urlscan.io logo urlscan.io
SecurityTrails logo

claims-blum.com Open in urlscan Pro
2606:4700:3033::ac43:dfc3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://blumstsr.xyz/#ne
Effective URL: https://claims-blum.com/
Submission Tags: 0xscam
Submission: On September 18 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3033::ac43:dfc3, located in United States and belongs to CLOUDFLARENET, US. The main domain is claims-blum.com.
TLS certificate: Issued by WE1 on September 16th 2024. Valid for: 3 months.
This is the only time claims-blum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 188.114.96.3 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.18.94.41 13335 (CLOUDFLAR...)
2 5 172.67.223.195 13335 (CLOUDFLAR...)
1 104.18.95.41 13335 (CLOUDFLAR...)
14 6
5    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
blumstsr.xyz
2    2606:4700:3033::ac43:dfc3 (United States)

ASN13335 (CLOUDFLARENET, US)
claims-blum.com
1    104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
5    172.67.223.195 (United States)

ASN13335 (CLOUDFLARENET, US)
claims-blum.com
1    104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
7 claims-blum.com
claims-blum.com
102 KB
5 blumstsr.xyz
blumstsr.xyz
10 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3407
16 KB
14 3
Domain Requested by
7 claims-blum.com 2 redirects blumstsr.xyz
claims-blum.com
5 blumstsr.xyz 1 redirects blumstsr.xyz
2 challenges.cloudflare.com claims-blum.com
challenges.cloudflare.com
14 3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
blumstsr.xyz
WE1		 2024-09-16 -
2024-12-15		 3 months crt.sh
claims-blum.com
WE1		 2024-09-16 -
2024-12-15		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://claims-blum.com/
Frame ID: B114AD3A498E06F61D3B17570620622D
Requests: 10 HTTP requests in this frame

Frame: https://blumstsr.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js
Frame ID: FCB6CD40C56689EF95B0E94C2549EA5B
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vy8wl/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: ADA1FA6FC300C9B9E10EFF23641EC792
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Even geduld...

Page URL History Show full URLs

  1. https://blumstsr.xyz/ Page URL
  2. https://claims-blum.com/ Page URL

Page Statistics

14
Requests

57 %
HTTPS

20 %
IPv6

3
Domains

3
Subdomains

6
IPs

3
Countries

127 kB
Transfer

291 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://blumstsr.xyz/ Page URL
  2. https://claims-blum.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://blumstsr.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://blumstsr.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js
Request Chain 7
  • https://claims-blum.com/favicon.ico HTTP 302
  • https://claims-blum.com/
Request Chain 10
  • https://claims-blum.com/favicon.ico HTTP 302
  • https://claims-blum.com/

