d928a1ac0d74afe8ae3ff1ace602490bec3a
fe0ba7ed03fe326bd3e92200e55f53e1c5dd3fc9de5fda7e4bc33bb51aaaf5fb