bemydd.com Open in urlscan Pro
172.67.171.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xoilac15.live/#ce
Effective URL:
https://bemydd.com/
Submission Tags: 0xscam
Submission: On December 23 via api (December 23rd 2024, 4:46:26 am UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 172.67.171.218, located in United States and belongs to CLOUDFLARENET, US. The main domain is bemydd.com.
TLS certificate: Issued by WE1 on December 21st 2024. Valid for: 3 months.

This is the only time bemydd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.48.1 104.21.48.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.21.32.1 104.21.32.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	172.67.171.218 172.67.171.218	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.18.94.41 104.18.94.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	3

1 104.21.48.1 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xoilac15.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.32.1 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ucreconomicforecast.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.171.218 (United States)

ASN13335 (CLOUDFLARENET, US)

bemydd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	bemydd.com bemydd.com	141 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 3147	16 KB
1	ucreconomicforecast.org 1 redirects ucreconomicforecast.org	496 B
1	xoilac15.live 1 redirects xoilac15.live	487 B
20	4

	Domain	Requested by
12	bemydd.com	bemydd.com
4	challenges.cloudflare.com	bemydd.com challenges.cloudflare.com
1	ucreconomicforecast.org	1 redirects
1	xoilac15.live	1 redirects
20	4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
bemydd.com WE1	`2024-12-21` - `2025-03-21`	3 months	crt.sh
challenges.cloudflare.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://bemydd.com/
Frame ID: 37735CC511604B0F5FFAD6E4F3879978
Requests: 14 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jo2hc/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 3FE4031795305D0BFB4557ECF9A029D2
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/cryta/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 98B7B76E0042CD0CF88299A48FD845FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nur einen Moment…

Page URL History Show full URLs

https://xoilac15.live/ HTTP 301
https://ucreconomicforecast.org/ HTTP 301
https://bemydd.com/ Page URL
https://bemydd.com/ Page URL

Page Statistics

20
Requests

80 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

157 kB
Transfer

355 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=j
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xoilac15.live/ HTTP 301
https://ucreconomicforecast.org/ HTTP 301
https://bemydd.com/ Page URL
https://bemydd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://xoilac15.live/ HTTP 301
https://ucreconomicforecast.org/ HTTP 301
https://bemydd.com/

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

403

/ Show response
bemydd.com/
Redirect Chain

https://xoilac15.live/
https://ucreconomicforecast.org/
https://bemydd.com/

10 KB
8 KB

48ms
23ms

Document
text/html

172.67.171.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemydd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.171.218 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f366b19f93f6e9261b38891dca6728a87657dec29e02bb5fc8b49007fa40642a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: nNTtudESnB5qzkKq4ZL9xjI9Nl4rncZXHigkgYJPow+PlJH95v+aHH9uE56NmdKK0UiEdESg/Ce5RycFGUMoKM4C9P8KtOHSHXOFgWAq2hXt0EDPWIXwU5IGfPtJjDjLP3ay+hQq1l28aISqrpdgFA==$18Ix1PHMsa05daDtlNzsSg==
cf-mitigated: challenge
cf-ray: 8f65b5202c96d2e6-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Mon, 23 Dec 2024 04:46:22 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority: u=0,i
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4MQC6AJZqJeCWN3GU2iuRyiUDD1GLdpWZnjErTygsyV9kNRCBb84HX%2B9zn%2BgmRLipYSTVPmMolOKnwcPdGILMAFihpQrRVDQvmnRMAR4J4wiA5dFZiHraUGI2qWX"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=8749&min_rtt=8529&rtt_var=3355&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4138&recv_bytes=4347&delivery_rate=306520&cwnd=12000&unsent_bytes=0&cid=b551e1ac68201096&ts=18&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 8f65b51fd99d2ba3-FRA
content-length: 167
content-type: text/html
date: Mon, 23 Dec 2024 04:46:22 GMT
expires: Mon, 23 Dec 2024 05:46:22 GMT
location: https://bemydd.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VU5otGUdDVRB9hlckcmkP8%2BeLO7kTyVP8bGVOhlI%2BopfyMt7SM%2BLgorC2TMj0M%2FM3bBFbL0StYS8ywUijPiXZ3C3ZhQ61N6dVvJJ5aSie%2FRnF5SOfI2Jk8cYB1rufbToImFFfwuYV9PGew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 v1 Show response
bemydd.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 92 KB
37 KB 14ms
14ms Script
application/javascript 172.67.171.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bemydd.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f65b5202c96d2e6
Requested by: Host: bemydd.com
URL: https://bemydd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.171.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f544f86f1c6e20575e9247dca41d177594fa7dbc44c559f1085918c0ce9064e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bemydd.com/?__cf_chl_rt_tk=A2SGy1l8P8UvDTMtTDUrYAc_WgRe4sPxUPwbGTmE82Q-1734929182-1.0.1.1-iN98CVwpLKMk7Se5EEfGvvI5ErRDcjZH0ZGKAedo6wk

