urlscan.io logo urlscan.io
SecurityTrails logo

bsquared.claims Open in urlscan Pro
2606:4700:3032::6815:552f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bsyored.xyz/
Effective URL: https://bsquared.claims/
Submission Tags: 0xscam
Submission: On September 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3032::6815:552f, located in United States and belongs to CLOUDFLARENET, US. The main domain is bsquared.claims.
TLS certificate: Issued by WE1 on September 18th 2024. Valid for: 3 months.
This is the only time bsquared.claims was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700:303... 13335 (CLOUDFLAR...)
2 8 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
16 4
Apex Domain
Subdomains		 Transfer
8 bsquared.claims
bsquared.claims
89 KB
5 bsyored.xyz
bsyored.xyz
10 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3407
16 KB
16 3
Domain Requested by
8 bsquared.claims 2 redirects bsyored.xyz
bsquared.claims
5 bsyored.xyz 1 redirects bsyored.xyz
2 challenges.cloudflare.com bsquared.claims
challenges.cloudflare.com
16 3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
bsyored.xyz
WE1		 2024-09-18 -
2024-12-17		 3 months crt.sh
bsquared.claims
WE1		 2024-09-18 -
2024-12-17		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://bsquared.claims/
Frame ID: 2B57D783FAA25DA372E8A98AB476DF83
Requests: 11 HTTP requests in this frame

Frame: https://bsyored.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: 85748F24614A4FFFA02855DD906985BD
Requests: 2 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/twc1v/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: 5F1661ABD56A9D069D3FE60A1F5E3727
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nur einen Moment…

Page URL History Show full URLs

  1. https://bsyored.xyz/ Page URL
  2. https://bsquared.claims/ Page URL

Page Statistics

16
Requests

56 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

113 kB
Transfer

260 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bsyored.xyz/ Page URL
  2. https://bsquared.claims/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://bsyored.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://bsyored.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Request Chain 10
  • https://bsquared.claims/favicon.ico HTTP 302
  • https://bsquared.claims/
Request Chain 11
  • https://bsquared.claims/favicon.ico HTTP 302
  • https://bsquared.claims/

