urlscan.io logo urlscan.io
SecurityTrails logo

her.bs Open in urlscan Pro
208.109.232.214  Public Scan

Go To Rescan Add Verdict Report
URL: https://her.bs/css/
Submission: On November 11 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 8 HTTP transactions. The main IP is 208.109.232.214, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is her.bs.
TLS certificate: Issued by R11 on October 19th 2024. Valid for: 3 months.
This is the only time her.bs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 208.109.232.214 26496 (AS-26496-...)
1 151.101.129.91 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.64.147.160 13335 (CLOUDFLAR...)
1 108.138.36.101 16509 (AMAZON-02)
8 5
2    208.109.232.214 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 214.232.109.208.host.secureserver.net
her.bs
1    151.101.129.91 (San Francisco, United States)

ASN54113 (FASTLY, US)
t4.ftcdn.net
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    172.64.147.160 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixabay.com
1    108.138.36.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-101.muc50.r.cloudfront.net
media.istockphoto.com
Apex Domain
Subdomains		 Transfer
3 gstatic.com
encrypted-tbn0.gstatic.com
24 KB
2 her.bs
her.bs
2 KB
1 istockphoto.com
media.istockphoto.com — Cisco Umbrella Rank: 16091
27 KB
1 pixabay.com
cdn.pixabay.com — Cisco Umbrella Rank: 35643
43 KB
1 ftcdn.net
t4.ftcdn.net — Cisco Umbrella Rank: 23518
41 KB
8 5
Domain Requested by
3 encrypted-tbn0.gstatic.com her.bs
2 her.bs
1 media.istockphoto.com her.bs
1 cdn.pixabay.com her.bs
1 t4.ftcdn.net her.bs
8 5

This site contains no links.

Subject Issuer Validity Valid
her.bs
R11		 2024-10-19 -
2025-01-17		 3 months crt.sh
*.ftcdn.net
R11		 2024-11-06 -
2025-02-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
pixabay.com
Cloudflare Inc ECC CA-3		 2024-02-12 -
2024-12-31		 a year crt.sh
media.gettyimages.com
Amazon RSA 2048 M03		 2024-01-11 -
2025-02-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://her.bs/css/
Frame ID: 1F4DEE40FCC83B4764AB0E826FC9F490
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Netflix CAPTCHA Verification

Page Statistics

8
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

137 kB
Transfer

138 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
her.bs/css/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://her.bs/css/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.109.232.214 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
214.232.109.208.host.secureserver.net
Software
Apache /
Resource Hash
83d3c05a19f4ba7e1105c7591a9a7691be201e8a41eb9aed6698a308a56edba1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-encoding
br
content-length
1496
content-type
text/html; charset=UTF-8
date
Mon, 11 Nov 2024 15:06:13 GMT
server
Apache
vary
Accept-Encoding
360_F_266724172_Iy8gdKgMa7XmrhYYxLCxyhx6J7070Pr8.jpg
t4.ftcdn.net/jpg/02/66/72/41/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t4.ftcdn.net/jpg/02/66/72/41/360_F_266724172_Iy8gdKgMa7XmrhYYxLCxyhx6J7070Pr8.jpg
Requested by
Host: her.bs
URL: https://her.bs/css/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d6eb784ed534cd8871790f2cc9d9a58cddeaf7578fa58de50c459be96390a275
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://her.bs/

Response headers

strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
etag
"042dc758e67c807683d8f7cb3a064fd3"
age
528270
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
41304
date
Mon, 11 Nov 2024 15:06:14 GMT
last-modified
Fri, 31 Jan 2020 21:35:23 GMT
content-type
image/jpeg
x-served-by
cache-lhr-egll1980094-LHR, cache-lin1730066-LIN
x-cache-hits
52, 0
images
encrypted-tbn0.gstatic.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQqxlDun0EWp8OiGTXoelcBkuM7BiifKAflkw&s
Requested by
Host: her.bs
URL: https://her.bs/css/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec23eba676ac85bc354a3699333981d2b23d73e789a53b3df6542a57c77a4d3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://her.bs/

Response headers

age
24971
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options
nosniff
expires
Tue, 11 Nov 2025 08:10:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 08:10:04 GMT
last-modified
Tue, 26 Nov 2024 22:19:00 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
content-length
6000
x-xss-protection
0
server
sffe
images
encrypted-tbn0.gstatic.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQEhTIVb-MSqzw0kwIQz2MB3WkbV0-dUDo5Fg&sv
Requested by
Host: her.bs
URL: https://her.bs/css/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48bfabf1abe8097bc3cac920a8bc337c4bd51f587cca04880835c20e5b6a6496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://her.bs/