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUlZJspw1jKJtQY0tFA0HRaaUmlcihnrhEKls1wikytx6KPUcDLYXsFZAH7DLrVeYzWjYD2KYOdvptDD%2BhQ1sA4mCBx18L8GOOqbT%2FickvcnPQB2LPNFqdWSpNKz"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f65b5206cf1d2e6-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15813&min_rtt=8529&rtt_var=7829&sent=21&recv=14&lost=0&retrans=0&sent_bytes=13065&recv_bytes=5008&delivery_rate=461524&cwnd=12000&unsent_bytes=0&cid=b551e1ac68201096&ts=60&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 23 Dec 2024 04:46:22 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET f1fa5c86-ee30-4dc8-a04e-0967d7e0f7d4
https://bemydd.com/ Frame 0
0

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/ 47 KB
16 KB 44ms
27ms Script
application/javascript 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit
Requested by: Host: bemydd.com
URL: https://bemydd.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f65b5202c96d2e6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bemydd.com
Referer

Response headers

server: cloudflare
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 8f65b520dfadd2b7-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 23 Dec 2024 04:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 10 Dec 2024 17:31:41 GMT
vary: Accept-Encoding
priority: u=3,i=?0

GET
H3 403 favicon.ico
bemydd.com/ 7 KB
7 KB 14ms
13ms Image
text/html 172.67.171.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemydd.com/favicon.ico

Requested by

Host: bemydd.com
URL: https://bemydd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.171.218 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa0fdc46d5feffc9502fec03449f1ae7c098117e8361718ef5979dc7bcc86bb2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bemydd.com/

Response headers

content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQSafEsEEvM8j5fVrRttVlgfB8rZey2c1yX2RToez67Uwl%2Btro86I7TFgJ4KBSg6qLVXRpEz7iUI2lpKO1FSJ3S%2FtS5SzllCV8ptdIsyTR%2FN4jT5oFEJpxs8ZeCt"}],"group":"cf-nel","max_age":604800}
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15446&min_rtt=8529&rtt_var=5372&sent=57&recv=33&lost=0&retrans=0&sent_bytes=51804&recv_bytes=6110&delivery_rate=1014055&cwnd=27900&unsent_bytes=0&cid=b551e1ac68201096&ts=118&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options: nosniff
date: Mon, 23 Dec 2024 04:46:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: jhUisvLTfQ3Jkmk1akCYID2pP/QXOAlcgCZVRnOwtfoiIyCl3zRhDfhEVWe3XAPWEfUyfpvS2PSpXlinWzvTSHXZ09ssgDp6RGUTrUHV8IaZknG1mwiFqLVcXafSoSwiESVsEQDLOvp8lCmaGKNnmQ==$U+HflSdlWZ5d6B3xq/DXfA==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8f65b520cd89d2e6-FRA
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

GET
H3 403 favicon.ico
bemydd.com/ 7 KB
7 KB 32ms
31ms Other
text/html 172.67.171.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemydd.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.171.218 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dd385b9dc1a31c964185173817822e34610ce249b1bcd9f66250e4dba205b69