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bsyored.xyz/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bsyored.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8eae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c5a31655f8a65c5-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 19 Sep 2024 14:16:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VXLn6k8VfDS8qWIoiahktP7vdNgUfD9ykFCsXE1%2Fqb64vA3OQRohtSCtkmFibd%2FRHAG8wC%2BySF8zGLb%2BpsDRrqDQVFyKZuj8j7HlT3jYthzN5JdA6Lz%2Bi77ORE4JehM5dlc%2FFgo73Rs1Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
x-powered-by
Express
speculation
bsyored.xyz/cdn-cgi/ 		128 B
569 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bsyored.xyz/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8eae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bsyored.xyz
Referer
https://bsyored.xyz/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pRsCxkj6jTf%2B0Co4Qh83qeggC7uHCAdHZyiJKEjKJ6cBqGqS7APTy%2F4%2BBZ4nc30ulWibreTytVjnoZdSx9Spuvlk020nX5BG%2Bw8BTgFNn1fZj%2FZ9n8c1DD8jIhUxAh5xOUsmQXBauUi5mw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5a3165f86165c5-FRA
access-control-allow-origin
https://bsyored.xyz
alt-svc
h3=":443"; ma=86400
content-length
128
date
Thu, 19 Sep 2024 14:16:20 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
rocket-loader.min.js
bsyored.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bsyored.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: bsyored.xyz
URL: https://bsyored.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:8eae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bsyored.xyz/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"66e7fb1c-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPlD%2Bmft4hik1MclEzwwPZo6T92W3d3%2BxyhU9ek5nbu1xaTZ3APiD4crjca2kFdcvZmyJUOdQEApAQ1GO3GYUiGLfArubgwyjFpBgh%2BC5f2rBx15Q%2F2tM016C8wo8aXm%2FpLcXGq2wrcsxg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8c5a3165f86465c5-FRA
expires
Sat, 21 Sep 2024 14:16:20 GMT
date
Thu, 19 Sep 2024 14:16:20 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 09:32:12 GMT
server
cloudflare
vary
Accept-Encoding
custom-loading-script-riddance.js
bsyored.xyz/ 		0
0
main.js
bsyored.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame 8574
Redirect Chain
  • https://bsyored.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://bsyored.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bsyored.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
Protocol
H3
Server
2606:4700:3034::ac43:8eae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QylrwbqrsbpN%2Fx8fhPxFEYH%2BfrWeIoLUptrLyq6PDp2vD4PGjImdZX5xOZJy0tu7xZQlt2FwQq4oTZx8fl7tEogp8tS3T27qGpUmeG34vQaTdQXyCOPatLd0LIBXgrBXkDlt7c4bZyaYCw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8c5a316638b065c5-FRA
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 14:16:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zXp2JgDzVuce8SrNXgXzRyhbKHi5aL0tZfzRACHbHE5QBjITS5I%2Bx5q7VGmswn7eFZ6aGkoRfjOuOk94kru1KIaKuE5r4kKII1nAzjx6bONMqzHmEhDB5XDXLOgUIUsT59m%2BtuIvyawz9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5a3166288965c5-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 19 Sep 2024 14:16:20 GMT
vary
Accept-Encoding
server
cloudflare
Primary Request /
bsquared.claims/ 		11 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bsquared.claims/
Requested by
Host: bsyored.xyz
URL: https://bsyored.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:552f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9bf8252dfb35ca1c3c6ef901eb7c9dbbab2018307a9ec453d40064eef580d38
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://bsyored.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
ZWlrMynm5K/YYq/IyUKIt3itfH9HUCZknqN3K56VjBJLTbocWEgQBzM/GiZiLePdBS6t9zVcrS83rCdH3Nj3Tdfef5xT2jlT7M+mNCMyEbE=$dQeoIDWF6tTaIGnXt0qM3w==
cf-mitigated
challenge
cf-ray
8c5a31669f7cd268-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 19 Sep 2024 14:16:20 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sGjdNAm742X%2FfkZeBe8mkdt8P7qAgDT%2FhzSYY2iaLfG9GMbcn4aqDSaPBxB9YpL4e48ZPB1POL%2BWmqrx%2FKtl2uLISD6jQvm%2F3giiTlLa7I3ksfc1vgMpsQWDf2MlDTMTWx2xcndbLpT69SCIxOs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
8c5a31655f8a65c5
bsyored.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8574 		0
0
speculation
bsquared.claims/cdn-cgi/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://bsquared.claims/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:552f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bsquared.claims
Referer
https://bsquared.claims/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bABGciDVbgbxlHjszl9Yj8iM298Qi64Q1A%2Bcnhl%2BSP%2Bi60MpCf93gGz4xA2V2vYagsVW0S9AKPXbsdnj0ur9u99H7DZwPHZPP6mdYy2WgIFIp%2BHb%2F9WGoHZi58exI1%2BcXq8SWIN0RX5i4qJ5Kic%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Thu, 19 Sep 2024 14:16:20 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
33PByIVHw1tyxnWKUao5SgvWaakG1Lh3RdQfV2iw1HpRWUfuLTR0IUy6YCxHOK7HPEm4t13dj9oVktoCrE0f1kR75brwF95f4NCsDHMXXQE=$Vm1hUv2OXDE7fxVfEN/u7w==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8c5a3166cfefd268-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
v1
bsquared.claims/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bsquared.claims/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c5a31669f7cd268
Requested by
Host: bsquared.claims
URL: https://bsquared.claims/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:552f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d816ee20d71e2600cc6c52f47c98424535afce9ea05cf26ee787d53c2ace6516

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bsquared.claims/?__cf_chl_rt_tk=Oul7wp4Vw79ihjYZsl1mbjBRJm0k3dQnr5f22K5ELaY-1726755380-0.0.1.1-6697

