URL: http://bon.safars.online/
Submission: On October 14 via api from PL — Scanned from CA

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 53 HTTP transactions. The main IP is 64.68.204.76, located in Canada and belongs to EDNS, CA. The main domain is bon.safars.online.
This is the only time bon.safars.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
24 safars.online
bon.safars.online
762 KB
6 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3412
videos-fms.jwpsrv.com — Cisco Umbrella Rank: 4868
299 KB
6 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2507
45 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
154 KB
4 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2665
239 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
222 B
2 gstatic.com
fonts.gstatic.com
93 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
111 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2872
208 B
1 getyourapi.site
getyourapi.site
483 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
53 11
Domain Requested by
24 bon.safars.online bon.safars.online
6 cdn.jwplayer.com 3 redirects bon.safars.online
cdn.jwplayer.com
ssl.p.jwpcdn.com
6 cdnjs.cloudflare.com bon.safars.online
cdnjs.cloudflare.com
4 ssl.p.jwpcdn.com cdn.jwplayer.com
3 videos-fms.jwpsrv.com ssl.p.jwpcdn.com
3 assets-jpcust.jwpsrv.com bon.safars.online
2 www.facebook.com bon.safars.online
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net bon.safars.online
connect.facebook.net
1 prd.jwpltx.com
1 getyourapi.site cdnjs.cloudflare.com
1 fonts.googleapis.com bon.safars.online
53 12

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
jwplayer.com
Amazon
2021-12-29 -
2023-01-25
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-07-23 -
2022-10-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
getyourapi.site
R3
2022-09-11 -
2022-12-10
3 months crt.sh

This page contains 1 frames:

Primary Page: http://bon.safars.online/
Frame ID: 8A89FE14FB585C1BD9811FA949921920
Requests: 53 HTTP requests in this frame

Screenshot

Page Title

BalticPipe

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

28 %
HTTPS

82 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

1704 kB
Transfer

3187 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • http://cdn.jwplayer.com/strips/zaRfsCvJ-120.vtt HTTP 301
  • http://assets-jpcust.jwpsrv.com/strips/zaRfsCvJ-120.vtt
Request Chain 42
  • http://cdn.jwplayer.com/v2/media/zaRfsCvJ/poster.jpg?width=720 HTTP 302
  • http://assets-jpcust.jwpsrv.com/thumbnails/rd62mm3h-720.jpg
Request Chain 43
  • https://cdn.jwplayer.com/v2/media/zaRfsCvJ/poster.jpg?width=1280 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/rd62mm3h-1280.jpg

53 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bon.safars.online/
52 KB
11 KB
Document
General
Full URL
http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
0609c8dad2beb32439bd2498ed9c547d1399192080e4486088e192d07eb59236

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 14 Oct 2022 12:15:12 GMT
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding Accept-Encoding
reset.css
bon.safars.online/css/
7 KB
3 KB
Stylesheet
General
Full URL
http://bon.safars.online/css/reset.css
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
194a0a1a9bee1bb744e8a9e03b5e741da426e1112dc0b55423b7db3bf585b03f

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:12 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
text/css
bootstrap-grid.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/css/
52 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/css/bootstrap-grid.min.css
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9abd3f5a7973251d6b17cccd16652859f722a145f3e74272a5d31923c18f22c7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
http://bon.safars.online
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 12:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
745757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Sat, 09 Oct 2021 18:30:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6161dfe3-cbe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ygh1xHClgIsGnA0j2KLjAimL5HLNieoMDc2CeEQ3%2BvP3WHavDzjyaG5FjUJYjwTuQ2tAUhjEtmVOtdaI7gQ%2BnBTVu1Y41iS%2F7UAmkltk8ojK3pp0Vv8hVfbALbC3u7EwkPHHy1kv2JQgLWHO2ruuyfss"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a03d374fea5413-YYZ
expires
Wed, 04 Oct 2023 12:15:12 GMT
css2
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700;800&display=swap
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15eda5ef0f451c27998ef36616a00ee948ffbdd3434560ec74f552cbe2a6ae5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Oct 2022 12:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Oct 2022 11:22:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Oct 2022 12:15:12 GMT
style.css
bon.safars.online/css/
14 KB
3 KB
Stylesheet
General
Full URL
http://bon.safars.online/css/style.css
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
a2678b1ce2da22c3666a82a9007232c606569a9976cabbda64337918ad7062fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:12 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
text/css
form.css
bon.safars.online/css/
2 KB
1 KB
Stylesheet
General
Full URL
http://bon.safars.online/css/form.css
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
9d090727a365ce57ebfd2fbf845f8593d4d280909c66080a96e2ae2d47693290

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:12 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
text/css
logo.svg
bon.safars.online/img/
9 KB
4 KB
Image
General
Full URL
http://bon.safars.online/img/logo.svg
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
6f81edda9e8f6f79fea1fd2b59309015527a68aba0113dc7118c4aaa7ba33adb