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bemydd.com/

Response headers

content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KOCRt4QVfxmxUWFb%2BdbZRoqSIeYsnHGd0o%2FDq4Rl6UmRLqo8woZ4e2iLwRtqUvPPijDs9QbrSLzxcVLZzVzVbTqVjAdmeMcGKvSxoe9yxWaN%2Bh1EYzjwXqPJOS9x"}],"group":"cf-nel","max_age":604800}
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14544&min_rtt=8529&rtt_var=3089&sent=65&recv=38&lost=0&retrans=0&sent_bytes=58815&recv_bytes=6620&delivery_rate=501804&cwnd=27900&unsent_bytes=0&cid=b551e1ac68201096&ts=172&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options: nosniff
date: Mon, 23 Dec 2024 04:46:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: CUsoC762yxIsESLuL27jWpzvmMgpQ2pkzgGm6ZJBb0PzocL/bfxZCAswWw0NAJnWwXqDeKuIAIEijzxU0bf4uKfLC3h+N1AxPc/fPHYxQOHGzzt71qG8Zvg+mUpdhuypXch9K1Dz5qQxQ+EsWe+IfQ==$4xrv1V+n+BbGo3Fg4I+qhg==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8f65b5211df3d2e6-FRA
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

POST
H3 200 3i13HGS3EOMIrLA2VJYOQxo9AdN.PVtneUfjZvBjc08-1734929182-1.2.1.1-Zy5AkVSIjEsuWXtsyfOdshE2pVJVsuVWUwWZcQItP4Vr_CEX0RZxzdx1ZfeWRwH8 Show response
bemydd.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1265279133:1734927114:3zssM_v9TVEyY_nm_udXHL8ItVl1nc_zp0Q9HCgyYLw/8f65b5202c96d2e6/ 13 KB
9 KB 42ms
41ms XHR
text/plain 172.67.171.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bemydd.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1265279133:1734927114:3zssM_v9TVEyY_nm_udXHL8ItVl1nc_zp0Q9HCgyYLw/8f65b5202c96d2e6/3i13HGS3EOMIrLA2VJYOQxo9AdN.PVtneUfjZvBjc08-1734929182-1.2.1.1-Zy5AkVSIjEsuWXtsyfOdshE2pVJVsuVWUwWZcQItP4Vr_CEX0RZxzdx1ZfeWRwH8
Requested by: Host: bemydd.com
URL: https://bemydd.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f65b5202c96d2e6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.171.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d8b73a45326499063c98f40545a42c06af5654c822d9dc51479f76a23b264f6

Request headers

Referer: https://bemydd.com/
CF-Chl-RetryAttempt: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3i13HGS3EOMIrLA2VJYOQxo9AdN.PVtneUfjZvBjc08-1734929182-1.2.1.1-Zy5AkVSIjEsuWXtsyfOdshE2pVJVsuVWUwWZcQItP4Vr_CEX0RZxzdx1ZfeWRwH8

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UeECvUculPiwD6B4eJrLBVxJdoaMEiTxcxJ7%2BRYE8w3SbwIP15waR1jPbZ3fnxKvCDJnOT5ckY2NxYUWcpu5tcItOUpTTC8DAa6ik8xG%2FK2T2tcjX3%2F%2Fl0FgVgFF"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f65b5216e6ad2e6-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18945&min_rtt=8529&rtt_var=6941&sent=73&recv=46&lost=0&retrans=0&sent_bytes=65841&recv_bytes=10789&delivery_rate=288216&cwnd=27900&unsent_bytes=0&cid=b551e1ac68201096&ts=232&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 23 Dec 2024 04:46:22 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Ms974+jT2wl24W9x5DFFvHrhW75UDpEKW57dtRwhw/RSzfSGutE02ememcP2fZEgag9VSZDUNGs=$G1l1Hbbpv1iR07c5
server: cloudflare
priority: u=1,i