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtCCqQXWQ4fXYS3IRv8LogxnEARZ9lAJd%2Bc20DcrS8J7sF%2FZSuLt8UANFI%2BW%2FUEQDbDxZx8b3kijvUZYzf8b6cM1s6PBk6kUEIjBOCRu623zllsIky6MRRBqMAY%2FIplDorIn%2FMkjVIusiqpfNWM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5a3166e832d268-FRA
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 14:16:20 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
93eb2084-b827-4541-afb2-3c946db377dc
https://bsquared.claims/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Requested by
Host: bsquared.claims
URL: https://bsquared.claims/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c5a31669f7cd268
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bd1c81d59d6ac2ec9f8ebe4937a315e85443667c5728a7cd9053848dd8d3d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bsquared.claims
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8c5a3167397471b8-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 14:16:20 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 17 Sep 2024 16:06:37 GMT
server
cloudflare
vary
Accept-Encoding
/
bsquared.claims/
Redirect Chain
  • https://bsquared.claims/favicon.ico
  • https://bsquared.claims/
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bsquared.claims/
Requested by
Host: bsquared.claims
URL: https://bsquared.claims/
Protocol
H3
Server
2606:4700:3032::6815:552f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9003ed055e511448082c5b9136282ed6007139e680cd48b8b291d53b0f15abc9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bsquared.claims/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AiIF0E%2FBSjSOaVrJ%2F7nlrLzOa%2BQl2cUTJ9j897fIR92JASY7Xl5uQwQ9F3e048N%2B7IbLqDGV83y3aYc3CzGg8cS4MBK0N6Syv%2Fsm9hQPjBdgqYSl8Qms%2F4muFUcXVIBBgnt35yKz2CvBVvzL0AE%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Thu, 19 Sep 2024 14:16:20 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
J6274f1J5oIdhj4WI/PcZgvd8V0/qXdmaflTNheBBfJggwRL4PblCy/QiykqSXU02Jm2JkGjlREuWvbV6guNAUHdrv6wY/OB5Ij+bUUtHpw=$64MPe0BTcHofxLt7QeEGLQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8c5a3167aaa6d268-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
/
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CD0oS71jzyC3Dt1skKmI%2FARrDn3aapyNuq9F1IejFS9t2w1lDmGLLuKSYCygt05f9%2BDVhqeEJTWNMcn5lEMmkJO6jhiJldx%2FC56cO0L1FciEs6%2FcU2UN6cdjInpNMmrdLqCODLgWTj%2Bxavb1EhA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5a31672912d268-FRA
alt-svc
h3=":443"; ma=86400
content-length
23
date
Thu, 19 Sep 2024 14:16:20 GMT
content-type
text/plain; charset=utf-8
x-powered-by
Express
vary
Accept, Accept-Encoding
server
cloudflare
/
bsquared.claims/
Redirect Chain
  • https://bsquared.claims/favicon.ico
  • https://bsquared.claims/
9 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bsquared.claims/
Protocol
H3
Server
2606:4700:3032::6815:552f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd7404527909816c5bab3742386c6ad5d01d76e26b3d3f9146ae607a71e1aec
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bsquared.claims/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YmBjZvevOauNMy9rsYLAx6rwMQN2X2F5Iaw1%2BD1%2FnmbpN%2Fqt2ChRfH1M5KtPVCRwPmEA2aXvm4LuAJhOZXA9gieekUaZzFYSQ7WZ9sNtRWquhPm4GKbFsq6lDOu0qhIBvNrGVQBOtIrTUfXlaXI%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Thu, 19 Sep 2024 14:16:20 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
LVcoyFzqddUzp6l9s3apsi4vJXrYgb9Grjy9NNmB8MD4tm7qhUqhUwTJ6H6R7ndP4oPXOKynopA9g/XxTLQiNgaq8pckvjVn22XxN4L1O9Q=$M1NX/OImBuM7PvXBMHVTig==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8c5a31682c1bd268-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare

Redirect headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
/
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VQZSSylFCwmU%2BZrc%2FJN4yMaa%2BfKG18pay0uQ1r2lAU%2Bz1ZtwEkJ9McIxE46m%2Bzg%2BcKJe09qI3rHr3risu23vn%2FQ5M%2FriiAxFbYI6XMwWLaZgPb0vSQjWCNDJd2mrPFzAzr0FAiP4XHI%2B2UHg7Pw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5a3167cb0dd268-FRA
alt-svc
h3=":443"; ma=86400
content-length
23
date
Thu, 19 Sep 2024 14:16:20 GMT
content-type
text/plain; charset=utf-8
x-powered-by
Express
vary
Accept, Accept-Encoding
server
cloudflare
8978b88c821382e
bsquared.claims/cdn-cgi/challenge-platform/h/g/flow/ov1/1308293403:1726751676:QSkTpL9hPojV75_hrS9LNmXUlKVjgV4TDKAt-5P3pdQ/8c5a31669f7cd268/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bsquared.claims/cdn-cgi/challenge-platform/h/g/flow/ov1/1308293403:1726751676:QSkTpL9hPojV75_hrS9LNmXUlKVjgV4TDKAt-5P3pdQ/8c5a31669f7cd268/8978b88c821382e
Requested by
Host: bsquared.claims
URL: https://bsquared.claims/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c5a31669f7cd268
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:552f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db57705743a5b1c765f140a0a77c540692a2adc29c8e11215ba4d17ab04eb70

