urlscan.io logo urlscan.io
SecurityTrails logo

www.welcomebackbonus.com Open in urlscan Pro
172.67.204.31  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3LjgzFl
Effective URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Submission: On September 27 via manual from CO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 27 HTTP transactions. The main IP is 172.67.204.31, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.welcomebackbonus.com.
TLS certificate: Issued by WE1 on September 14th 2024. Valid for: 3 months.
This is the only time www.welcomebackbonus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
1 20 172.67.204.31 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.99 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 142.250.181.238 15169 (GOOGLE)
27 8
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    2606:4700:4400::ac40:9288 (United States)

ASN13335 (CLOUDFLARENET, US)
deal-4u.net
20    172.67.204.31 (United States)

ASN13335 (CLOUDFLARENET, US)
welcomebackbonus.com
www.welcomebackbonus.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
ajax.googleapis.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:4400::ac40:95d9 (United States)

ASN13335 (CLOUDFLARENET, US)
dm.imagethumb.com
1    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
20 welcomebackbonus.com
welcomebackbonus.com
www.welcomebackbonus.com
342 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
22 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
ajax.googleapis.com — Cisco Umbrella Rank: 454
32 KB
1 imagethumb.com
dm.imagethumb.com
1 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
101 KB
1 deal-4u.net
deal-4u.net
350 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6945
404 B
27 8
Domain Requested by
19 www.welcomebackbonus.com www.welcomebackbonus.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 dm.imagethumb.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com www.welcomebackbonus.com
1 ajax.googleapis.com www.welcomebackbonus.com
1 fonts.googleapis.com www.welcomebackbonus.com
1 welcomebackbonus.com 1 redirects
1 deal-4u.net 1 redirects
1 bit.ly 1 redirects
27 10
Subject Issuer Validity Valid
welcomebackbonus.com
WE1		 2024-09-14 -
2024-12-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
imagethumb.com
WE1		 2024-09-15 -
2024-12-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Frame ID: 9EC2352FBF6F3B577B2D8193A09DBC52
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home Page

Page URL History Show full URLs

  1. https://bit.ly/3LjgzFl HTTP 301
    https://deal-4u.net/suc100 HTTP 301
    http://welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms HTTP 307
    https://welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms HTTP 301
    https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

8
IPs

2
Countries

542 kB
Transfer

906 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3LjgzFl HTTP 301
    https://deal-4u.net/suc100 HTTP 301
    http://welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms HTTP 307
    https://welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms HTTP 301
    https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.welcomebackbonus.com/
Redirect Chain
  • https://bit.ly/3LjgzFl
  • https://deal-4u.net/suc100
  • http://welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
  • https://welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
  • https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
33 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3673e4dd6464404af8805402c015e81882a587434671be1678b5dfc2d186377c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8c9bb843f8bdd26c-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 27 Sep 2024 13:07:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rp4vyZ3VGicC%2F7TdjNG%2FZ5AgW4bU0KB8IUXpaOTPKT1LggNhucG99yuaYOvu4h3426ixTfCET1V%2BhFgP%2Bna%2FuZGgqErtJL3jTI3Zq9tS7gdJ3xKaytmLvprSkTDuBKJr82rSOU23lPdgZFA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8c9bb8407c83d26c-FRA
content-type
text/html; charset=UTF-8
date
Fri, 27 Sep 2024 13:07:58 GMT
location
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jo0zC1KMLPI0Ia7qyK2tub2sA7QFHW1mUegyFmPz7yHLYe9DH0g9zqQAjQszzEIodokkqMeNNccNzKcgRGk32pR%2BwrfHpigDlFFm7LycWGE%2Bzw12ERz0FKqx6KPptwKYHaGQBcFnoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
speculation
www.welcomebackbonus.com/cdn-cgi/ 		128 B
557 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.welcomebackbonus.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.welcomebackbonus.com
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jnDU07nf%2BdwbsRasWHkbsTHDgjFjzkJdzXLvI17xa0n8LZYz2RL8%2BGRyGoBw0PyOIgZih5I1vFzAc55ONApWVqNSZY8MDHuDd%2BSTbwnrPdXzocT%2Bk78EK5269SdoISM9Bstm5cPictLXGhc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb8451ccbd26c-FRA
access-control-allow-origin
https://www.welcomebackbonus.com
content-length
128
date
Fri, 27 Sep 2024 13:07:58 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/ 		1 KB
876 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,800
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
beb761a0aff595ec9fa0d76354a16f4455fd3a5c827a3a2a881af72bf33778b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 13:07:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 13:07:58 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 27 Sep 2024 13:07:58 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
www.welcomebackbonus.com/Content/ 		17 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.welcomebackbonus.com/Content/css?v=wlluDMC0ytb2dIoCNzUEfwdfa9OiykcS1j8J-JjpsZU1
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
31efe05fb8a466570e3618b308d0d545560681997c3fd770bdb7383ac664ea4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
public
x-aspnet-version
4.0.30319
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mt%2BrIgVDPWmGB3udn38TbDZiJXwA5m93SxmsrwuzJMUF%2F4LB7hBindMga70Ywnjcx0etgslkNI7CNgSg%2B7UDjbOc8g9zAzibRdkZBsP3taQI0SoS5TtHsxuyHDWK7r9walTqEQOoFKiYb7Q%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb8451ccfd26c-FRA
expires
Sat, 27 Sep 2025 13:07:59 GMT
content-length
5673
date
Fri, 27 Sep 2024 13:07:58 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 27 Sep 2024 13:07:59 GMT
vary
User-Agent,Accept-Encoding
server
cloudflare
x-powered-by
ASP.NET
styles.css
www.welcomebackbonus.com/App_Themes/suc/css/ 		264 B
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.welcomebackbonus.com/App_Themes/suc/css/styles.css
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
527b9d1e4e6434ffc45ab13be5dc958a0a13686e7c3cd770da61a85f22c07319