GET 650ff110-bb27-4c4f-8afe-67ec66864a30
https://bemydd.com/ Frame 0
0

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jo2hc/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 3FE4 0
0 77ms
40ms Document
text/html 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jo2hc/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8f65b521fea72bd1-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 23 Dec 2024 04:46:23 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority: u=0,i
referrer-policy: same-origin
server: cloudflare
server-timing: cfExtPri

POST
H3 200 3i13HGS3EOMIrLA2VJYOQxo9AdN.PVtneUfjZvBjc08-1734929182-1.2.1.1-Zy5AkVSIjEsuWXtsyfOdshE2pVJVsuVWUwWZcQItP4Vr_CEX0RZxzdx1ZfeWRwH8 Show response
bemydd.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1265279133:1734927114:3zssM_v9TVEyY_nm_udXHL8ItVl1nc_zp0Q9HCgyYLw/8f65b5202c96d2e6/ 2 KB
3 KB 21ms
19ms XHR
text/html 172.67.171.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bemydd.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1265279133:1734927114:3zssM_v9TVEyY_nm_udXHL8ItVl1nc_zp0Q9HCgyYLw/8f65b5202c96d2e6/3i13HGS3EOMIrLA2VJYOQxo9AdN.PVtneUfjZvBjc08-1734929182-1.2.1.1-Zy5AkVSIjEsuWXtsyfOdshE2pVJVsuVWUwWZcQItP4Vr_CEX0RZxzdx1ZfeWRwH8
Requested by: Host: bemydd.com
URL: https://bemydd.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f65b5202c96d2e6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.171.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69c76000c97976666192797be2eefc94d4f89347e94682eb529c21b133fe9ae

Request headers

Referer: https://bemydd.com/
CF-Chl-RetryAttempt: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
CF-Challenge: 3i13HGS3EOMIrLA2VJYOQxo9AdN.PVtneUfjZvBjc08-1734929182-1.2.1.1-Zy5AkVSIjEsuWXtsyfOdshE2pVJVsuVWUwWZcQItP4Vr_CEX0RZxzdx1ZfeWRwH8

Response headers

cf-chl-out: 5LDv3kKdf9n/53Kpp1Zdm2zpG56gIuv2xHxBXmlGzT9pcvpjI3bNHVgaKoXaz/y/OQ3OSk94HIG7UYEkbeqGFce7YA0BYNUTZGwAlmuimgTb5FOAv5v0oig=$4oRs3acT0SZsOvOM
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XiDLlt%2FHC%2F4PnNAH79ED3W2mgAcqfR8Xc4wIhPgaFLGgpLTLK1NdmS6HeMXXcMs1ApYBR%2BYfnfrI0V23GbvUrhH518Ro6nKr%2FtDGVsxzzc6FyOckHKASwgmaAjFt"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f65b5254af8d2e6-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23845&min_rtt=8529&rtt_var=7725&sent=88&recv=56&lost=0&retrans=1&sent_bytes=75785&recv_bytes=15768&delivery_rate=2605&cwnd=27900&unsent_bytes=0&cid=b551e1ac68201096&ts=844&x=1", cfExtPri, cfHdrFlush;dur=0
cf-chl-out-s: cigxNwXbYX+RHnOA34ZeFHvXU/5KQiZRJB1GlSq1JFRR/SoZpmSZg+w36yAh7IdosBzykzlp9gtlRtjOyWxtrvRxPDCRF5C3lYLjgTGdTeXy/AGldkbnTRB9gjAk7BNa3rtepb8k4zBsordrYyVRZM4EHP4cR0SRkqcOpAqCdmYEYOBj9T3xqr3zXJjWEEBSP5f5h/pLRe9W5QNrIw5XSfKfHdP/3KbbKU9QXezFY+4jJjSCY4N3pncG4V14VPMmQwvh7v3ixK5GJlT0BqlRJi0Xou0lcVd20pzXsIYGyHcKXm3LBXvxhnrsuA4pisk0B/cNzC6zr7EGo5b+V0/ktpld1SSbXJe0ZHJ06+SgRRZnkG9EOyY=$iloAig0QIkYiUky0
date: Mon, 23 Dec 2024 04:46:23 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 403 Primary Request / Show response
bemydd.com/ 7 KB
7 KB 20ms
19ms Document
text/html 172.67.171.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemydd.com/

