xion.bonusblock.io Open in urlscan Pro
2606:4700:3033::ac43:94f9  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response xion.bonusblock.io/	5 KB 2 KB	190ms 93ms	Document text/html	2606:4700:3033::ac43:94f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xion.bonusblock.io/?r=dDEFQkW3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:94f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7db36d11f2da94973efa4ced717745911df76fe12352dea823d3fbc83e91f70f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 853d12cc8e4237e8-FRA content-encoding br content-type text/html date Sun, 11 Feb 2024 13:52:37 GMT last-modified Thu, 08 Feb 2024 14:24:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14IqrKs223RQuh26jZhayhCsuYnYILguK54HHSP%2FqYM7SJ3RHIBWx0u0MMVbfYHazEkOgMw%2F9DNW4bwsXb0F9FMuaRJrbDPIu9gVEOXUtQE338yNFLbVOaNMf%2FC%2F92wJcA1hzfcrwD0sjx6%2FzgkJBDQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	index-981146d5.js Show response xion.bonusblock.io/assets/	7 MB 2 MB	68ms 67ms	Script application/javascript	2606:4700:3033::ac43:94f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xion.bonusblock.io/assets/index-981146d5.js Requested by Host: xion.bonusblock.io URL: https://xion.bonusblock.io/?r=dDEFQkW3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:94f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a655f23bf47324ae10c0651673f7e8cc943acbe6ba0d2c1ca3d2b7784f95850e Request headers Referer https://xion.bonusblock.io/?r=dDEFQkW3 Origin https://xion.bonusblock.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 13:52:37 GMT content-encoding br cf-cache-status HIT last-modified Thu, 08 Feb 2024 14:24:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6371 etag W/"65c4e433-6c2add" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhYKwGXilUQcqE7DiY%2FvQqqadYwnMsxsxn%2FWdNpWvx%2B0vJRxGpxVg2lQwUSMt2rbCrtJnX%2BeKTOWyUmWZ%2F00YT0S6AB61hOB27c0HW%2Bssb3hhkxwDJaVe%2BOIo3btRxFrSQWz9WggHfuE%2BJz8im0Ty1k%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 853d12cd2f3c37e8-FRA alt-svc h3=":443"; ma=86400
GET H2	200	index-25c1b07d.css xion.bonusblock.io/assets/	348 KB 53 KB	56ms 56ms	Stylesheet text/css	2606:4700:3033::ac43:94f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xion.bonusblock.io/assets/index-25c1b07d.css Requested by Host: xion.bonusblock.io URL: https://xion.bonusblock.io/?r=dDEFQkW3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:94f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25c1b07d4843825cd2fa13039c300f30ac32b04ff3fe2a05372a38642b580ec2 Request headers accept-language de-DE,de;q=0.9 Referer https://xion.bonusblock.io/?r=dDEFQkW3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 13:52:37 GMT content-encoding br cf-cache-status HIT last-modified Thu, 08 Feb 2024 14:24:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4728 etag W/"65c4e433-56f48" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVALSFo9y5HycX7Ul6qRRA6PkkNGwW0GzjQyKXgAKVij%2Ft9kSovN1%2B0ztyaoNOX6M92J5dm4pZPLQYPWh5zzpA%2FY4UvJZ7Savt0nzGygZF%2Fac7tvsxbyMsxJbbdrytJYJ1wN%2B2c5xqNoV0GdR1%2FsHp4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 853d12cd2f3a37e8-FRA alt-svc h3=":443"; ma=86400
GET H2	200	cookie3.analytics.min.js Show response cdn.staging.cookie3.co/scripts/analytics/latest/	64 KB 22 KB	232ms 43ms	Script application/javascript	2606:2800:233:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.staging.cookie3.co/scripts/analytics/latest/cookie3.analytics.min.js Requested by Host: xion.bonusblock.io URL: https://xion.bonusblock.io/?r=dDEFQkW3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CC1) / Resource Hash 0d3a138fb86d1ac447720144eeb0dc9b3d04f9a92499372efbcd9c84938b9aaf Request headers accept-language de-DE,de;q=0.9 Referer https://xion.bonusblock.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 11 Feb 2024 13:52:38 GMT content-encoding gzip content-md5 L6OGAjOg16nY4WBtrZ/n8Q== age 163391 x-cache HIT content-length 22272 x-ms-lease-status unlocked last-modified Wed, 15 Nov 2023 10:57:13 GMT server ECAcc (frc/4CC1) etag 0x8DBE5C99FFCF6BB vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id d2146456-a01e-012a-4b75-5b05c6000000 access-control-expose-headers Content-Length,Content-MD5 x-ms-version 2009-09-19
OPTIONS H2	204	public-token-live-87901ec3-ef19-48ca-b3f4-842be750181b web.stytch.com/sdk/v1/projects/bootstrap/	0 0	647ms 216ms	Preflight	34.210.207.96