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"746d422bf4e9d81:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTBSGV1XcE3d4xAQd9L0DUzvUOTxJUlGk1jouIn1mvqPCLQXrWZyX5iiE8qHnLpeZJZyunigsVYAVjkMnocs9WITjwWojUhzmnj4%2B06OAoIpBvyVOCfjr0ETHsTfIm9tbdkJ4nkH8ywW9Eg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb8451cd1d26c-FRA
accept-ranges
bytes
content-length
289
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
text/css
last-modified
Thu, 27 Oct 2022 11:06:31 GMT
vary
Accept-Encoding
server
cloudflare
x-powered-by
ASP.NET
modernizr
www.welcomebackbonus.com/bundles/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.welcomebackbonus.com/bundles/modernizr?v=qVODBytEBVVePTNtSFXgRX0NCEjh9U_Oj8ePaSiRcGg1
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e5c283757f4c989d17cc064ae4a058b466a4b912356adaab87f06da80b7da39f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
public
x-aspnet-version
4.0.30319
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhgqvA3uLjIQc8lD1a2DncdzpIDNII14MvgU1CDcZXYmn4E53t%2BiIDbbYR9ONg3niqHqD54kdGT%2Fl0ix1wbjuzFWpSMdewO%2FGAg%2BD57iQM%2Bx8imBZtOVvQtwLnw8Nzdzvzw%2FyrUHB4z%2BIYE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb8451cd4d26c-FRA
expires
Sat, 27 Sep 2025 13:07:59 GMT
content-length
5233
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 27 Sep 2024 13:07:59 GMT
vary
User-Agent,Accept-Encoding
server
cloudflare
x-powered-by
ASP.NET
jquery
www.welcomebackbonus.com/bundles/ 		87 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.welcomebackbonus.com/bundles/jquery?v=eB81PWDMnbPdF_a93Pan0CT4DOwXvC0noN0Dz8K7Jy41
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7554e5e131dc031290cabc5626882a8c531c18f96338829e37f430c0bef10c6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5f2C9g1w5dgPRjFBKuXw2iC%2FaYMY50ee7ynibtQannLe6ldOsuBQabMGh44dcwNPDxUQxs4%2BKyTChpzosljp2G0btaGTfe2vpYjs4k26A%2F745XqoDY6PKGzfytdQRQYJJaJgcPTZazLfwOY%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 27 Sep 2025 13:07:59 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 27 Sep 2024 13:07:59 GMT
vary
User-Agent,Accept-Encoding
cache-control
public
x-aspnet-version
4.0.30319
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8c9bb8451ce7d26c-FRA
content-length
40443
x-powered-by
ASP.NET
server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/

Response headers

content-encoding
gzip
age
102308
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 08:42:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 08:42:50 GMT
last-modified
Fri, 08 May 2020 07:05:03 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31021
x-xss-protection
0
server
sffe
livesupport.png
www.welcomebackbonus.com/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomebackbonus.com/images/livesupport.png
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f6609863c152539f921d9db041209362a7b5cde63d489960014d00118649ca02