Response headers

age
72
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options
nosniff
expires
Tue, 11 Nov 2025 15:05:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:05:03 GMT
last-modified
Thu, 07 Dec 2023 19:42:58 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
content-length
7038
x-xss-protection
0
server
sffe
european-shorthair-8601492_640.jpg
cdn.pixabay.com/photo/2024/02/28/07/42/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixabay.com/photo/2024/02/28/07/42/european-shorthair-8601492_640.jpg
Requested by
Host: her.bs
URL: https://her.bs/css/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e25b93d40c6c53c3f7f41f131cfc967ca12642ad3b610a6f554b76b96c9d830

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://her.bs/

Response headers

cf-cache-status
HIT
etag
"b2559159847c85143de926ad6b89e11c"
age
13636379
cf-bgj
imgq:85,h2pri
x-amz-version-id
wYutcKgjsR8WgKKbRIWqksh8txy5qQEt
expires
Tue, 11 Nov 2025 15:06:15 GMT
cf-polished
degrade=85, origSize=71042, status=webp_bigger
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 15:06:15 GMT
content-type
image/jpeg
last-modified
Wed, 28 Feb 2024 12:48:47 GMT
vary
Accept-Encoding
x-amz-id-2
gQRtd1BQcp9eBz7A+d3zmrzfX1FpnEi2jjkSonidRSH2dYNxYNBckvHjP6k3G+4WpnbIibbUlR0=
x-amz-replication-status
FAILED
cache-control
public, max-age=31536000, s-maxage=31536000
cf-ray
8e0f2f63e8dcbc12-ZRH
x-amz-request-id
1PSXT1KDM4W3XR4H
accept-ranges
bytes
access-control-allow-origin
*
content-length
43410
server
cloudflare
x-amz-server-side-encryption
AES256
images
encrypted-tbn0.gstatic.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRI2RLOBO8DYvk8aAUNEs6DJzCJzlgHT7HfAg&s
Requested by
Host: her.bs
URL: https://her.bs/css/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
307ab4b87587e44cd23d6a22d24011f8c5eb45eacf620872a7c410d5c80e8985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://her.bs/

Response headers

age
72
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options
nosniff
expires
Tue, 11 Nov 2025 15:05:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 15:05:03 GMT
last-modified
Thu, 15 Feb 2024 09:29:20 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
content-length
10877
x-xss-protection
0
server
sffe
cute-ginger-cat.jpg
media.istockphoto.com/id/1443562748/photo/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.istockphoto.com/id/1443562748/photo/cute-ginger-cat.jpg?s=612x612&w=0&k=20&c=vvM97wWz-hMj7DLzfpYRmY2VswTqcFEKkC437hxm3Cg=
Requested by
Host: her.bs
URL: https://her.bs/css/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-101.muc50.r.cloudfront.net
Software
Kestrel /
Resource Hash
835d819c3a13a5d279caaab014d15b95f792587b79c591fa5669d479f395fba1

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://her.bs/

Response headers

X-Amz-Cf-Pop
MUC50-P2
X-Amz-Cf-Id
0KaegRDzi0xqeblA615HMW6IDgu8MQDHReKQXh7t-kzQ4u6DhojGVQ==
Cache-Control
public, max-age=7776000
Age
4625841
Connection
keep-alive
Via
1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Cache
Hit from cloudfront
Content-Length
27453
Alt-Svc
h3=":443"; ma=86400
Date
Thu, 19 Sep 2024 02:08:54 GMT
Content-Type
image/jpeg
Last-Modified
Thu, 19 Sep 2024 02:08:54 GMT
Server
Kestrel
Content-Disposition
inline; filename=istockphoto-1443562748-612x612.jpg
favicon.ico
her.bs/ 		315 B
388 B 		Other
General
Check archive.org
Download Go to
Full URL
https://her.bs/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.109.232.214 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
214.232.109.208.host.secureserver.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://her.bs/css/

Response headers

content-length
315
date
Mon, 11 Nov 2024 15:06:15 GMT
content-type
text/html; charset=iso-8859-1
server
Apache

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| selectImage function| submitCaptcha

1 Cookies

Domain/Path Name / Value
.pixabay.com/ Name: __cf_bm
Value: fWwc38IQAyB9EeG65y2PHrpkfF9uxbzzlBrIyuAE7DE-1731337575-1.0.1.1-SuXPlWXqtO0tZKf7o61H5lNxeCVUZv.dCsUcLxIgpz0DvTQTTGxybTD14H3zSCyssazwtxFBhfPllglpciUULQ

1 Console Messages

Source Level URL
Text
network error URL: https://her.bs/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()