Requested by

Host: bemydd.com
URL: https://bemydd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.171.218 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdad49c61787bdd7197a197d7c7628f96a98a4f65308b5064df135228e446814

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bemydd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: zK9/euGpvRH92bc9sG+hmASSv6IO6JgwKaL4X5vWLO0/Hhz0r8ArjyehJaEd1qLv+msZNc5HXkn5iqSYUTq3S08CdPULlQpUM2mFnfX8g3Q6n/uOSSOD9YP44Hk2NNYOL6sqy8dp9PN45ZDqHFf7ew==$3JD9vzPi/wjCNEDZ1ldfTw==
cf-mitigated: challenge
cf-ray: 8f65b5338ec8d2e6-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Mon, 23 Dec 2024 04:46:25 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority: u=0,i
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hqJjwzEygHjmsQt%2FUoj7wt7RIUV9PF1KeplJ0t50on8LNjim95R5MLF%2BfvLzpFWWxjAs%2BqibWxx3%2BRWbxPvDnKnYVGoaQJdnspTYrgTNrdoKLwvN7MrDYXhlhz1a"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=23166&min_rtt=8054&rtt_var=9895&sent=92&recv=59&lost=0&retrans=1&sent_bytes=78635&recv_bytes=16255&delivery_rate=150501&cwnd=27900&unsent_bytes=0&cid=b551e1ac68201096&ts=3123&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-options: nosniff
x-frame-options: SAMEORIGIN

GET
H3 200 v1 Show response
bemydd.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 92 KB
37 KB 15ms
15ms Script
application/javascript 172.67.171.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bemydd.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f65b5338ec8d2e6
Requested by: Host: bemydd.com
URL: https://bemydd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.171.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0331a83214a853716ebcdb735c57724cb48264c75a237ad8362fe2aa42dcd2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bemydd.com/?__cf_chl_rt_tk=GOvrxhCdpEs.mpgSZypoqGabbZ2v9qIg9ItRk8KolKA-1734929185-1.0.1.1-NQ_YHacsBMcXpdHxUP.xG7SSeaf9YqfGREK.SJ6d2yM

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69%2F7mDG%2Bz7mEO1iI%2Fj0IHA1H92LDrWp4iOCYCs212ZcLEL%2F5WRzdAsavkRGyJ3j4MonOn8JcEitRLk6IkC05tVEZfCTytNvWLIMMNBJWCrADXo%2Fd%2FBxl0O8Ur08y"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f65b533af1ed2e6-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18599&min_rtt=8054&rtt_var=9161&sent=100&recv=63&lost=0&retrans=1&sent_bytes=85687&recv_bytes=16804&delivery_rate=568274&cwnd=27900&unsent_bytes=0&cid=b551e1ac68201096&ts=3149&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 23 Dec 2024 04:46:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET 26553404-f051-4626-b75f-ea5b665bf227
https://bemydd.com/ Frame 0
0

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/ 47 KB
0 0ms
0ms Script
application/javascript 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit
Requested by: Host: bemydd.com
URL: https://bemydd.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f65b5338ec8d2e6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://bemydd.com
Referer

Response headers

server: cloudflare
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 8f65b520dfadd2b7-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 23 Dec 2024 04:46:22 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 10 Dec 2024 17:31:41 GMT
vary: Accept-Encoding
priority: u=3,i=?0

GET
H3 403 favicon.ico
bemydd.com/ 7 KB
7 KB 11ms
11ms Image
text/html 172.67.171.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bemydd.com/favicon.ico

Requested by

Host: bemydd.com
URL: https://bemydd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.171.218 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41153275fe872157af733676437c808a49ac769a81e61edcdde08120d0273d2e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bemydd.com/