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"eab066b599a8d71:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LAq6ZrWUav2tl%2FKxTX4ZlAz4fXeyf%2BHT5pXtHIpgMak2CEvtHLIan4eemtaiFWIhx8oInHgEziMdKB3FhC7HQ%2BHNoIu5BC5el%2F2BJ%2FeJyXQbVFjO4UqIINooFJ71UBLl6AzI%2BHY2sSygJ34%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb8452cecd26c-FRA
accept-ranges
bytes
content-length
5435
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
image/png
last-modified
Mon, 13 Sep 2021 12:20:15 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
logo.png
www.welcomebackbonus.com/App_Themes/suc/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomebackbonus.com/App_Themes/suc/images/logo.png
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
30ebca297a24b2b79d50620ef7ced8ba3fa109affcdf6c57571ce6764edd0307

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"a92612b599a8d71:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnLzBvGuJScv%2FDgx%2F61tBxUtqfXkCIkAWUfTw3okHTjV0fTVND%2BW7DlNOOtN2TxODJfWYwPK0OeOUpT%2Fc%2BeaRUVhQJsghXXqXyeb1zBN%2BqHiI5LlQ500s8%2F38z56LWpsQMgLNmSGxbRCYTE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb8455da9d26c-FRA
accept-ranges
bytes
content-length
11239
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
image/png
last-modified
Mon, 13 Sep 2021 12:20:15 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
footer_icons_0.png
www.welcomebackbonus.com/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomebackbonus.com/Images/footer_icons_0.png
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d39048248eaff78c292ec04318161e95d0a9fbd028fecaa3940b2cd285a1eb08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"643b66b599a8d71:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7YVQWW9l6fXgf5atHodiZN6NNylpZELQvD2NYUuvZV1BoV8eTGbuMuq81HQsEKZHCzBMSNZKnBXNDeRgJj2%2Bzp%2BZEh1z55d67A3hlg7oboIPeHLOGtOEWh1BNBed8ZJQi1P38opeWD%2FAgbM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb8460fe3d26c-FRA
accept-ranges
bytes
content-length
2891
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
image/png
last-modified
Mon, 13 Sep 2021 12:20:15 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
alderney.png
www.welcomebackbonus.com/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomebackbonus.com/images/alderney.png
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
300573d7234c3cf86fe0cf0c71f21cd1cc65c0bd277b928e77c838bc4f8d1bae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"f6fe802c37c5d91:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOO0lZiIGU5xlCuSqAssAvGNZ9rwOkx3qxr124YFACHTJZyIbr62ITtb8TOfHubVfKiQUM4H35%2BRsEcUmr9jQeAqwG7yKD6Ttnhdm%2Bi6%2BLTHvsqFtC3uV2ksr9X1dq3bKnpOggKI15XUa6c%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb846692bd26c-FRA
accept-ranges
bytes
content-length
17582
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
image/png
last-modified
Wed, 02 Aug 2023 11:47:54 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
mgs.png
www.welcomebackbonus.com/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomebackbonus.com/images/mgs.png
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ed4e40dc118001fcb5d14771437a1e7f10cc2849c751a63c32696364ccb415a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"e982bf2b77bed71:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPMlWOBFwZL7SMggLkmZYajDxo8bsM7tyzmL0L4u1AUm2kGbeR2bpttcYnJnyofefRVkMNAumz4EZ0H5psLpIrJDBVMmJgVwz2Vye0jHrLR4gGRd5SIbsmVY4GBFnILQ%2BathbKFoLPDHjzQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb846794dd26c-FRA
accept-ranges
bytes
content-length
3409
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
image/png
last-modified
Mon, 11 Oct 2021 08:08:27 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
footer_icons_4.png
www.welcomebackbonus.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomebackbonus.com/images/footer_icons_4.png
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
479d2d8f2584c41152986f98110edf87aed649251b89d3522a34378ee14bd6e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"786266b599a8d71:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AK9olh%2BmQPOIwdeKub8MixXwQzthQLk2zRySmK9GEqmuB7kKpKtxbtjVGMupkihuqHjXF5EB0iNtRZVNm%2FRJ39ex3cxD4kqP7i5BNerudBUCWiDgJIqGV9U3Jet5vhUagOOdv59sNnlSkcw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb846899ed26c-FRA
accept-ranges
bytes
content-length
2370
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
image/png
last-modified
Mon, 13 Sep 2021 12:20:15 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
18plus_DE.png
www.welcomebackbonus.com/images/18plus/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomebackbonus.com/images/18plus/18plus_DE.png
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0e9a65f18491c8b02267732419205889f82e2a131ed111c7e9420059bfea436e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"9edd18b599a8d71:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9YHfT82iWZh1BDI%2FIPF0hLnfYc8vwTZz6VDv2NZU7pq2XNrtrdsOXF86fa%2BIHQ9DvtVtJ0Eji0IpVZFQQtJ3nS1IO4WaFK8vGE6c3besg7yLYVKetwuOEu81NJJrAA7Zx20w8x7KlO5RIhw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb84689a6d26c-FRA
