urlscan.io logo urlscan.io
SecurityTrails logo

www.bfst.xyz Open in urlscan Pro
2606:4700:3037::681b:bd12  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.bfst.xyz/one.php
Submission: On March 11 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 7 countries across 11 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3037::681b:bd12, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bfst.xyz.
This is the only time www.bfst.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 198.134.112.242 27257 (WEBAIR-IN...)
2 88.85.82.189 35415 (WEBZILLA)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.225.208.133 13213 (UK2NET-AS)
1 195.181.175.51 60068 (CDN77)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 34.102.153.117 15169 (GOOGLE)
1 192.99.13.63 16276 (OVH)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 162.252.214.5 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
1 35.190.8.27 15169 (GOOGLE)
1 216.21.13.10 53334 (TUT-AS)
28 20
1    2606:4700:3037::681b:bd12 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bfst.xyz
1    198.134.112.242 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
pl15164154.passeura.com
2    88.85.82.189 (Netherlands)

ASN35415 (WEBZILLA, NL)
deloplen.com
4    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)
waust.at
1    195.181.175.51 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-51.datapacket.com
c1.popads.net
2    2606:4700::6811:c46b (United States)

ASN13335 (CLOUDFLARENET, US)
celeritascdn.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
1    2606:4700:3034::6812:3647 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
2    34.102.153.117 (United States)

ASN15169 (GOOGLE, US)
PTR: 117.153.102.34.bc.googleusercontent.com
cdn3.bfst.xyz
1    192.99.13.63 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
PTR: ns504751.ip-192-99-13.net
s4.histats.com
2    2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)
6.adsco.re
2    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
adsco.re
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
rvorxq0hqmnw.l.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
rvorxq0hqmnw.n.adsco.re
1    185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
rvorxq0hqmnw.s.adsco.re
1    35.190.8.27 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 27.8.190.35.bc.googleusercontent.com
onclicksuper.com
1    216.21.13.10 (United States)

ASN53334 (TUT-AS, US)
serve.popads.net
Domain Requested by
4 cdn.jsdelivr.net www.bfst.xyz
2 adsco.re c.adsco.re
2 6.adsco.re www.bfst.xyz
c.adsco.re
2 cdn3.bfst.xyz cdn.jsdelivr.net
2 c.adsco.re c1.popads.net
c.adsco.re
2 celeritascdn.com www.bfst.xyz
2 deloplen.com www.bfst.xyz
deloplen.com
1 serve.popads.net c1.popads.net
1 onclicksuper.com www.bfst.xyz
1 rvorxq0hqmnw.s.adsco.re c.adsco.re
1 rvorxq0hqmnw.n.adsco.re c.adsco.re
1 rvorxq0hqmnw.l.adsco.re c.adsco.re
1 s4.histats.com s10.histats.com
1 ufpcdn.com www.bfst.xyz
1 s10.histats.com www.bfst.xyz
1 c1.popads.net www.bfst.xyz
1 waust.at www.bfst.xyz
1 pl15164154.passeura.com www.bfst.xyz
1 www.bfst.xyz
28 19

This site contains links to these domains. Also see Links.

Domain
adsco.re
Subject Issuer Validity Valid
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-02-22 -
2020-08-30		 6 months crt.sh
*.l.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-14 -
2020-07-13		 2 years crt.sh
*.n.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-30 -
2020-07-29		 2 years crt.sh
*.s.adsco.re
COMODO RSA Domain Validation Secure Server CA		 2018-07-30 -
2020-07-29		 2 years crt.sh

This page contains 4 frames:

Primary Page: http://www.bfst.xyz/one.php
Frame ID: 1F428F37A92653A0F44DF1B96006F714
Requests: 27 HTTP requests in this frame

Frame: http://deloplen.com/fac.php
Frame ID: A9E0ABAB19710FED258BFDD6F4B7B7F1
Requests: 1 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 46CEEECDD474E2F265BD188A5381F2BE
Requests: 1 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: F5183BE1588792C02B3A1D8D5D6E1F16
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

28
Requests

25 %
HTTPS

32 %
IPv6

11
Domains

19
Subdomains

20
IPs

7
Countries

261 kB
Transfer

919 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set one.php
www.bfst.xyz/ 		56 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
2606:4700:3037::681b:bd12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a965bae0e314dee75a07baf1e0c5ec657e9b3b956104d6ad77e8b50c4099948