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
blumstsr.xyz/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blumstsr.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1f188a86a38f96071df57a6e7ef8db9166b5a503cd50f492f2c706680c60534d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c5233b23f1f9fdc-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 18 Sep 2024 14:59:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBfB1IkrAvPtC7%2FIzy1PWHeqO9%2Bqwx8QQV84zSavL%2Fxwc4M%2FqqPJzCqgu8tddtQTKNobUsT5W3SXSpvTmbN2sBs6O3mrudAShLUPqTxBe4JyrtRHZD9iwObRvS3FzmU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
x-powered-by
Express
speculation
blumstsr.xyz/cdn-cgi/ 		128 B
558 B 		Other
General
Check archive.org
Download Go to
Full URL
https://blumstsr.xyz/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://blumstsr.xyz
Referer
https://blumstsr.xyz/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ixhC%2Fb8ADNQzA4Ilz8j%2F6O256vQEdtFaU8ZEOFUCQBsNYTi4gHj4oT5LbJxa%2F1%2BUXeUMLuudpjsZmtFYFAHQ3Drhcce%2F5szhibvwEtkkmmRp%2F1OqN5XsyK%2B1MbEK6oI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5233b2f83a9fdc-AMS
access-control-allow-origin
https://blumstsr.xyz
alt-svc
h3=":443"; ma=86400
content-length
128
date
Wed, 18 Sep 2024 14:59:48 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
rocket-loader.min.js
blumstsr.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blumstsr.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: blumstsr.xyz
URL: https://blumstsr.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://blumstsr.xyz/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"66e7fb1c-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gHea2epS4zv%2FIuWRnNPzakADrA7gvPFHNM4YzCrAZFplZ3q9NhYRJ4lfgT2jzlQwVBwXNgzcKrIYd9JsEeK5KOVYx2xCBSpJ99h1vc9dIrOFsbvgqkvgLqPFRZkcTQ0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8c5233b2f83c9fdc-AMS
expires
Fri, 20 Sep 2024 14:59:48 GMT
date
Wed, 18 Sep 2024 14:59:48 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 09:32:12 GMT
server
cloudflare
vary
Accept-Encoding
custom-loading-script-riddance.js
blumstsr.xyz/ 		0
0
main.js
blumstsr.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/ Frame FCB6
Redirect Chain
  • https://blumstsr.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://blumstsr.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blumstsr.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQFGYGcFGu%2FKthXktFMIrtxEzupqAbDIPRuWqDxkYywNrdBQpY8ZyZ87JLhLf2EWAj225Ijpx0%2FsKxm47eRF5%2B%2FUQymbCu4Jp%2FN1ir6h0XX7Rnm1IrKdA18%2FWTY9%2BF4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8c5233b3691e9fdc-AMS
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 14:59:48 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ZXamq0eOnpRoQ8QChKh6TFWXoR8hiA2a%2B9XUYoQFUSUIB%2BztDTLeNbqcu99fD%2Fk2pGi%2FJh%2BSsR02KUp3KkbMYtTuSIHkGrdAKFgMnXlX5xYxoNtM0mo7UcQtmYz8j0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5233b338dd9fdc-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 14:59:48 GMT
vary
Accept-Encoding
server
cloudflare
Primary Request /
claims-blum.com/ 		19 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://claims-blum.com/
Requested by
Host: blumstsr.xyz
URL: https://blumstsr.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dfc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2fd3b50723cc3650dc670d8a8498a48eb8fdbc2135ce74a48b965b27717c8b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://blumstsr.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
gUPffY6Xx6uaI5U1rHD9D109IIdaNAyvM+zAfgBfqyqtA/4qC9SRn4cgoSzg5Ro0JxZSVCnFihs9oNsWghCVxGMaujVIhmsEBeK87RSDVKs=$mu/njhjyVTaGIlJ2/7XxOQ==
cf-mitigated
challenge
cf-ray
8c5233b4bb706700-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 18 Sep 2024 14:59:48 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hqp3egkM7Wl7ZaiTeOfb86kvMcJaiPbG3UfCNjESXGhVUvDOe2vIvib247xeIoOC%2Bnwomhf3pZ1zcsAMTwJU9yYTe0Kz9b2mkP3462c3ZmM13oBXsKvTF2yyMgbHhkFrfkUlL%2BGLMyLmMuUzcCw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
v1
claims-blum.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		160 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://claims-blum.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8c5233b4bb706700
Requested by
Host: claims-blum.com
URL: https://claims-blum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dfc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9163a86bc38fc89861904f2f7c2b76f38da10cc69a770685b1eecdbf1e8aff2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://claims-blum.com/?__cf_chl_rt_tk=ZwqfmRUMs0YPieGJ4Ukd01m_PCXlNTUjXN5CtBreX9k-1726671588-0.0.1.1-7124

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kjuX1Chv1ytEoCMdKb9AySTNFhOTHT79g7%2FxQt%2BMKeX46UcVXjbF6qen5uHXNI51naztUvUnCtsM4LLej6M20U%2FcBR%2B6ZU%2BhI%2F6BPs8KwyeD3xC1o28F5AZULPyAtsQ%2BXRny%2FEboS6G1Vx%2BVbrw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5233b55c276700-AMS
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 14:59:48 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/api.js?onload=tmrM1&render=explicit
Requested by
Host: claims-blum.com
URL: https://claims-blum.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8c5233b4bb706700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eae5159c56bf66c17e0cb002b25fc2e343f3e009dc2a39a7e230f08b7b8c672