accept-ranges
bytes
content-length
5591
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
image/png
last-modified
Mon, 13 Sep 2021 12:20:15 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
footer_icons_5.png
www.welcomebackbonus.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomebackbonus.com/images/footer_icons_5.png
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
43410bfc8a073b2a624e2dacc32300d67a7b8825d3c197fc5fa9d975dcc37dc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"786266b599a8d71:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2FL6mvjfB%2BeOxcpClShQdaUZ95Br7zZ8zoCMbV10xLYaG6%2BZHLUfnBLjMciaGVxPRVpvxW6amITRRZeadg2iGIiUCkVlKWvE%2Bqj0Z9E%2FJRBWj7HJvAWUx5XGQQOcgD7ENkh9AcUG7ogc3qo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb84689a8d26c-FRA
accept-ranges
bytes
content-length
1672
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
image/png
last-modified
Mon, 13 Sep 2021 12:20:15 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
footer_icons_6.png
www.welcomebackbonus.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomebackbonus.com/images/footer_icons_6.png
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
808b01f79532b0ca1baa901be38d1066aee36f86e86939301fea2123a36d3eb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"786266b599a8d71:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9y3ZXNh7wasUZ3dmu0%2BIlCzTlXATI%2F2uY3rBpiIk5MwHy%2BI2eWFJvR3t9%2FUPw5mbym%2BVDeEr2k1ap0vrD3%2B2jjQXG8DTGhkJPEvRSIWLBw5l2w1%2F1sVerHOfFGzzBhdIdZJwVNAlTq8G7yU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb84689add26c-FRA
accept-ranges
bytes
content-length
2110
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
image/png
last-modified
Mon, 13 Sep 2021 12:20:15 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
footer_icons_7.png
www.welcomebackbonus.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomebackbonus.com/images/footer_icons_7.png
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b82170931836976948b71dd2646e52339cf94c7da1a46268d7b8ec2c6662d42e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"786266b599a8d71:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6o0mfN0pS4HHMOSBsFpFMOGYyVCKwzy41xFg%2B9r6t5Hs%2FZWAoYse9qXynXH%2BVOWEzqfQ5qJtGWCdjtOk9Ls%2BNmDpT6Io6rOV2RS32dCXv1YPPq17d4IQFUP4%2FGDQgr%2B3y2glxjwgMMMKZAA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb84689b0d26c-FRA
accept-ranges
bytes
content-length
3075
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
image/png
last-modified
Mon, 13 Sep 2021 12:20:15 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
footer_icons_8.png
www.welcomebackbonus.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomebackbonus.com/images/footer_icons_8.png
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ae79943913438bf5a4d6fdcd0d658fc88ba7f1ae4c84e6c6396d690ffb0309e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"786266b599a8d71:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D35vb2eYJDUelyqAkHN%2BPzgw6X9I1V9WNSAC%2FPfKImlwzVIRvI5eUqZoZVX7ojabFsMLTT2LL%2BBJuOV3D3OL03qL%2BlFVUKba2qD45ljyddpf0UpGYic9DspnL2GaZ4R75hAGeMQBZuv1fOI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb84689b2d26c-FRA
accept-ranges
bytes
content-length
2864
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
image/png
last-modified
Mon, 13 Sep 2021 12:20:15 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		298 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W55DZ3Z
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8461018b865acfb47b2be15994dd09981d92150909de29133660a5e8e7789bfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 27 Sep 2024 13:07:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Sep 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103064
x-xss-protection
0
server
Google Tag Manager
WelcomeBonus.jpg
www.welcomebackbonus.com/media/ 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.welcomebackbonus.com/media/WelcomeBonus.jpg
Requested by
Host: www.welcomebackbonus.com
URL: https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a7f0610fd1b06d28d02cf425970ce775c04a2b7b922e8b6c341a54454f9860d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"a3f199424830d61:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fMobyIdzNZ8THqPZPBu43rK45J4fjr4Ryx4DBOGxOprIUze9iMTuvNSXElc9ijoLdjdgBHadwz1tUJhmw7YmzkjneGqDh9SpES8aKxEe9VN3aoF%2BjhYPMcBsBec2Pxj7KP7TOTDFYss62ec%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb846ba24d26c-FRA
accept-ranges
bytes
content-length
217514
date
Fri, 27 Sep 2024 13:07:59 GMT
content-type
image/jpeg
last-modified
Fri, 22 May 2020 14:49:56 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.welcomebackbonus.com
Referer
https://fonts.googleapis.com/