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:12 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
image/svg+xml
main-baltic.png
bon.safars.online/img/
18 KB
18 KB
Image
General
Full URL
http://bon.safars.online/img/main-baltic.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
bfc8bcf6489795ec0ef60f956b8f740a5469bffc8deb2c3e5c4a6b14977ea1e8

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:12 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
plus.svg
bon.safars.online/img/
228 B
427 B
Image
General
Full URL
http://bon.safars.online/img/plus.svg
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
6aa865c53c70f5ff1c4e748bbacf2be4c086bf7f5c6b14f6d75a60c62f2dec4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
image/svg+xml
play.svg
bon.safars.online/img/
407 B
552 B
Image
General
Full URL
http://bon.safars.online/img/play.svg
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
52a6c075889e597e0cdbc77ee4a07b6d163c373f6f283a53f03f236cf6aaf0eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:12 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
image/svg+xml
zaRfsCvJ-voou8tK3.js
cdn.jwplayer.com/players/
118 KB
42 KB
Script
General
Full URL
https://cdn.jwplayer.com/players/zaRfsCvJ-voou8tK3.js
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:8800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ae95ef4eead753bcf82b6f89ce7114ed6ced28ede5c2878e1b0d182ce8f29372

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 12:15:12 GMT
content-encoding
gzip
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
content-length
42391
x-amz-cf-id
N45ylXzTRcbcTKj0VeXFgVUsw09XPDYBJ1H3m134lzJ8GDBECN2AjA==
baltic-bubbles.png
bon.safars.online/img/
13 KB
14 KB
Image
General
Full URL
http://bon.safars.online/img/baltic-bubbles.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
6b2be66a28d202fbcd891943438e295e0180ca38f9d47dcb559e8d02e04711b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:12 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
baltic-map.png
bon.safars.online/img/
26 KB
26 KB
Image
General
Full URL
http://bon.safars.online/img/baltic-map.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
0b703327298c483a044b6cd178562474d06f4ac15fb2b2caf6a44558745ae364

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
graph-bubbles.png
bon.safars.online/img/
14 KB
14 KB
Image
General
Full URL
http://bon.safars.online/img/graph-bubbles.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
274286b72a70cbbfdf24320fce94240f19b736ab8db246d483ecbf2e78aa654f

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
graph.png
bon.safars.online/img/
26 KB
26 KB
Image
General
Full URL
http://bon.safars.online/img/graph.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
7e331d4ba95eb8870899012042489c135916a2d22668e9a4bbd607a7f8e8a139

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
feature-1.png
bon.safars.online/img/
734 B
921 B
Image
General
Full URL
http://bon.safars.online/img/feature-1.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
dbfbd055482438f75ef4e02722b9441d9324dcfbd8412cef7b6665cf596b6b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
feature-2.png
bon.safars.online/img/
795 B
982 B
Image
General
Full URL
http://bon.safars.online/img/feature-2.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
eefaf94974416a402bbc7f5423bb1fa0a30545efd86b56d9c780c96bd79a0748

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
feature-3.png
bon.safars.online/img/
866 B
1 KB
Image
General
Full URL
http://bon.safars.online/img/feature-3.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
0adb3065dc1a26efcb17fb77442b32bd797fbc6c8c5154456d530f8b752b7d75

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
feedback-bubble-1.png
bon.safars.online/img/
14 KB
15 KB
Image
General
Full URL
http://bon.safars.online/img/feedback-bubble-1.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
30cb43cf9425a00db6fabdd379d332f1375e66f93e6c4215d17782d5ec4c5545

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
feedback-bubble-2.png
bon.safars.online/img/
13 KB
14 KB
Image
General
Full URL
http://bon.safars.online/img/feedback-bubble-2.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
6b2be66a28d202fbcd891943438e295e0180ca38f9d47dcb559e8d02e04711b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
feedback-1.png
bon.safars.online/img/
29 KB
29 KB
Image
General
Full URL
http://bon.safars.online/img/feedback-1.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
e562d87c0f226a03eca803c25ec6b46ff6c2df1a01e5d0904e4a2520b724e34a

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
feedback-2.png
bon.safars.online/img/
41 KB
41 KB
Image
General
Full URL
http://bon.safars.online/img/feedback-2.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
0da9adc0451147a8a53cd26be5735f6a429924b1034046ef56d7142f9fe1a733

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
feedback-3.png
bon.safars.online/img/
41 KB
41 KB
Image
General
Full URL
http://bon.safars.online/img/feedback-3.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
3ae4717a4059b2cfea1ae859cb7add9bfd2b59232e8fd6dbec8b3f0eb3a0b631

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
pr.png
bon.safars.online/img/
21 KB
21 KB
Image
General
Full URL
http://bon.safars.online/img/pr.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
37f208048cf54bfa84af42f1bdbabe26547482b9303ef8477b4fe024c6f63b8e