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://claims-blum.com
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8c5233b75c7e1cbe-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 14:59:49 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 11 Sep 2024 15:58:53 GMT
server
cloudflare
vary
Accept-Encoding
/
claims-blum.com/
Redirect Chain
  • https://claims-blum.com/favicon.ico
  • https://claims-blum.com/
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claims-blum.com/
Requested by
Host: claims-blum.com
URL: https://claims-blum.com/
Protocol
H3
Server
172.67.223.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f501b858af54fd415131f0fd41d7491ee28ed243915447a2a2e862200a28b84f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://claims-blum.com/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGgBbwlQsI2%2FbcRKvk5RUPJkuzoPpVwGMTCmCj8k9hMmWgdZIMqw4op4Hq8SfTQVuboRQCSQM0uKUvEAfIIm1zYNF7wkJwIIlZQfX8XH9WXwjEpGIw207mEg3Ip96PqkBkE%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Wed, 18 Sep 2024 14:59:49 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
vjCitB8KDOpr9hvFo+tdqwkPsuJSckM0oHKDyc9JEw0lpIi9dSeFiVHSVY+9oDfXwgpo9vNTtuRMUwfffI53zmBAYeg5xsoo1SGp1AEfMGs=$BaneeX49pvdoZwI+79WQ3A==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8c5233b80ed49ff3-AMS
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
/
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vo%2B4jTwHdLeG%2BdJJc4ZChiaETzZ9HIepiIQS2w7pwDCyFpRGue51GLSvDhBPoxCOmeIx9lQtnbs%2FrMS8M8aGVo18XtSMunzWbvHm0M70X%2BBnC8Kws1kNvM%2B7MmopFUJvbkE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5233b73da59ff3-AMS
alt-svc
h3=":443"; ma=86400
content-length
23
date
Wed, 18 Sep 2024 14:59:49 GMT
content-type
text/plain; charset=utf-8
x-powered-by
Express
vary
Accept, Accept-Encoding
server
cloudflare
a807d553-9201-4640-b75e-1874b12113fe
https://claims-blum.com/ Frame 		0
0
d7a49eceeedf68a
claims-blum.com/cdn-cgi/challenge-platform/h/b/flow/ov1/717941142:1726669538:HBlylUX2YdPoeUY1Y2-g58RBPQCjojfh_e2gb8-JcRc/8c5233b4bb706700/ 		17 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://claims-blum.com/cdn-cgi/challenge-platform/h/b/flow/ov1/717941142:1726669538:HBlylUX2YdPoeUY1Y2-g58RBPQCjojfh_e2gb8-JcRc/8c5233b4bb706700/d7a49eceeedf68a
Requested by
Host: claims-blum.com
URL: https://claims-blum.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8c5233b4bb706700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.223.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cfc1f8a708a88c86bc789ca2f0b6b0b2a3e4789dfe7075f3def6090e4bf0f42

Request headers

Referer
https://claims-blum.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
d7a49eceeedf68a