Response headers

age
135227
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 23:34:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 23:34:12 GMT
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
45300
x-xss-protection
0
server
sffe
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W55DZ3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/

Response headers

content-encoding
gzip
age
5871
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 13:30:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 11:30:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/j/ 		3 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=398347873&t=pageview&_s=1&dl=https%3A%2F%2Fwww.welcomebackbonus.com%2F%3Furlreferer%3Dsuc%26offer%3D100%26utm_source%3DC3%26utm_medium%3Dsms%26utm_campaign%3Dlsms&dp=%2F&ul=de-de&de=UTF-8&dt=Home%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=162298901&gjid=1481472652&cid=967410732.1727442480&tid=UA-46028713-8&_gid=510450892.1727442480&_r=1&_slc=1&gtm=45He49p0n81W55DZ3Zza200&cd51=landing_pages&cd53=0&cd58=en&cd61=Check%20Visit%20Data%20Event&cd67=&cd68=null&cd70=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&cd71=0&cd73=2024-09-27T15%3A07%3A59.855%2B02%3A00&cd74=urlreferer%3Dsuc%26offer%3D100%26utm_source%3DC3%26utm_medium%3Dsms%26utm_campaign%3Dlsms&cd75=&cd83=No%20Visit%20Data%20Found&cd84=No%20Visit%20Data%20Found&cd85=No%20Visit%20Data%20Found&cd86=SUC&cd91=landing_pages&cd97=na&cd98=false&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cd62=967410732.1727442480&npa=1&z=381371611
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.welcomebackbonus.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 13:07:59 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.welcomebackbonus.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
truncated
/ 		376 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65d3845c14c599d80229ce09ec294dfd850834745ba4a121ec16dfe4b182fdd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
icon.png
www.welcomebackbonus.com/App_Themes/suc/images/ 		3 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.welcomebackbonus.com/App_Themes/suc/images/icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
33d4ce2f2160e41fc685fa817245212019c3540d293124ec611b069fd7e4f43f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/?urlreferer=suc&offer=100&utm_source=C3&utm_medium=sms&utm_campaign=lsms

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"746d422bf4e9d81:0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YpHE%2BqwBVCFRPZzYpG5iQAy7kbgZZeERDBMaGhzFQuSlSspCvdCskpyrcxFsUTErFMzRSgyymWpx%2Bd%2FY2LxrcXwALVJRI1a8ADead3CmhltjORqKerAwXpPOaMW4btGxpf7069Sj4S9mpAM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9bb84bbba9d26c-FRA
accept-ranges
bytes
content-length
3426
date
Fri, 27 Sep 2024 13:08:00 GMT
content-type
image/png
last-modified
Thu, 27 Oct 2022 11:06:31 GMT
x-powered-by
ASP.NET
server
cloudflare
vary
Accept-Encoding
gtm-global.js
dm.imagethumb.com/gtm/shared/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dm.imagethumb.com/gtm/shared/gtm-global.js?v=2782024_2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W55DZ3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0e043cedcf425272f6b4eba8af74f4d731f8f8da9334a1be02f1a34d18604c10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/