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
http://bon.safars.online
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 12:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2955126
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIWxD1J5f6JkgTo0NpRJE8CxM2EP2q6LnJOr9VCFUe70gspP3lc%2B0Y4xSUiK5Te33mCHnd4PsTPAR0LOvkwUreLIhZ8rycK343ix9KbTZFvZ7Yn82ob%2FDg9VgzJ6mu63aj8SjKggQ2vm9ExzVubFlUhu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a03d38aa565413-YYZ
expires
Wed, 04 Oct 2023 12:15:12 GMT
main.js
bon.safars.online/js/
1 KB
811 B
Script
General
Full URL
http://bon.safars.online/js/main.js
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
20a8ec53a379e760138f407462ee6450c52e87e4c515af67547ebd7415912b28

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:12 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
intlTelInput.min.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/
19 KB
2 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
http://bon.safars.online
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 12:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1863227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1820
last-modified
Sat, 13 Feb 2021 20:29:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"602836ba-4ad5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXL05uFBJ337iTlab1EL0ukezJIgd0rBOW4lSgxDaY9OaTI%2BRfXShkqWpEZLQIrxDrfqdjPYdh1NoxnuS2he46TJqyT9b1ZZv3Weue%2Bb%2Be5SpnuESYuClxUsVYgyoLQ4KvT5QaKOcoDi7W9g7ZdlYW0i"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a03d38ba625413-YYZ
expires
Wed, 04 Oct 2023 12:15:12 GMT
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/
29 KB
9 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b024339fe00039664fe9d06d5b49f9c7790fd3c0a49fe69b44f77360e71483ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
http://bon.safars.online
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 12:15:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5596766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8967
last-modified
Sat, 13 Feb 2021 20:29:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"602836ba-7351"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIaK6S4UqmbrCS5pq00WxeAxhhgh%2Bm8GJLEv%2FRG4JlV4YM31OyXDJCVecoi9uVAsbLd3UoaRgYtq9P6x6Z7fCh0niRZsNH%2FArFCBvyFNE13oC64mHsvaEqi%2FS4nBWRrIyJ58jDRXAL8P%2BuyiysCoTqso"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a03d38ba645413-YYZ
expires
Wed, 04 Oct 2023 12:15:12 GMT
fbevents.js
connect.facebook.net/en_US/
101 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f082:9:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Oct 2022 12:15:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26852
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
6EL4vnFFgOb5o8xNyZ7dZFT55Xl3LgGKR0/s9efnlRjwLL+oHH2EBuU/L36nJt6zaojjkaTRperOvsYTcqO0xQ==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://bon.safars.online
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 15:59:53 GMT
x-content-type-options
nosniff
age
332119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 15:59:53 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v12/
56 KB
56 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://bon.safars.online
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 16:07:42 GMT
x-content-type-options
nosniff
age
331650
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56968
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:29:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 16:07:42 GMT
663900052014151
connect.facebook.net/signals/config/
292 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/663900052014151?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f082:9:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab6270a122742a2dc6c89aa00d01b32ef9f36c00f726e42f184e6bf57fee703e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 14 Oct 2022 12:15:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
KCMYoB6FFWwz1M7YeRrt6ui/CaORLbS9h4jGYXV+vdz8VosrYgONy3Qc4YnL1HxcLVo6SklpZuy+/y1Oeb512Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.26.1/
62 KB
19 KB
Script
General
Full URL
http://ssl.p.jwpcdn.com/player/v/8.26.1/jwpsrv.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/zaRfsCvJ-voou8tK3.js
Protocol
HTTP/1.1
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d8de3829d2383650a9308f175c7017fe6f3a60c3888d6d61e089f9b19141323

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Content-Encoding
gzip
Via
1.1 varnish
Age
539
X-Cache
HIT
Connection
keep-alive
Content-Length
18857
X-Served-By
cache-yul12834-YUL
Last-Modified
Thu, 29 Sep 2022 20:27:56 GMT
Server
AmazonS3
X-Timer
S1665749713.039532,VS0,VE0
ETag
"662d21d9cc48caa9758882be57e10e92"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, immutable
Accept-Ranges
bytes
X-Cache-Hits
1378
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.26.1/
325 KB
84 KB
Script
General
Full URL
http://ssl.p.jwpcdn.com/player/v/8.26.1/jwplayer.core.controls.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/zaRfsCvJ-voou8tK3.js
Protocol
HTTP/1.1
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
891b3886dccdba5ee5a6c7a7eb571b702d0e0632fe625eab0f14661db6f18a92