Response headers

content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lec5IiEV27CqQlsNgiigHJNfpHH7GFXT9wffdfEkGEfXiX3SrX1S0lWu28bWfvxwGvP3q%2FHNuWkwgmuB9GiJNwEEMJlnFMZzva74s499acdCU43JBD5p3iW8ZXYU"}],"group":"cf-nel","max_age":604800}
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12933&min_rtt=7857&rtt_var=7021&sent=135&recv=70&lost=0&retrans=1&sent_bytes=124393&recv_bytes=17411&delivery_rate=2141995&cwnd=33900&unsent_bytes=0&cid=b551e1ac68201096&ts=3177&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options: nosniff
date: Mon, 23 Dec 2024 04:46:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: x1yJlMtLT6zpGlHWXDdJ/dxeQc37KnJiB3XT2lxPPFeNMkSzjPrGYmoVPpMAA3/HYhuTqQACc6MKsq299Bd9XZWjngRwa2nw6qabWTls/Rh9v3qmgHK+Ym+j2swOUrYkvFW9yKCw8OqS3qUjs5VNpA==$GsKKxNriXNmzX93RQGvwSw==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8f65b533ef62d2e6-FRA
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

GET
H3 403 favicon.ico
bemydd.com/ 7 KB
7 KB 22ms
22ms Other
text/html 172.67.171.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bemydd.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.171.218 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e5de2ac8f94535e75c469508c784eae96f49e15b3a96f92d8149790bc3e7468

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://bemydd.com/

Response headers

content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UMFvWpBSJOQiAZ%2FkxNWkPLIe9BayyktTLU8P%2Bo6GnlpzMEDlWv1sXPMJ8rQexX%2FhSuJMBBXQtgPF2biMDPzF6vE4J%2BHWaziaCXbCPpv4ca7NB7h%2BdY6Me2od2Fki"}],"group":"cf-nel","max_age":604800}
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12946&min_rtt=7857&rtt_var=5291&sent=143&recv=72&lost=0&retrans=1&sent_bytes=131451&recv_bytes=17806&delivery_rate=388361&cwnd=33900&unsent_bytes=0&cid=b551e1ac68201096&ts=3198&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options: nosniff
date: Mon, 23 Dec 2024 04:46:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: D8BWm6syaj+IXqPlPCT5wmUjh4gFPaA6BKx9yvNWjl8/KSPAf0toxjxNXDRWJxiGYuTGwIEgT7Wo7/v6XN0cNCLYvHY0+Kunxqed9L+sFvRj7OKyDcyqQ0Kym7C0ezfDUcEXD42APgNZuQb6VU/J5w==$V9/cQqlw7HOWmKhRJeVfxQ==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8f65b5340f8dd2e6-FRA
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

POST
H3 200 Bbg5ngG_uLwANzsi51rxb3uNtr_w0knb4610xTWnuXg-1734929185-1.2.1.1-1W66iEagBhnGp95yo3TimxRUfpr8r6E6N_8H7v6Lz8NfF.bZ8MB2x0P_uEaQWxCI Show response
bemydd.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1265279133:1734927114:3zssM_v9TVEyY_nm_udXHL8ItVl1nc_zp0Q9HCgyYLw/8f65b5338ec8d2e6/ 13 KB
9 KB 27ms
26ms XHR
text/plain 172.67.171.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bemydd.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1265279133:1734927114:3zssM_v9TVEyY_nm_udXHL8ItVl1nc_zp0Q9HCgyYLw/8f65b5338ec8d2e6/Bbg5ngG_uLwANzsi51rxb3uNtr_w0knb4610xTWnuXg-1734929185-1.2.1.1-1W66iEagBhnGp95yo3TimxRUfpr8r6E6N_8H7v6Lz8NfF.bZ8MB2x0P_uEaQWxCI
Requested by: Host: bemydd.com
URL: https://bemydd.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f65b5338ec8d2e6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.171.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89748146ab6614938d063e9523a3d6b17329a0e3d5ddd82028c821bd626a3791