Request headers

Host
www.bfst.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:54 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d917f55db447eb3407b44ac5fae7e06911583911434; expires=Fri, 10-Apr-20 07:23:54 GMT; path=/; domain=.bfst.xyz; HttpOnly; SameSite=Lax
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
57238863fd14c2b3-FRA
Content-Encoding
gzip
7028b257c6702101190fa525b7cc585c.js
pl15164154.passeura.com/70/28/b2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pl15164154.passeura.com/70/28/b2/7028b257c6702101190fa525b7cc585c.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
198.134.112.242 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 11 Mar 2020 07:23:55 GMT
Server
nginx/1.17.6
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length
0
Content-Type
application/javascript
apu.php
deloplen.com/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://deloplen.com/apu.php?zoneid=2685475
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
88.85.82.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
58e24525d977251efca741f1e23e7c27db7e61b055a08c9596f80db17d681798
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
46d3e0c206a6ea1492e07a8535db41fd
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Expires
Tue, 11 Jan 1994 10:00:00 GMT
clappr.min.js
cdn.jsdelivr.net/clappr/latest/ 		517 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 11 Mar 2020 07:23:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
11405653
cf-ray
572388645d8c0eaf-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21047-AMS, cache-fra19135-FRA
server
cloudflare
etag
W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/clappr.level-selector/latest/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 11 Mar 2020 07:23:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2847954
cf-ray
572388645d940eaf-FRA
x-cache
HIT
status
200
vary
Accept-Encoding
x-served-by
cache-fra19142-FRA
server
cloudflare
etag
W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
hlsjs-p2p-engine.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ 		118 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/hlsjs-p2p-engine.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca959085da9295bdc51909bf8cd70a74fd19849ecc9879f7a62f22eff79d59f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 11 Mar 2020 07:23:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
8187
cf-ray
572388645d9d0eaf-FRA
x-cache
MISS
status
200
vary
Accept-Encoding
x-served-by
cache-fra19145-FRA
server
cloudflare
etag
W/"1d9f4-67kOV0uLiFgL+xEKW83y0vBz1u8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
clappr-plugin.min.js
cdn.jsdelivr.net/npm/cdnbye@latest/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cdnbye@latest/dist/clappr-plugin.min.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce60f4e35b1f1620ec5b5bcc3d32bd4951cce874d6628123f1c99ab6cd484c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 11 Mar 2020 07:23:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
26844
cf-ray
572388645d9f0eaf-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21037-AMS, cache-hhn4026-HHN
server
cloudflare
etag
W/"a20-r6MbaNsbksPGr5OB89oRhWgkI2I"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
d.js
waust.at/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://waust.at/d.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
e0435b7d2869ef2da9c06934a39e6d6428063d7b67756355e876700e6d49f0ab

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Mar 2020 21:48:36 GMT
ETag
W/"5e6173b4-32e2"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Connection
keep-alive
Expires
Thu, 12 Mar 2020 07:23:54 GMT
pop.js
c1.popads.net/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c1.popads.net/pop.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
195.181.175.51 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-51.datapacket.com
Software
CDN77-Turbo /
Resource Hash
4ee2321843d0ce41723b85fa88153fc89ce5e5597ba3310fd2cf4c29208ece23

Request headers

Origin
http://www.bfst.xyz
Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Feb 2020 20:32:17 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"5e4af851-7bfb"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge-IP
195.181.175.50
Connection
keep-alive
X-Age
10131
alt-svc
quic="195.181.175.50:443"; ma=2592000; v="44,43,39"
compatibility.js
celeritascdn.com/script/ 		12 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://celeritascdn.com/script/compatibility.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
2606:4700::6811:c46b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b0571ce88b8343afb0be777b3a3d9e06f1469f2e48a487c56319b8fc8c28e73

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:55 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
337
X-GUploader-UploadID
AEnB2UoBUDOpSUPDFLeFxnpJHefta09NRvtjdWaX5U-fQfG4Je6mRycGOAhh4J9YSMohdjgmdAtLW1a2OI8RjcC-eM_4eZiEOjclGsZ-FpeE1PYY8YVnO5U
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Wed, 04 Mar 2020 13:31:53 GMT
Server
cloudflare
ETag
W/"0b878a430101a62ac2c75fbbb0e22b7c"
Vary
Accept-Encoding
x-goog-hash
crc32c=POj59A==, md5=C4eKQwEBpirCx1+7sOIrfA==
Content-Type
application/javascript
x-goog-generation
1583328713859007
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
12107
CF-RAY
57238865d8c1e007-FRA
Expires
Wed, 11 Mar 2020 11:23:55 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:14:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP
51.254.41.128/26
ETag
"-139234964"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
32087
Content-Type
text/javascript
X-CDN-Pop
rbx1
Accept-Ranges
bytes
Content-Length
4525
X-Request-ID
332628519
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
fac.php
deloplen.com/ Frame A9E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://deloplen.com/fac.php
Requested by
Host: deloplen.com
URL: http://deloplen.com/apu.php?zoneid=2685475
Protocol
HTTP/1.1
Server
88.85.82.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
deloplen.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.bfst.xyz/one.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
OAID=8df65e0c85d14b53b53200547cb10cd0; oaidts=1583911434
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.bfst.xyz/one.php