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Content-Encoding
gzip
Via
1.1 varnish
Age
920226
X-Cache
HIT
Connection
keep-alive
Content-Length
85628
X-Served-By
cache-yul12820-YUL
Last-Modified
Thu, 29 Sep 2022 20:27:49 GMT
Server
AmazonS3
X-Timer
S1665749713.039838,VS0,VE0
ETag
"3dbbfe8911fcf10cd73c01fb12b3a0c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Accept-Ranges
bytes
X-Cache-Hits
711543
zaRfsCvJ
cdn.jwplayer.com/v2/media/
2 KB
1 KB
XHR
General
Full URL
http://cdn.jwplayer.com/v2/media/zaRfsCvJ?recommendations_playlist_id=YYInJ1PL
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/zaRfsCvJ-voou8tK3.js
Protocol
HTTP/1.1
Server
2600:9000:2209:8800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ae09e564ccd1183a99859be19c890b2dfe69283fb21a8dc1cd7ed3f09dac21d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Content-Encoding
gzip
Via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
Server
openresty
X-Amz-Cf-Pop
EWR53-P1
X-Cache
Miss from cloudfront
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=180, max-stale=180
Connection
keep-alive
Content-Length
630
X-Amz-Cf-Id
_OJYNFovNlOoEihAiLd1psTi2qAXAfnfLZ0tlvyQiqxXoxTDSu7OnQ==
Expires
Fri, 14 Oct 2022 12:18:13
about-bg.png
bon.safars.online/img/
249 KB
250 KB
Image
General
Full URL
http://bon.safars.online/img/about-bg.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/css/style.css
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
93dc18be109f62f81e94168e8ec738e87929779425a030e2e76c4d8d134b17da

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
feature-bg.png
bon.safars.online/img/
227 KB
228 KB
Image
General
Full URL
http://bon.safars.online/img/feature-bg.png
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/css/style.css
Protocol
HTTP/1.1
Server
64.68.204.76 , Canada, ASN16686 (EDNS, CA),
Reverse DNS
64.68.204.76.host.easydns.com
Software
openresty /
Resource Hash
b47cd0a12d546e2c6f4cb31e412b24191d714f7a8d8d61ceffbdecf328b2d51c

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
geolocation
getyourapi.site/api/
77 B
483 B
XHR
General
Full URL
https://getyourapi.site/api/geolocation
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.122.218.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-218-248.eu-central-1.compute.amazonaws.com
Software
openresty / Express
Resource Hash
7c49870f7b1a41ad132c8cb3eb3cf65a5a31f00708ed65d9f134b6c393343121

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://bon.safars.online/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 12:15:13 GMT
server
openresty
x-powered-by
Express
etag
W/"4d-4U6Jkb928wyKHSLGUjKFHzV+sZQ"
access-control-max-age
600
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://bon.safars.online
access-control-expose-headers
content-type, authorization, x-request-id
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept, authorization
content-length
77
x-request-id
d60734d7-28d5-492f-aa85-3080e8a3611e
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.26.1/
377 KB
110 KB
Script
General
Full URL
http://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/zaRfsCvJ-voou8tK3.js
Protocol
HTTP/1.1
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acfde0191e09d9049c5304cf54ee91bc9748bc11e6ad6091ca20c7de569d29b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Content-Encoding
gzip
Via
1.1 varnish
Age
920170
X-Cache
HIT
Connection
keep-alive
Content-Length
112497
X-Served-By
cache-yul12820-YUL
Last-Modified
Thu, 29 Sep 2022 20:27:52 GMT
Server
AmazonS3
X-Timer
S1665749713.173263,VS0,VE0
ETag
"0814ed1c84aed38165abc0800edcbffb"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Accept-Ranges
bytes
X-Cache-Hits
423786
/
www.facebook.com/tr/
0
204 B
Image
General
Full URL
https://www.facebook.com/tr/?id=663900052014151&ev=PageView&dl=http%3A%2F%2Fbon.safars.online%2F&rl=&if=false&ts=1665749713202&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665749713201.1389065529&it=1665749712909&coo=false&exp=a0&rqm=GET
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f175:81:face:b00c:0:25de Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 14 Oct 2022 12:15:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
zaRfsCvJ-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • http://cdn.jwplayer.com/strips/zaRfsCvJ-120.vtt
  • http://assets-jpcust.jwpsrv.com/strips/zaRfsCvJ-120.vtt
5 KB
1 KB
XHR
General
Full URL
http://assets-jpcust.jwpsrv.com/strips/zaRfsCvJ-120.vtt
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d3fb549c336ff8c15a03fa1ba4a96e9cee41b6de2821179cc05f6cbab001b2c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
0
x-amz-server-side-encryption
AES256
X-Cache
HIT, MISS
Connection
keep-alive
Content-Length
640
X-Served-By
cache-iad-kjyo7100049-IAD, cache-yul12830-YUL
Last-Modified
Sat, 27 Aug 2022 14:43:58 GMT
Server
nginx
X-Timer
S1665749713.365814,VS0,VE14
ETag
"e995747c316eb2dda52064e2b97434c4"
Access-Control-Max-Age
180
Access-Control-Allow-Methods
GET
Content-Type
text/vtt
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept-encoding, cache-control, origin, dnt, accept-language
X-Cache-Hits
5, 0