Request headers

Referer: https://bemydd.com/
CF-Chl-RetryAttempt: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
CF-Challenge: Bbg5ngG_uLwANzsi51rxb3uNtr_w0knb4610xTWnuXg-1734929185-1.2.1.1-1W66iEagBhnGp95yo3TimxRUfpr8r6E6N_8H7v6Lz8NfF.bZ8MB2x0P_uEaQWxCI

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1536d8cAsUlUHpjWdHW0Z2AkGeke4X9jWEjbXWCTbnwgHGbz7hnET3zSXdC%2FahfjQnRie6nCe2uL4n%2B149fI%2Bw83LNWtC4lCjhOadLOg8%2B2xZQcokPHlareNxjoe"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f65b5348833d2e6-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13082&min_rtt=7857&rtt_var=4241&sent=154&recv=77&lost=0&retrans=1&sent_bytes=138560&recv_bytes=21882&delivery_rate=344260&cwnd=33900&unsent_bytes=0&cid=b551e1ac68201096&ts=3291&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 23 Dec 2024 04:46:26 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 0c5ejCudEoYN6PmmwFnj84RgyclZ7Oe+86GwABgiX0B/ZYi1EmQYw6SsIl9FTQDh/hEy4f93fkw=$uPVPILmGEpFAWnBw
server: cloudflare
priority: u=1,i

GET 0be71609-1acd-47c4-b46d-5b8078b8d6fd
https://bemydd.com/ Frame 0
0

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/cryta/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 98B7 0
0 24ms
23ms Document
text/html 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/cryta/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8f65b534ccd72bd1-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 23 Dec 2024 04:46:26 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority: u=0,i
referrer-policy: same-origin
server: cloudflare
server-timing: cfExtPri

POST
H3 200 Bbg5ngG_uLwANzsi51rxb3uNtr_w0knb4610xTWnuXg-1734929185-1.2.1.1-1W66iEagBhnGp95yo3TimxRUfpr8r6E6N_8H7v6Lz8NfF.bZ8MB2x0P_uEaQWxCI Show response
bemydd.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1265279133:1734927114:3zssM_v9TVEyY_nm_udXHL8ItVl1nc_zp0Q9HCgyYLw/8f65b5338ec8d2e6/ 2 KB
3 KB 21ms
20ms XHR
text/html 172.67.171.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bemydd.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1265279133:1734927114:3zssM_v9TVEyY_nm_udXHL8ItVl1nc_zp0Q9HCgyYLw/8f65b5338ec8d2e6/Bbg5ngG_uLwANzsi51rxb3uNtr_w0knb4610xTWnuXg-1734929185-1.2.1.1-1W66iEagBhnGp95yo3TimxRUfpr8r6E6N_8H7v6Lz8NfF.bZ8MB2x0P_uEaQWxCI
Requested by: Host: bemydd.com
URL: https://bemydd.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f65b5338ec8d2e6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.171.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a5c5f6aac8aa9371bee85ac0772327f1012eade4b524d3a827ec2a44416325

Request headers

Referer: https://bemydd.com/
CF-Chl-RetryAttempt: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
CF-Challenge: Bbg5ngG_uLwANzsi51rxb3uNtr_w0knb4610xTWnuXg-1734929185-1.2.1.1-1W66iEagBhnGp95yo3TimxRUfpr8r6E6N_8H7v6Lz8NfF.bZ8MB2x0P_uEaQWxCI