Response headers

Server
nginx
Date
Wed, 11 Mar 2020 07:23:55 GMT
Content-Type
text/html; charset=utf8
Content-Length
203
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id
423edf33af12cdc825ba5616d4ec9433
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*
/
c.adsco.re/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66e0ae4a3a7b8e6a280d5b512ba4dcf43afb3ae8862fed33266a038cbe1f154

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:55 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Alt-Svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Server
cloudflare
Age
422542
ETag
"a73Qdnp6tbMta3RY0Wgotw=="
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=43200,public,immutable,no-transform
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57238866b918d719-FRA
Link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
Expires
Fri, 06 Mar 2020 22:01:32 GMT
Cookie set identify.html
ufpcdn.com/script/ Frame 46CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
2606:4700:3034::6812:3647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
ufpcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.bfst.xyz/one.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.bfst.xyz/one.php

Response headers

Date
Wed, 11 Mar 2020 07:23:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=de9607356bcce3740b3d332e02ac025b41583911435; expires=Fri, 10-Apr-20 07:23:55 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
57238866d8e7d6bd-FRA
Content-Encoding
gzip
index.m3u8
cdn3.bfst.xyz/live/a/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
http://cdn3.bfst.xyz/live/a/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.102.153.117 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
117.153.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
http://www.bfst.xyz
Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
0.php
s4.histats.com/stats/ 		51 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s4.histats.com/stats/0.php?4275943&@f16&@g1&@h1&@i1&@j1583911435325&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-94306048&@b3:1583911435&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Fwww.bfst.xyz%2Fone.php&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
192.99.13.63 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns504751.ip-192-99-13.net
Software
/
Resource Hash
76a17f761d0cdd23a4c32a4cf2dabc291a849a4f813444678fb60d30b0a4b084

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:55 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
/
6.adsco.re/ 		0
632 B 		Other
General
Check archive.org
Download Go to
Full URL
http://6.adsco.re/
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:55 GMT
Content-Encoding
gzip
Alt-Svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Server
cloudflare
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
max-age=600,public,immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
57238866dd49c26d-FRA
Access-Control-Allow-Headers
Content-Type
t
adsco.re/ 		67 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adsco.re/t
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67

Request headers

Origin
http://www.bfst.xyz
Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:55 GMT
Access-Control-Max-Age
2592000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.bfst.xyz
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
/
6.adsco.re/ 		53 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://6.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Origin
http://www.bfst.xyz
Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:55 GMT
Content-Encoding
gzip
Server
cloudflare
Access-Control-Allow-Headers
Content-Type
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
http://www.bfst.xyz
Access-Control-Max-Age
2592000
Cache-Control
max-age=600,public,immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
572388672ed6974e-FRA
Alt-Svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
/
rvorxq0hqmnw.l.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rvorxq0hqmnw.l.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.bfst.xyz/one.php
Origin
http://www.bfst.xyz
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:55 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
rvorxq0hqmnw.n.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rvorxq0hqmnw.n.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.bfst.xyz/one.php
Origin
http://www.bfst.xyz
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:55 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
rvorxq0hqmnw.s.adsco.re/ 		0
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rvorxq0hqmnw.s.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.bfst.xyz/one.php
Origin
http://www.bfst.xyz
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:56 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame F518 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://c.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
c.adsco.re
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.bfst.xyz/one.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.bfst.xyz/one.php