Response headers

cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
MISS
etag
"427397aa2d8d41:0"
cf-ray
8c9bb84c2a7b5d66-FRA
expires
Fri, 27 Sep 2024 17:08:00 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1020
date
Fri, 27 Sep 2024 13:08:00 GMT
content-type
application/x-javascript
last-modified
Mon, 11 Mar 2019 12:05:06 GMT
vary
Accept-Encoding
server
cloudflare
x-powered-by
ASP.NET
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=398347873&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.welcomebackbonus.com%2F%3Furlreferer%3Dsuc%26offer%3D100%26utm_source%3DC3%26utm_medium%3Dsms%26utm_campaign%3Dlsms&dp=%2F&ul=de-de&de=UTF-8&dt=Home%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Visit%20Data&ea=Visit%20Recorded&el=Success&_u=aGDACEABBAAAACAEK~&jid=&gjid=&cid=967410732.1727442480&tid=UA-46028713-8&_gid=510450892.1727442480&gtm=45He49p0n81W55DZ3Zza200&cd58=en&cd61=No%20Visit%20Data%20Found&cd73=2024-09-27T15%3A08%3A00.206%2B02%3A00&cd74=urlreferer%3Dsuc%26offer%3D100%26utm_source%3DC3%26utm_medium%3Dsms%26utm_campaign%3Dlsms&cd75=&cd83=No%20Visit%20Data%20Found&cd84=No%20Visit%20Data%20Found&cd85=No%20Visit%20Data%20Found&cd86=SUC&cd91=landing_pages&cd98=false&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&npa=1&z=439865651
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.welcomebackbonus.com/

Response headers

age
12432
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 09:40:48 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr function| $ function| jQuery function| MITImage function| setCookie object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| ga_client_id string| _gtm_global_version string| gtm_trck_a string| gtm_trck_s string| gtm_trck_b string| gtm_venge_visit function| getCookiebyName function| extractVisitCookie function| extractFromInput function| _collectVisitData function| _domReady

4 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: o8rd7V-248aeab9969ff95c6c-001
.welcomebackbonus.com/ Name: _ga
Value: GA1.2.967410732.1727442480
.welcomebackbonus.com/ Name: _gid
Value: GA1.2.510450892.1727442480
.welcomebackbonus.com/ Name: _gat_UA-46028713-8
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bit.ly
deal-4u.net
dm.imagethumb.com
fonts.googleapis.com
fonts.gstatic.com
welcomebackbonus.com
www.google-analytics.com
www.googletagmanager.com
www.welcomebackbonus.com
142.250.181.238
142.250.185.99
172.67.204.31
2606:4700:4400::ac40:9288
2606:4700:4400::ac40:95d9
2a00:1450:4001:80b::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200e
67.199.248.11
0e043cedcf425272f6b4eba8af74f4d731f8f8da9334a1be02f1a34d18604c10
0e9a65f18491c8b02267732419205889f82e2a131ed111c7e9420059bfea436e
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
300573d7234c3cf86fe0cf0c71f21cd1cc65c0bd277b928e77c838bc4f8d1bae
30ebca297a24b2b79d50620ef7ced8ba3fa109affcdf6c57571ce6764edd0307
31efe05fb8a466570e3618b308d0d545560681997c3fd770bdb7383ac664ea4b
33d4ce2f2160e41fc685fa817245212019c3540d293124ec611b069fd7e4f43f
3673e4dd6464404af8805402c015e81882a587434671be1678b5dfc2d186377c
43410bfc8a073b2a624e2dacc32300d67a7b8825d3c197fc5fa9d975dcc37dc8
479d2d8f2584c41152986f98110edf87aed649251b89d3522a34378ee14bd6e7
527b9d1e4e6434ffc45ab13be5dc958a0a13686e7c3cd770da61a85f22c07319
65d3845c14c599d80229ce09ec294dfd850834745ba4a121ec16dfe4b182fdd3
7554e5e131dc031290cabc5626882a8c531c18f96338829e37f430c0bef10c6e
808b01f79532b0ca1baa901be38d1066aee36f86e86939301fea2123a36d3eb7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8461018b865acfb47b2be15994dd09981d92150909de29133660a5e8e7789bfa
a7f0610fd1b06d28d02cf425970ce775c04a2b7b922e8b6c341a54454f9860d4
ae79943913438bf5a4d6fdcd0d658fc88ba7f1ae4c84e6c6396d690ffb0309e0
b82170931836976948b71dd2646e52339cf94c7da1a46268d7b8ec2c6662d42e
beb761a0aff595ec9fa0d76354a16f4455fd3a5c827a3a2a881af72bf33778b3
d39048248eaff78c292ec04318161e95d0a9fbd028fecaa3940b2cd285a1eb08
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e5c283757f4c989d17cc064ae4a058b466a4b912356adaab87f06da80b7da39f
ed4e40dc118001fcb5d14771437a1e7f10cc2849c751a63c32696364ccb415a7
f6609863c152539f921d9db041209362a7b5cde63d489960014d00118649ca02
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d