Redirect headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
Server
openresty
X-Amz-Cf-Pop
EWR53-P1
X-Cache
Miss from cloudfront
Content-Type
text/html
Access-Control-Allow-Origin
*
Location
http://assets-jpcust.jwpsrv.com/strips/zaRfsCvJ-120.vtt
Connection
keep-alive
Content-Length
166
X-Amz-Cf-Id
VHKds5qh-sQouIgoOvS0Gg-9S7QomYyAFOpeejOISiPDXuYfd3pjQw==
related.js
ssl.p.jwpcdn.com/player/v/8.26.1/
106 KB
25 KB
Script
General
Full URL
http://ssl.p.jwpcdn.com/player/v/8.26.1/related.js
Requested by
Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/players/zaRfsCvJ-voou8tK3.js
Protocol
HTTP/1.1
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c0952d361c8163b5335557d223de2a5f6b73491bcff6d522f87df9e9e1b4551

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Content-Encoding
gzip
Via
1.1 varnish
Age
920225
X-Cache
HIT
Connection
keep-alive
Content-Length
25386
X-Served-By
cache-yul12820-YUL
Last-Modified
Thu, 29 Sep 2022 20:27:54 GMT
Server
AmazonS3
X-Timer
S1665749713.311548,VS0,VE0
ETag
"360546fdfd689d5313c57f1d76ac14c5"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, immutable
Accept-Ranges
bytes
X-Cache-Hits
625221
zaRfsCvJ.m3u8
cdn.jwplayer.com/manifests/
1 KB
868 B
XHR
General
Full URL
http://cdn.jwplayer.com/manifests/zaRfsCvJ.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Protocol
HTTP/1.1
Server
2600:9000:2209:8800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
0c9828eb3e39daa208d71c1967a65debb9491b66ae55f62ff516874ee58fce43

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Content-Encoding
gzip
Via
1.1 99b519fb7ca87e7fd6040aacb1160452.cloudfront.net (CloudFront)
Server
openresty
X-Amz-Cf-Pop
EWR53-P1
X-Cache
Miss from cloudfront
Content-Type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
Cache-Control
max-age=180
Connection
keep-alive
Content-Length
407
X-Amz-Cf-Id
Ssj27kCzhMvqJTd-Eg9fYHK_GIYGulOqXutRFsU4_13p9Q94qEYmlg==
rd62mm3h-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • http://cdn.jwplayer.com/v2/media/zaRfsCvJ/poster.jpg?width=720
  • http://assets-jpcust.jwpsrv.com/thumbnails/rd62mm3h-720.jpg
26 KB
26 KB
Image
General
Full URL
http://assets-jpcust.jwpsrv.com/thumbnails/rd62mm3h-720.jpg
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
HTTP/1.1
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27509a9e8ba5f4ad51d73eb26bd80d8d30e9c33c58d2e0a8c51d09d6d72b78ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
287
x-amz-server-side-encryption
AES256
X-Cache
HIT, MISS
Connection
keep-alive
Content-Length
26417
X-Served-By
cache-iad-kiad7000170-IAD, cache-yul12832-YUL
Last-Modified
Mon, 26 Sep 2022 12:58:35 GMT
Server
nginx
X-Timer
S1665749713.417021,VS0,VE18
ETag
"53416b48ae14b50dc6834f75f8cf191c"
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept-encoding, cache-control, origin, dnt, accept-language
X-Cache-Hits
3, 0

Redirect headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Via
1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
Server
openresty
X-Amz-Cf-Pop
EWR53-P1
access-control-allow-methods
GET
Content-Type
image/jpeg
access-control-allow-origin
*
Location
http://assets-jpcust.jwpsrv.com/thumbnails/rd62mm3h-720.jpg
Cache-Control
max-age=180, max-stale=180
X-Cache
Miss from cloudfront
Connection
keep-alive
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
Content-Length
0
X-Amz-Cf-Id
SxQoMVpfNutdefaa1CqQRX3TMe3neP5BWJxZMP5KDbRIb16ZnnFF8A==
rd62mm3h-1280.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/zaRfsCvJ/poster.jpg?width=1280
  • https://assets-jpcust.jwpsrv.com/thumbnails/rd62mm3h-1280.jpg
58 KB
57 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/rd62mm3h-1280.jpg
Requested by
Host: bon.safars.online
URL: http://bon.safars.online/
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e9581a32472f1d1b65f7cf4180f1e6e3e44f58360d2b63b85d9b71e43349f822