Response headers

Date
Wed, 11 Mar 2020 07:23:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=43200,public,immutable,no-transform
Link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
Expires
Fri, 06 Mar 2020 22:01:32 GMT
ETag
"a73Qdnp6tbMta3RY0Wgotw=="
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
422542
Alt-Svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
572388672fc50ebb-FRA
suurl.php
onclicksuper.com/script/ 		0
162 B 		Script
General
Check archive.org
Download Go to
Full URL
http://onclicksuper.com/script/suurl.php?r=2466091&cbrandom=0.3999558528333851&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=&cbref=&cbdescription=&cbkeywords=&cbcdn=celeritascdn.com
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
35.190.8.27 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
27.8.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 11 Mar 2020 07:23:55 GMT
Via
1.1 google
Referrer-Policy
no-referrer
Server
openresty
chrome.js
celeritascdn.com/script/ 		18 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://celeritascdn.com/script/chrome.js
Requested by
Host: www.bfst.xyz
URL: http://www.bfst.xyz/one.php
Protocol
HTTP/1.1
Server
2606:4700::6811:c46b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd185dfbf9ab9c108d634166de89aed49aa428db7b7a50d7eb8e23faf81196ca

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Mar 2020 07:23:55 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
701
X-GUploader-UploadID
AEnB2Uq3O7XRoRoYiBT_l696OXBYFXNchowmoGIchLVozs4yI39_mU1QgfdM2MB6RVi3gMku5EGF0pkGjKhfWM9CLjFwOyr9wg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Thu, 31 Oct 2019 10:14:31 GMT
Server
cloudflare
ETag
W/"2990eae17895f67de9f4fbca62475041"
Vary
Accept-Encoding
x-goog-hash
crc32c=hVwIww==, md5=KZDq4XiV9n3p9PvKYkdQQQ==
Content-Type
application/javascript
x-goog-generation
1572516871888329
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
18777
CF-RAY
572388680f02dfe3-FRA
Expires
Wed, 11 Mar 2020 11:23:55 GMT
p
adsco.re/ 		360 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://adsco.re/p
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
8c011183bfda97d1939acfe8764101042d61be9114c73d281433d6973438be4e

Request headers

Origin
http://www.bfst.xyz
Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

AS-P-G
OK
Date
Wed, 11 Mar 2020 07:23:56 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK
Access-Control-Allow-Origin
http://www.bfst.xyz
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
c
serve.popads.net/ 		0
202 B 		Script
General
Check archive.org
Download Go to
Full URL
http://serve.popads.net/c?_=BAoAXmiSDAFeaJIMgAGBAsAAILrk3yF3W_X7dv_JA9SmFG6Zs7uWb1ee1l3brQys4jR1wQBGMEQCID9QtVUCEvdBBqn0m6Vti4PXLClcP--wGUY7hDZ5J33LAiBZgY1mlDEZEnEMsNThBpZnj8xDOmkOyW_60qRFl0592sIAIN_XBqkRuPQWJbwhh44-TJ4KmZGDXiKd8lVr83PUKy6nxAAQKgEE-AGSVBQAAAAAAAAAAsUAEIM591urdz-QFPzPcAlcO8nDAEYwRAIgL3M-tqr6jJBc2eoREIPf8IksgOdIGurDmuS3UyJlgPoCIB-WNGgmQEYFajMzVxmCDOoEGpDgfVMdQHNyjCasbD_S&v=4&siteId=3419797&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
216.21.13.10 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 11 Mar 2020 07:23:56 GMT
PopAds-EC
ASB
Connection
Keep-Alive
Content-Length
0
PopAds-CI
93
Content-Type
text/html; charset=UTF-8
index.m3u8
cdn3.bfst.xyz/live/a/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
http://cdn3.bfst.xyz/live/a/index.m3u8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Protocol
HTTP/1.1
Server
34.102.153.117 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
117.153.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
http://www.bfst.xyz
Referer
http://www.bfst.xyz/one.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _pop object| popjs object| Base64 function| pafban object| detectZoom object| PopAds object| _pao object| _0xa500 function| _c object| d string| k object| _nkm42nfo63 object| zfgformats function| setImmediate function| clearImmediate function| _xqsdvdn function| _ikrojlvw object| _0x3f76 function| _0x5339 object| adcashMacros object| zoneSett object| urls object| iceConfig object| _0x585b function| _0x1442 function| runAdblock object| _0x4c8a function| _0xddae function| acPrefetch object| CTABPu number| b function| Zepto function| $ object| Clappr function| LevelSelector boolean| cdnbyeloaded function| P2PEngine function| CDNByeClapprPlugin object| _Hasync object| playerElement object| player object| _wau function| onClickTrigger boolean| zfgloadedpopup string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_cps function| docReady object| _0x295e function| ufpAttach object| CTAMAT object| adcashUfp function| chfh function| chfh2 string| _HST_cntval object| Histats function| AdscoreInit number| a function| ed number| t number| newTime number| r number| g string| bt object| _0x10e2 object| Cnac object| stamat function| NqPnfu2224371385629289 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| _HistatsCounterGraphics_0_setValues