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V75q86p93HupJ93l7Sn3N8gMRn5HND8WyW1V6o7bsirXwmhosRI8GDk5NJwkIKqc7j8ITTIEcmpW4nBfVrea89FybIQgDilmsxeIqy7EWuYIT%2Bb3Qn63CCmYvIkG%2BNOY4qc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5233b80ecc9ff3-AMS
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 14:59:49 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
jUZJqyb6LaNHQWOMThFr6NycYLzib38uwllAe3BNxjCDJOnjTwwRhlnYxx6iNLzTBYoCjH6m9A==$GOL1e1Tw00PoPqGz
server
cloudflare
/
claims-blum.com/
Redirect Chain
  • https://claims-blum.com/favicon.ico
  • https://claims-blum.com/
16 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://claims-blum.com/
Protocol
H3
Server
172.67.223.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
193f47c535fc78050332f89714d8110ae1074b6ee207a0700280bbec932808af
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://claims-blum.com/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMsiyQRoTORd0HHtDPy%2BOEx7ixSpt2pK%2BqwIkwJEiszd5X%2BtGm%2BU1eON%2BN62NTp5oJceo1mOPNqk3cX5yJ5w72PX8xbrv2KTMUYSWIXnFcLI5pRy%2BCbxQkx61kODFrlN83Y%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Wed, 18 Sep 2024 14:59:49 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
XJZz7+tuhlaMSNc/hIYENGLIRmVnWZugz2mWJNqia/05k1UiF4S59grazgqGBQN/pXPv2wyVk2AUyD/rdRGtWVzvG+5ZWjfDgBPYxVKXt+M=$PcXyRMDE7tAXUIW35w4Jag==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8c5233b968fa9ff3-AMS
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
/
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGvJzHrKFhWdQVJkWKHtEjHgF8WnuhDsTfrlDs0X4ruOpORbxHyvfiG0fyKUC3BHMpAHlJOJGtrpIjYBLBfVfOrlgIMibUeO8JK7E%2BRf51x3ddM%2BDx%2Btu0Bh218kXwrPT2E%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5233b88f7f9ff3-AMS
alt-svc
h3=":443"; ma=86400
content-length
23
date
Wed, 18 Sep 2024 14:59:49 GMT
content-type
text/plain; charset=utf-8
x-powered-by
Express
vary
Accept, Accept-Encoding
server
cloudflare
a5af1dd6-e84d-4e65-a240-54bf014fa7b1
https://claims-blum.com/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vy8wl/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame ADA1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vy8wl/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/api.js?onload=tmrM1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8c5233b99a1c0bb5-AMS
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 18 Sep 2024 14:59:49 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
blumstsr.xyz
URL
https://blumstsr.xyz/custom-loading-script-riddance.js
Domain
claims-blum.com
URL
blob:https://claims-blum.com/a807d553-9201-4640-b75e-1874b12113fe
Domain
claims-blum.com
URL
blob:https://claims-blum.com/a5af1dd6-e84d-4e65-a240-54bf014fa7b1

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| aFPe5 function| fVlBp1 function| tmrM1 boolean| NfjDe3 function| WEkH5 function| WgoI3 function| JJRHZ6 function| ciUn6 object| twswo3 object| DaPX4 object| dNWjt8 number| XVGd6 object| angular object| turnstile boolean| yTUQp3 string| UOFVA0 boolean| XMQxS5

1 Cookies

Domain/Path Name / Value
.blumstsr.xyz/ Name: cf_clearance
Value: AJtw_q4Td2VnvHm5QFeTzEvIhPkyB_BMqkqvhTNr1p0-1726671588-1.2.1.1-ClEandLDCEBTrY5y2ISxoE5ka7_62hXVD4mX35Rz774nOWNGns8XY6z8tyTmpJ2PvgsfgELd2HCWslBLnX0KaHzANIX239zlXvzG7C3L4M4uUkw81shOSHVbVSVeaft_0DoLa0N8313vIv.0kKLEBAiArhogtxHN1jFM16rKpLy00XqNezH8G6C6V655cW17LNBuj3VkMocGtwX434NB5W5gzTRislOR2asl1NB1ll0p3XhkarIWdwnPn37IeAUOXFoHLnzsDDZX4Agg1503ibHWLsxmNlmbmlYy8gUoORz_wE0q0u5gkw10wxAJlbe1nV0VtiZfVIbsQt14PlS4mOras2aDvvtgpEMC_xiGCD5tX549J88JH2XNinkfYPKv

3 Console Messages

Source Level URL
Text
network error URL: https://claims-blum.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://claims-blum.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://claims-blum.com/
Message:
Failed to load resource: the server responded with a status of 403 ()