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 12:15:13 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
content-length
58044
x-served-by
cache-iad-kjyo7100050-IAD, cache-yul12827-YUL
last-modified
Mon, 26 Sep 2022 12:58:35 GMT
server
nginx
x-timer
S1665749713.433337,VS0,VE55
etag
"419cb191d39e5d9796455a9506a31ac0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
1, 0

Redirect headers

date
Fri, 14 Oct 2022 12:15:13 GMT
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/rd62mm3h-1280.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
zUFii21Pnf7pEf8EEAcEFunUFxBN14JM09CT2qvxs5vruOuwcn1jRg==
zaRfsCvJ-34415633.mp4.m3u8
videos-fms.jwpsrv.com/6349fb91_0x01899ccf2d99796f70a9ef91b071183beaa5e27f/content/conversions/panm0rVT/videos/
2 KB
931 B
XHR
General
Full URL
http://videos-fms.jwpsrv.com/6349fb91_0x01899ccf2d99796f70a9ef91b071183beaa5e27f/content/conversions/panm0rVT/videos/zaRfsCvJ-34415633.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Protocol
HTTP/1.1
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
d0850d5947f537c24a7ef276419426dfd93ad3f85b609426f1066497a4dbb288

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
X-Backend
https://s3-external-1.amazonaws.com
Age
340197
X-Cache
HIT, HIT
Connection
keep-alive
Fastly-Stats
otfp=1
Content-Length
252
X-Served-By
cache-iad-kcgs7200110-IAD, cache-yul12826-YUL
Server
otfp
X-Timer
S1665749713.474860,VS0,VE1
Etag
"ikreabZNwXad9oBEh1BVddffaRPzXBAXRKH6eYp_muvffzeZS8gDZiBjjPLLkSD3hEzVaJYt4s02_NWgbwc7VfY3YA"
Vary
Accept-Encoding
Content-Type
application/x-mpegurl
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept-encoding, cache-control, origin, dnt
X-Cache-Hits
37, 1
zaRfsCvJ-34415633.mp4-1.ts
videos-fms.jwpsrv.com/6349fb91_0x01899ccf2d99796f70a9ef91b071183beaa5e27f/content/conversions/panm0rVT/videos/
212 KB
213 KB
XHR
General
Full URL
http://videos-fms.jwpsrv.com/6349fb91_0x01899ccf2d99796f70a9ef91b071183beaa5e27f/content/conversions/panm0rVT/videos/zaRfsCvJ-34415633.mp4-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Protocol
HTTP/1.1
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
c0afe74aa1f8e17bc76c1f6dcd4fcbdd0fdc8c8c7ac829868cd000d511be14fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:13 GMT
Via
1.1 varnish, 1.1 varnish
X-Backend
https://s3-external-1.amazonaws.com
Age
0
X-Cache
HIT, MISS
Connection
keep-alive
Fastly-Stats
otfp=1
Content-Length
216952
X-Served-By
cache-iad-kiad7000120-IAD, cache-yul12826-YUL
Server
otfp
X-Timer
S1665749713.495501,VS0,VE17
Etag
"j5a1UgKv66ufvCtZZmMqfcvQMatHcQGSoVQsWL1TQTw1sPQq90JEsT0LBgsLJiMzP3kVQITGH4KN4Zd28q1FtqbhHw"
Content-Type
video/mp2t
X-Fastly-Otfp-Info
ss=0.000 sl=4.000 vl=151.233 rs=320x180
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept-encoding, cache-control, origin, dnt
X-Cache-Hits
30, 0
flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/img/
66 KB
67 KB
Image
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/img/flags.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 12:15:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
16101944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67650
last-modified
Sat, 13 Feb 2021 20:30:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"602836d0-1083d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6oG3fThtG12bGc3g6sygsEOOqF2LAW%2BD3f4hLoORd9twWJM2NldhzeNjQ9fxYJXO5f4aIXb8FcJcn%2Bo%2FFqj4Sc0xcjHXpuadWmYkuwW2OOTCqOg3Dh%2Ba7W9Jk2j5xLh4jiWiclHsZY5ISNM6A6GVMwW"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a03d3de89ef989-YYZ
expires
Wed, 04 Oct 2023 12:15:13 GMT
ping.gif
prd.jwpltx.com/v1/jwplayer6/
0
208 B
Image
General
Full URL
http://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-1970927726&e=e&n=7641254559041932&aid=P_jn6CYIEe2V__I2JL23XA&amp=0&at=1&c=-1&ccp=0&cp=0&d=0&eb=0&ed=9&emi=15czk3c19blz&i=0&id=zaRfsCvJ&lid=1v7hjc11kjkk&lsa=set&mt=0&pbd=1&pbr=1&pgi=6ih6b11eidhi&ph=3&pid=voou8tK3&pii=0&pl=605&plc=1&pli=1kju7op1t8br&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=BalticPipe&pu=http%3A%2F%2Fbon.safars.online%2F&pv=8.26.1&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Balticpipe%20Pl&tv=3.40.0&vb=0&vi=0.28&vl=90&wd=1076&ab=1&cae=0&cb=0&cdid=botr_zaRfsCvJ_voou8tK3_div&cme=0&dd=1&flc=0&fv=&ga=0&lng=en&mk=hls&mu=http%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FzaRfsCvJ.m3u8&pbc=0&pd=2&pdr=&plng=en&plt=1400&pni=0&po=0&sp=0&st=330&sa=1665749713308
Protocol
HTTP/1.1
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Cache-Hits
0
Date
Fri, 14 Oct 2022 12:15:14 GMT
Via
1.1 varnish
Server
nginx
X-Cache
MISS
Connection
keep-alive
Accept-Ranges
bytes
X-Served-By
cache-yul12820-YUL
utils.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/
240 KB
45 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/utils.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40be34b828e28a6e711efb10cb00aab537ef9de74abb3864acd2fa59665f6fbf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 12:15:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
863064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44956
last-modified
Sat, 13 Feb 2021 20:31:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6028372e-3bf7a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrMTZ7AXJOMuLRjMBBxClXhS%2BCSkP%2BhQvUU%2BHU4mZU0%2B%2Bb%2FavRic3W8ya4Oe95BhWRJ%2FviozmS7sxT7r%2FfQEP%2BL7SXWD3jBG1b9%2BQAu3wO%2FnUjOXDthCHSHCizflMYVIaMx9Vi%2BxEw6X3jtL8ZfJ2Oe3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75a03d41fbb9f989-YYZ
expires
Wed, 04 Oct 2023 12:15:14 GMT
e3594272-3e8f-4888-831b-2b9693006ce5
http://bon.safars.online/
84 KB
0
Other
General
Full URL
blob:http://bon.safars.online/e3594272-3e8f-4888-831b-2b9693006ce5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dfc273cb08d312f5a2b0bb010ac8b5fa33c6555cf26e4a14cc8e0210b1c695c