14 Cookies

Domain/Path Name / Value
deloplen.com/ Name: oaidts
Value: 1583911434
deloplen.com/ Name: OAID
Value: 8df65e0c85d14b53b53200547cb10cd0
.www.bfst.xyz/ Name: __PPU_BACKCLCK_2685475
Value: true
www.bfst.xyz/ Name: a
Value: Mbe5ibFlMesZDkFoQwFJFGb826rg2ZCB
www.bfst.xyz/ Name: HstPt4275943
Value: 1
www.bfst.xyz/ Name: HstCnv4275943
Value: 1
www.bfst.xyz/ Name: HstCla4275943
Value: 1583911435325
www.bfst.xyz/ Name: HstCfa4275943
Value: 1583911435325
www.bfst.xyz/ Name: adcashufpv3
Value: 1929262035594585449594758840
www.bfst.xyz/ Name: HstCns4275943
Value: 1
ufpcdn.com/ Name: adcashufpv3
Value: 1929262035594585449594758840
www.bfst.xyz/ Name: HstPn4275943
Value: 1
www.bfst.xyz/ Name: HstCmu4275943
Value: 1583911435325
.bfst.xyz/ Name: __cfduid
Value: d917f55db447eb3407b44ac5fae7e06911583911434

2 Console Messages

Source Level URL
Text
console-api log URL: http://c.adsco.re/(Line 13)
Message:
console-api log URL: http://c1.popads.net/pop.js(Line 44)
Message:
CI BAoAXmiSDAFeaJIMgAGBAsAAILrk3yF3W_X7dv_JA9SmFG6Zs7uWb1ee1l3brQys4jR1wQBGMEQCID9QtVUCEvdBBqn0m6Vti4PXLClcP--wGUY7hDZ5J33LAiBZgY1mlDEZEnEMsNThBpZnj8xDOmkOyW_60qRFl0592sIAIN_XBqkRuPQWJbwhh44-TJ4KmZGDXiKd8lVr83PUKy6nxAAQKgEE-AGSVBQAAAAAAAAAAsUAEIM591urdz-QFPzPcAlcO8nDAEYwRAIgL3M-tqr6jJBc2eoREIPf8IksgOdIGurDmuS3UyJlgPoCIB-WNGgmQEYFajMzVxmCDOoEGpDgfVMdQHNyjCasbD_S

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.adsco.re
adsco.re
c.adsco.re
c1.popads.net
cdn.jsdelivr.net
cdn3.bfst.xyz
celeritascdn.com
deloplen.com
onclicksuper.com
pl15164154.passeura.com
rvorxq0hqmnw.l.adsco.re
rvorxq0hqmnw.n.adsco.re
rvorxq0hqmnw.s.adsco.re
s10.histats.com
s4.histats.com
serve.popads.net
ufpcdn.com
waust.at
www.bfst.xyz
162.252.214.5
185.200.116.90
185.200.118.90
185.225.208.133
192.99.13.63
195.181.175.51
198.134.112.242
216.21.13.10
2606:4700:3034::6812:3647
2606:4700:3037::681b:bd12
2606:4700::6810:5914
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2606:4700::6811:c46b
34.102.153.117
35.190.8.27
38.132.109.186
46.105.201.240
88.85.82.189
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
1a965bae0e314dee75a07baf1e0c5ec657e9b3b956104d6ad77e8b50c4099948
1b0571ce88b8343afb0be777b3a3d9e06f1469f2e48a487c56319b8fc8c28e73
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
4ee2321843d0ce41723b85fa88153fc89ce5e5597ba3310fd2cf4c29208ece23
58e24525d977251efca741f1e23e7c27db7e61b055a08c9596f80db17d681798
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
76a17f761d0cdd23a4c32a4cf2dabc291a849a4f813444678fb60d30b0a4b084
8c011183bfda97d1939acfe8764101042d61be9114c73d281433d6973438be4e
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
b66e0ae4a3a7b8e6a280d5b512ba4dcf43afb3ae8862fed33266a038cbe1f154
bca959085da9295bdc51909bf8cd70a74fd19849ecc9879f7a62f22eff79d59f
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
cd185dfbf9ab9c108d634166de89aed49aa428db7b7a50d7eb8e23faf81196ca
ce60f4e35b1f1620ec5b5bcc3d32bd4951cce874d6628123f1c99ab6cd484c55
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67
e0435b7d2869ef2da9c06934a39e6d6428063d7b67756355e876700e6d49f0ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855