General Check archive.org Show headers Download Go to Full URL https://web.stytch.com/sdk/v1/projects/bootstrap/public-token-live-87901ec3-ef19-48ca-b3f4-842be750181b Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.210.207.96 Boardman, United States, ASN (), Reverse DNS ec2-34-210-207-96.us-west-2.compute.amazonaws.com Software / Express Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options deny Request headers Accept */* Access-Control-Request-Headers authorization,content-type,x-sdk-client,x-sdk-parent-host Access-Control-Request-Method GET Origin https://xion.bonusblock.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,Authorization,X-Requested-With,X-SDK-Parent-Host,X-SDK-JWT,X-SDK-Client access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://xion.bonusblock.io access-control-max-age 7200 content-security-policy default-src 'none' date Sun, 11 Feb 2024 13:52:39 GMT referrer-policy origin-when-cross-origin strict-transport-security max-age=86400 vary Origin x-content-type-options nosniff x-frame-options deny x-powered-by Express
GET H2	200	public-token-live-87901ec3-ef19-48ca-b3f4-842be750181b Show response web.stytch.com/sdk/v1/projects/bootstrap/	440 B 790 B	214ms 214ms	Fetch application/json	34.210.207.96
General Check archive.org Show headers Download Go to Full URL https://web.stytch.com/sdk/v1/projects/bootstrap/public-token-live-87901ec3-ef19-48ca-b3f4-842be750181b Requested by Host: xion.bonusblock.io URL: https://xion.bonusblock.io/assets/index-981146d5.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.210.207.96 Boardman, United States, ASN (), Reverse DNS ec2-34-210-207-96.us-west-2.compute.amazonaws.com Software / Express Resource Hash d57f06bd26342682c69ea2bdf2d153ea559f56f1e728cf1a07ecde631af1a6db Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options deny Request headers X-SDK-Parent-Host https://xion.bonusblock.io Referer https://xion.bonusblock.io/ accept-language de-DE,de;q=0.9 X-SDK-Client eyJldmVudF9pZCI6ImV2ZW50LWlkLWI0ODZjYzRmLWM4OWItNGU5NS04ZTQyLTg1ZDhiOWI4ZWVmZCIsImFwcF9zZXNzaW9uX2lkIjoiYXBwLXNlc3Npb24taWQtODcxZGFhNjMtMjVmMS00Y2I1LThkYjMtM2VmYjhkODlhYWUxIiwicGVyc2lzdGVudF9pZCI6InBlcnNpc3RlbnQtaWQtNWQ0YTVjNGMtMzAzYi00NjkwLWEyYmEtZjQ5ODNmOTkyY2Q3IiwiY2xpZW50X3NlbnRfYXQiOiIyMDI0LTAyLTExVDEzOjUyOjM4LjU2M1oiLCJ0aW1lem9uZSI6IkV1cm9wZS9CZXJsaW4iLCJhcHAiOnsiaWRlbnRpZmllciI6Inhpb24uYm9udXNibG9jay5pbyJ9LCJzZGsiOnsiaWRlbnRpZmllciI6IlN0eXRjaC5qcyBKYXZhc2NyaXB0IFNESyIsInZlcnNpb24iOiIzLjMuMCJ9fQ== Authorization Basic cHVibGljLXRva2VuLWxpdmUtODc5MDFlYzMtZWYxOS00OGNhLWIzZjQtODQyYmU3NTAxODFiOnB1YmxpYy10b2tlbi1saXZlLTg3OTAxZWMzLWVmMTktNDhjYS1iM2Y0LTg0MmJlNzUwMTgxYg== User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Content-Type application/json Response headers date Sun, 11 Feb 2024 13:52:39 GMT content-security-policy default-src 'none' referrer-policy origin-when-cross-origin strict-transport-security max-age=86400 x-content-type-options nosniff x-powered-by Express etag W/"1b8-rR6nDN71dfgmNaHlTzxwuC9LfZo" x-frame-options deny vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://xion.bonusblock.io access-control-allow-credentials true content-length 440
GET DATA	200 OK	truncated /	770 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8a774eb0abb95644661e5a1e2947468e6401178fab36ae09b98f39f72c00899a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2b36d5663e1c504ee6475b4bb58f6cf9fbb3c3e51c08ad42dbb1bbe379b58dbf Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Content-Type image/png
POST H2	204	lake c.staging.cookie3.co/	0 133 B	346ms 89ms	Ping text/plain	65.108.205.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://c.staging.cookie3.co/lake?action_name=XION%20Ecosystem%20Exploration&idsite=47&rec=1&r=485341&h=14&m=52&s=39&url=https%3A%2F%2Fxion.bonusblock.io%2F%3Fr%3DdDEFQkW3&_id=7c1cefd5913fef57&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension2=&pf_net=97&pf_srv=93&pf_tfr=2&pf_dm1=21&pf_dm2=832&pf_onl=0&pv_id=eaK3u1&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D Requested by Host: cdn.staging.cookie3.co URL: https://cdn.staging.cookie3.co/scripts/analytics/latest/cookie3.analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.205.158 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.205.108.65.clients.your-server.de Software openresty / PHP/8.1.16 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://xion.bonusblock.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://xion.bonusblock.io date Sun, 11 Feb 2024 13:52:39 GMT access-control-allow-credentials true server openresty x-powered-by PHP/8.1.16
POST H2	204	events web.stytch.com/sdk/v1/	0 0	214ms 213ms	Fetch	34.210.207.96
General Check archive.org Show headers Download Go to Full URL https://web.stytch.com/sdk/v1/events Requested by Host: xion.bonusblock.io URL: https://xion.bonusblock.io/assets/index-981146d5.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.210.207.96 Boardman, United States, ASN (), Reverse DNS ec2-34-210-207-96.us-west-2.compute.amazonaws.com Software / Express Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options deny Request headers Referer https://xion.bonusblock.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Content-Type application/json Response headers date Sun, 11 Feb 2024 13:52:39 GMT content-security-policy default-src 'none' referrer-policy origin-when-cross-origin strict-transport-security max-age=86400 x-content-type-options nosniff x-powered-by Express etag W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" x-frame-options deny vary Origin access-control-allow-origin https://xion.bonusblock.io access-control-allow-credentials true
OPTIONS H2	204	events web.stytch.com/sdk/v1/	0 0	213ms 213ms	Preflight	34.210.207.96
General Check archive.org Show headers Download Go to Full URL https://web.stytch.com/sdk/v1/events Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.210.207.96 Boardman, United States, ASN (), Reverse DNS ec2-34-210-207-96.us-west-2.compute.amazonaws.com Software / Express Resource Hash Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options deny Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://xion.bonusblock.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,Authorization,X-Requested-With,X-SDK-Parent-Host,X-SDK-JWT,X-SDK-Client access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://xion.bonusblock.io access-control-max-age 7200 content-security-policy default-src 'none' date Sun, 11 Feb 2024 13:52:39 GMT referrer-policy origin-when-cross-origin strict-transport-security max-age=86400 vary Origin x-content-type-options nosniff x-frame-options deny x-powered-by Express
POST H2	204	lake c.staging.cookie3.co/	0 132 B	84ms 83ms	Ping text/plain	65.108.205.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://c.staging.cookie3.co/lake?action_name=XION%20Ecosystem%20Exploration&idsite=47&rec=1&r=610259&h=14&m=52&s=39&url=https%3A%2F%2Fxion.bonusblock.io%2F%3Fr%3DdDEFQkW3&_id=7c1cefd5913fef57&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension2=&pv_id=JWACcw&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D Requested by Host: cdn.staging.cookie3.co URL: https://cdn.staging.cookie3.co/scripts/analytics/latest/cookie3.analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.205.158 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.205.108.65.clients.your-server.de Software openresty / PHP/8.1.16 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://xion.bonusblock.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://xion.bonusblock.io date Sun, 11 Feb 2024 13:52:40 GMT access-control-allow-credentials true server openresty x-powered-by PHP/8.1.16

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _paq function| a0b object| currentLocation function| generateUUID function| a0a object| Piwik object| Matomo object| cookie3 object| AnalyticsTracker function| piwik_log object| __VUE_INSTANCE_SETTERS__ object| __vueuse_ssr_handlers__ object| cookieConsentTools object| TreemapSquared function| SVG object| Apex boolean| __VUE__

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			xion.bonusblock.io/	1970-01-21 03:46:54	Name: _pk_id.47.36de Value: 7c1cefd5913fef57.1707659559.
			xion.bonusblock.io/	1970-01-20 18:21:01	Name: _pk_ses.47.36de Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.staging.cookie3.co
cdn.staging.cookie3.co
web.stytch.com
xion.bonusblock.io
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3033::ac43:94f9
34.210.207.96
65.108.205.158
0d3a138fb86d1ac447720144eeb0dc9b3d04f9a92499372efbcd9c84938b9aaf
25c1b07d4843825cd2fa13039c300f30ac32b04ff3fe2a05372a38642b580ec2
2b36d5663e1c504ee6475b4bb58f6cf9fbb3c3e51c08ad42dbb1bbe379b58dbf
7db36d11f2da94973efa4ced717745911df76fe12352dea823d3fbc83e91f70f
8a774eb0abb95644661e5a1e2947468e6401178fab36ae09b98f39f72c00899a
a655f23bf47324ae10c0651673f7e8cc943acbe6ba0d2c1ca3d2b7784f95850e
d57f06bd26342682c69ea2bdf2d153ea559f56f1e728cf1a07ecde631af1a6db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855