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
85591
Content-Type
text/javascript
zaRfsCvJ-34415639.mp4.m3u8
videos-fms.jwpsrv.com/6349fb91_0xb9264efecb957e5c651908cb264ef0944678f9c7/content/conversions/panm0rVT/videos/
2 KB
933 B
XHR
General
Full URL
http://videos-fms.jwpsrv.com/6349fb91_0xb9264efecb957e5c651908cb264ef0944678f9c7/content/conversions/panm0rVT/videos/zaRfsCvJ-34415639.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: http://ssl.p.jwpcdn.com/player/v/8.26.1/provider.hlsjs.js
Protocol
HTTP/1.1
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
f4abad7cd740718a4730aae64b1006412f063851fe9c3b4e1a30cf8f81f3926c

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 12:15:14 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
X-Backend
https://s3-external-1.amazonaws.com
Age
253801
X-Cache
HIT, HIT
Connection
keep-alive
Fastly-Stats
otfp=1
Content-Length
252
X-Served-By
cache-iad-kcgs7200077-IAD, cache-yul12826-YUL
Server
otfp
X-Timer
S1665749714.274568,VS0,VE1
Etag
"IiRxOd5NK-iZEvWLymrV3IFXzR0mVcD8RaE9AzbICXwHOyfi-Dor3OB3qk1KAXfC6aQSGW38NZnagimvL6HbpYo9CmZ-"
Vary
Accept-Encoding
Content-Type
application/x-mpegurl
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept-encoding, cache-control, origin, dnt
X-Cache-Hits
53, 1
/
www.facebook.com/tr/
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=663900052014151&ev=Microdata&dl=http%3A%2F%2Fbon.safars.online%2F&rl=&if=false&ts=1665749715228&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BalticPipe%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665749713201.1389065529&it=1665749712909&coo=false&es=automatic&tm=3&exp=a0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f175:81:face:b00c:0:25de Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://bon.safars.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 14 Oct 2022 12:15:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| fbq function| _fbq object| webpackChunkjwplayer function| jwplayer function| $ function| jQuery object| intlTelInputGlobals function| intlTelInput function| parseURLParams object| intlTelInputUtils

1 Cookies

Domain/Path Name / Value
.safars.online/ Name: _fbp
Value: fb.1.1665749713201.1389065529

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-jpcust.jwpsrv.com
bon.safars.online
cdn.jwplayer.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
getyourapi.site
prd.jwpltx.com
ssl.p.jwpcdn.com
videos-fms.jwpsrv.com
www.facebook.com
2600:9000:2209:8800:1:a3fa:7cc0:93a1
2606:4700::6811:190e
2607:f8b0:4006:80a::2003
2607:f8b0:4006:823::200a
2a03:2880:f082:9:face:b00c:0:3
2a03:2880:f175:81:face:b00c:0:25de
2a04:4e42:400::626
2a04:4e42:600::626
2a04:4e42::626
3.122.218.248
64.68.204.76
0609c8dad2beb32439bd2498ed9c547d1399192080e4486088e192d07eb59236
0adb3065dc1a26efcb17fb77442b32bd797fbc6c8c5154456d530f8b752b7d75
0b703327298c483a044b6cd178562474d06f4ac15fb2b2caf6a44558745ae364
0c9828eb3e39daa208d71c1967a65debb9491b66ae55f62ff516874ee58fce43
0da9adc0451147a8a53cd26be5735f6a429924b1034046ef56d7142f9fe1a733
15eda5ef0f451c27998ef36616a00ee948ffbdd3434560ec74f552cbe2a6ae5f
194a0a1a9bee1bb744e8a9e03b5e741da426e1112dc0b55423b7db3bf585b03f
20a8ec53a379e760138f407462ee6450c52e87e4c515af67547ebd7415912b28
274286b72a70cbbfdf24320fce94240f19b736ab8db246d483ecbf2e78aa654f
27509a9e8ba5f4ad51d73eb26bd80d8d30e9c33c58d2e0a8c51d09d6d72b78ad
30cb43cf9425a00db6fabdd379d332f1375e66f93e6c4215d17782d5ec4c5545
37f208048cf54bfa84af42f1bdbabe26547482b9303ef8477b4fe024c6f63b8e
3ae4717a4059b2cfea1ae859cb7add9bfd2b59232e8fd6dbec8b3f0eb3a0b631
3dfc273cb08d312f5a2b0bb010ac8b5fa33c6555cf26e4a14cc8e0210b1c695c
40be34b828e28a6e711efb10cb00aab537ef9de74abb3864acd2fa59665f6fbf
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b
52a6c075889e597e0cdbc77ee4a07b6d163c373f6f283a53f03f236cf6aaf0eb
6aa865c53c70f5ff1c4e748bbacf2be4c086bf7f5c6b14f6d75a60c62f2dec4b
6b2be66a28d202fbcd891943438e295e0180ca38f9d47dcb559e8d02e04711b3
6f81edda9e8f6f79fea1fd2b59309015527a68aba0113dc7118c4aaa7ba33adb
7c0952d361c8163b5335557d223de2a5f6b73491bcff6d522f87df9e9e1b4551
7c49870f7b1a41ad132c8cb3eb3cf65a5a31f00708ed65d9f134b6c393343121
7e331d4ba95eb8870899012042489c135916a2d22668e9a4bbd607a7f8e8a139
891b3886dccdba5ee5a6c7a7eb571b702d0e0632fe625eab0f14661db6f18a92
8d8de3829d2383650a9308f175c7017fe6f3a60c3888d6d61e089f9b19141323
93dc18be109f62f81e94168e8ec738e87929779425a030e2e76c4d8d134b17da
9abd3f5a7973251d6b17cccd16652859f722a145f3e74272a5d31923c18f22c7
9d090727a365ce57ebfd2fbf845f8593d4d280909c66080a96e2ae2d47693290
a2678b1ce2da22c3666a82a9007232c606569a9976cabbda64337918ad7062fb
ab6270a122742a2dc6c89aa00d01b32ef9f36c00f726e42f184e6bf57fee703e
acfde0191e09d9049c5304cf54ee91bc9748bc11e6ad6091ca20c7de569d29b6
ae09e564ccd1183a99859be19c890b2dfe69283fb21a8dc1cd7ed3f09dac21d3
ae95ef4eead753bcf82b6f89ce7114ed6ced28ede5c2878e1b0d182ce8f29372
b024339fe00039664fe9d06d5b49f9c7790fd3c0a49fe69b44f77360e71483ef
b47cd0a12d546e2c6f4cb31e412b24191d714f7a8d8d61ceffbdecf328b2d51c
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
bfc8bcf6489795ec0ef60f956b8f740a5469bffc8deb2c3e5c4a6b14977ea1e8
c0afe74aa1f8e17bc76c1f6dcd4fcbdd0fdc8c8c7ac829868cd000d511be14fe
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
d0850d5947f537c24a7ef276419426dfd93ad3f85b609426f1066497a4dbb288
d3fb549c336ff8c15a03fa1ba4a96e9cee41b6de2821179cc05f6cbab001b2c9
dbfbd055482438f75ef4e02722b9441d9324dcfbd8412cef7b6665cf596b6b2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e562d87c0f226a03eca803c25ec6b46ff6c2df1a01e5d0904e4a2520b724e34a
e9581a32472f1d1b65f7cf4180f1e6e3e44f58360d2b63b85d9b71e43349f822
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
eefaf94974416a402bbc7f5423bb1fa0a30545efd86b56d9c780c96bd79a0748
f4abad7cd740718a4730aae64b1006412f063851fe9c3b4e1a30cf8f81f3926c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e