Request headers

Referer
https://bsquared.claims/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
8978b88c821382e

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sfkqr48H7B99UHnx68bnCfjHKMUKeIAPRo46JTi2P%2B8zZbQ3bHSKY6pX6jwgbF1wE0T5fIr4SbhmRiUUfoLA0bIEOGhPB3rYR7VNaRmhjVPdeJD9vL8LXVNB%2FGdcswXKgPfxCnERsu15WMnrf%2Fg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c5a3167db26d268-FRA
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Sep 2024 14:16:20 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
T1cyaxKHK8FfU9xoHfIgqqpw+Pe+wsanSBEISHyFnJi9gPHILDnfVa8Av35ZUikqa7GSoWGkGQ==$KAOjmhDnxs5fVckw
server
cloudflare
e2249efe-59c4-4f87-b563-3014fbf8291d
https://bsquared.claims/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/twc1v/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 5F16 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/twc1v/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8c5a31683945d285-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 19 Sep 2024 14:16:20 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bsyored.xyz
URL
https://bsyored.xyz/custom-loading-script-riddance.js
Domain
bsyored.xyz
URL
https://bsyored.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8c5a31655f8a65c5
Domain
bsquared.claims
URL
blob:https://bsquared.claims/93eb2084-b827-4541-afb2-3c946db377dc
Domain
bsquared.claims
URL
blob:https://bsquared.claims/e2249efe-59c4-4f87-b563-3014fbf8291d

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| Jeuhg1 boolean| tlLrK2 function| KUjIx3 function| mpUaL2 function| FxOnr3 object| eXDlL4 object| YvPd6 function| TMMx5 function| Vguy6 function| Hvmr3 object| iHwxM3 number| OuWT7 object| angular object| ohry1 object| turnstile boolean| FrNBi5 string| HcTEI3 boolean| aFyRe6

1 Cookies

Domain/Path Name / Value
.bsyored.xyz/ Name: cf_clearance
Value: E1IBCEQFprjf.aIttXr2dPU1Kasieb63B7f.ELjrlvg-1726755380-1.2.1.1-cCs4HWyYPsyUXYpwtt2a3hdJBpFQpnJAhF8Xrodp5lJLUaYTUU8Djtiux8JFGM5w_3amhJZy5mbxt70XOt3wKH52fPgkpQExcXZBbeC_iBFQwZ.nrAjM_rG0EVA1GdyLoRyd9..YDdkzTc58HV1Kj0Cgf1uIJxiubK2uPUqwtIvoI6CGNImaQ0iMeA2k0G6TIOtegBAsHYTW_SRvhTAQaH5J81TeQAuDnQtYMdEGRlXuN_38rM2k2nhuww540YJyPkTFfGnHp.DyYSGRUrquQHjBllrXh4iQjw5eVZAR_d0.7jk.7wJ6cvQYFn92Y28CJC9kP3Xs6POmOxG_H3fRpHIlsjj_WSpCYIPErXIUWAmZSiUpNMRQdncDF_9tE0_6

5 Console Messages

Source Level URL
Text
network error URL: https://bsquared.claims/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bsquared.claims/cdn-cgi/speculation
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://bsquared.claims/?__cf_chl_rt_tk=Oul7wp4Vw79ihjYZsl1mbjBRJm0k3dQnr5f22K5ELaY-1726755380-0.0.1.1-6697
Message:
Load failed or canceled (net::ERR_ABORTED; HTTP status 403) for rule set requested from "https://bsquared.claims/cdn-cgi/speculation" found in Speculation-Rules header.
network error URL: https://bsquared.claims/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bsquared.claims/
Message:
Failed to load resource: the server responded with a status of 403 ()