Response headers

cf-chl-out: +qsV2X+7qsZsFhXK+xM0dOzt9YFkqIGp70ekA7gRFPhiX6O5S9vw8UPQ+9kALQfOyjAM37Cyz+wRtHwrTWilOnmMhuZbUV0/cMbVi626Dgf0BB2tenstM/w=$mygi98iR67GPTEWy
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDM46x7fS0%2FvFrWPz%2F1E0cuYYGeC8L2Rfw7RVW483QxCjMGWyo5u9ezuRHZGbLeLTlMv0HGvWPT0SDv%2Fq6HK%2BOsDKi38HG36EfHfoUsEAz5kilCOWzC6QtqN6h5m"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f65b537ecf5d2e6-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13101&min_rtt=7857&rtt_var=3217&sent=168&recv=83&lost=0&retrans=1&sent_bytes=148411&recv_bytes=26711&delivery_rate=338889&cwnd=33900&unsent_bytes=0&cid=b551e1ac68201096&ts=3826&x=1", cfExtPri, cfHdrFlush;dur=0
cf-chl-out-s: FabnVo/TgLDsJsBTyE5sXZekleUgFUrcwWSwCdCeqFXtPZsu9y93jQH34KLIHWqCZ0snmnb8a+02n2tLwAm8NC1NWu3azuufRdwPVIZvmgkP+93kYLY4d0wIl+VUTMhShIQeEV4YsfvVr+2SVJ1ramX2b/8f/jMzR2tNXvBDgJAz0ZVc2/Ra0LE9kDt1YtUmuwMF2fWljC1uMYsr/cDPF0DPLPTThBv6yNdy2Dj1X9e1PcDnYEsIg3d+3NWL64hjZfjmJNYmMmzgW/HdLz2I9do+FZb7xHdv4LD1U61xoMi3gkON7iFtP3uL51nam5b5hR6JzNQj9BV6aI7CE4ztCS5Xq9kkroLIKJOh+RY4pqSyv2PwSAg=$REYKtDF2Cd5S5wfD
date: Mon, 23 Dec 2024 04:46:26 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
priority: u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bemydd.com
URL: blob:https://bemydd.com/f1fa5c86-ee30-4dc8-a04e-0967d7e0f7d4

Domain: bemydd.com
URL: blob:https://bemydd.com/650ff110-bb27-4c4f-8afe-67ec66864a30

Domain: bemydd.com
URL: blob:https://bemydd.com/26553404-f051-4626-b75f-ea5b665bf227

Domain: bemydd.com
URL: blob:https://bemydd.com/0be71609-1acd-47c4-b46d-5b8078b8d6fd

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bemydd.com/	1970-01-21 01:55:32	Name: cf_chl_rc_ni Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bemydd.com/#ce Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bemydd.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bemydd.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bemydd.com/#ce Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bemydd.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bemydd.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bemydd.com
challenges.cloudflare.com
ucreconomicforecast.org
xoilac15.live
bemydd.com
104.18.94.41
104.21.32.1
104.21.48.1
172.67.171.218
0dd385b9dc1a31c964185173817822e34610ce249b1bcd9f66250e4dba205b69
1e5de2ac8f94535e75c469508c784eae96f49e15b3a96f92d8149790bc3e7468
41153275fe872157af733676437c808a49ac769a81e61edcdde08120d0273d2e
5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d
6d8b73a45326499063c98f40545a42c06af5654c822d9dc51479f76a23b264f6
89748146ab6614938d063e9523a3d6b17329a0e3d5ddd82028c821bd626a3791
aa0fdc46d5feffc9502fec03449f1ae7c098117e8361718ef5979dc7bcc86bb2
c69c76000c97976666192797be2eefc94d4f89347e94682eb529c21b133fe9ae
d8a5c5f6aac8aa9371bee85ac0772327f1012eade4b524d3a827ec2a44416325
e0331a83214a853716ebcdb735c57724cb48264c75a237ad8362fe2aa42dcd2a
f366b19f93f6e9261b38891dca6728a87657dec29e02bb5fc8b49007fa40642a
f544f86f1c6e20575e9247dca41d177594fa7dbc44c559f1085918c0ce9064e5
fdad49c61787bdd7197a197d7c7628f96a98a4f65308b5064df135228e446814

bemydd.com Open in urlscan Pro 172.67.171.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

20 Requests

80 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

157 kBTransfer

355 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

1 Cookies

6 Console Messages

Security Headers

Indicators

bemydd.com Open in urlscan Pro
172.67.171.218 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

80 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

157 kB
Transfer

355 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions