urlscan.io logo urlscan.io
SecurityTrails logo

bayonetqe.com Open in urlscan Pro
2606:4700:3037::6815:5412  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19
Effective URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Submission: On March 28 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3037::6815:5412, located in United States and belongs to CLOUDFLARENET, US. The main domain is bayonetqe.com.
TLS certificate: Issued by GTS CA 1P5 on February 14th 2024. Valid for: 3 months.
This is the only time bayonetqe.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
3 62.210.12.122 12876 (Online SAS)
1 67.217.62.46 19318 (IS-AS-1)
1 2 193.105.134.13 42237 (W1N)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:440... ()
14 172.67.184.196 13335 (CLOUDFLAR...)
1 2a00:1450:400... ()
30 8
3    62.210.12.122 (France)

ASN12876 (Online SAS, FR)
PTR: 62-210-12-122.yaamail.com
qg.topword.info
1    67.217.62.46 (United States)

ASN19318 (IS-AS-1, US)
handlor.com
2    193.105.134.13 (Stockholm, Sweden)

ASN42237 (W1N, GB)
startsapps.co
1    2606:4700:3037::6815:5412 (United States)

ASN13335 (CLOUDFLARENET, US)
bayonetqe.com
1    2606:4700:4400::ac40:93bc (None, )

ASN- ()
kit.fontawesome.com
14    172.67.184.196 (United States)

ASN13335 (CLOUDFLARENET, US)
bayonetqe.com
1    2a00:1450:4001:806::200a (None, )

ASN- ()
fonts.googleapis.com
Domain Requested by
15 bayonetqe.com startsapps.co
bayonetqe.com
3 qg.topword.info qg.topword.info
2 startsapps.co 1 redirects handlor.com
1 fonts.googleapis.com bayonetqe.com
1 kit.fontawesome.com bayonetqe.com
1 handlor.com qg.topword.info
0 ka-f.fontawesome.com Failed kit.fontawesome.com
0 beacon.bayonetqe.com Failed bayonetqe.com
0 virtualpushplatform.com Failed bayonetqe.com
30 9

This site contains no links.

Subject Issuer Validity Valid
handlor.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-03-28		 a year crt.sh
startsapps.co
R3		 2024-01-31 -
2024-04-30		 3 months crt.sh
bayonetqe.com
GTS CA 1P5		 2024-02-14 -
2024-05-14		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Frame ID: 4847E5D284F2DEB23B62DBFC32117DB4
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19 HTTP 307
    https://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19 HTTP 307
    http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19 Page URL
  2. http://qg.topword.info/t/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19 Page URL
  3. https://handlor.com/1007983044d3f06e800/19/143-7644/185-727-1481 Page URL
  4. https://startsapps.co/r/8e1e7021-6494-4fbe-bc29-a3e08a3effda/473112/1455537482/19 Page URL
  5. https://startsapps.co/r2/8e1e7021-6494-4fbe-bc29-a3e08a3effda/473112/1455537482/19/4921052e-c64a-4... HTTP 302
    https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

30
Requests

63 %
HTTPS

43 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

377 kB
Transfer

1806 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19 HTTP 307
    https://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19 HTTP 307
    http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19 Page URL
  2. http://qg.topword.info/t/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19 Page URL
  3. https://handlor.com/1007983044d3f06e800/19/143-7644/185-727-1481 Page URL
  4. https://startsapps.co/r/8e1e7021-6494-4fbe-bc29-a3e08a3effda/473112/1455537482/19 Page URL
  5. https://startsapps.co/r2/8e1e7021-6494-4fbe-bc29-a3e08a3effda/473112/1455537482/19/4921052e-c64a-48d9-9787-c2143723c785/?red_param_1=https%3A%2F%2Fhandlor.com%2F&fctr=0 HTTP 302
    https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19 HTTP 307
  • https://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19 HTTP 307
  • http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1481h19
qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/
Redirect Chain
  • http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19
  • https://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19
  • http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19
458 B
711 B 		Document
General
Check archive.org
Download Go to
Full URL
http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19
Protocol
HTTP/1.1
Server
62.210.12.122 , France, ASN12876 (Online SAS, FR),
Reverse DNS
62-210-12-122.yaamail.com
Software
/
Resource Hash
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Thu, 28 Mar 2024 02:27:46 GMT
X-Address
gin_throttle_mw_7200000000_92.222.212.18
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
499
X-Ratelimit-Reset
1711596466

Redirect headers

Location
http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
qg.topword.info/ 		0
259 B 		Other
General
Check archive.org
Download Go to
Full URL
http://qg.topword.info/favicon.ico
Protocol
HTTP/1.1
Server
62.210.12.122 , France, ASN12876 (Online SAS, FR),
Reverse DNS
62-210-12-122.yaamail.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Thu, 28 Mar 2024 02:27:46 GMT
X-Address
gin_throttle_mw_7200000000_92.222.212.18
X-Ratelimit-Reset
1711596466
X-Ratelimit-Limit
500
Content-Length
0
X-Ratelimit-Remaining
498
Content-Type
text/plain; charset=utf-8
1481h19
qg.topword.info/t/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/ 		254 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
http://qg.topword.info/t/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19
Requested by
Host: qg.topword.info
URL: http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19
Protocol
HTTP/1.1
Server
62.210.12.122 , France, ASN12876 (Online SAS, FR),
Reverse DNS
62-210-12-122.yaamail.com
Software
/
Resource Hash
7427d07fc2fa38fe01453b8895b7f487a7e5e82a46e5905c367a541d87e067ee

Request headers

Referer
http://qg.topword.info/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Content-Length
254
Content-Type
text/html; charset=utf-8
Date
Thu, 28 Mar 2024 02:27:47 GMT
X-Address
gin_throttle_mw_7200000000_92.222.212.18
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
497
X-Ratelimit-Reset
1711596466
185-727-1481
handlor.com/1007983044d3f06e800/19/143-7644/ 		144 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://handlor.com/1007983044d3f06e800/19/143-7644/185-727-1481
Requested by
Host: qg.topword.info
URL: http://qg.topword.info/t/4osyKo7644grVO143wqpbtdbxyl185EFFTTOJMSYHAFHA727/1481h19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.217.62.46 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://qg.topword.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
fr-FR,fr;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
144
content-type
text/html; charset=UTF-8
date
Thu, 28 Mar 2024 02:27:49 GMT
server
Apache
19
startsapps.co/r/8e1e7021-6494-4fbe-bc29-a3e08a3effda/473112/1455537482/ 		738 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://startsapps.co/r/8e1e7021-6494-4fbe-bc29-a3e08a3effda/473112/1455537482/19
Requested by
Host: handlor.com
URL: https://handlor.com/1007983044d3f06e800/19/143-7644/185-727-1481
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.105.134.13 Stockholm, Sweden, ASN42237 (W1N, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://handlor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
fr-FR,fr;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
738
Content-Type
text/html
Date
Thu, 28 Mar 2024 02:27:49 GMT
Expires
Thu, 28 Mar 2024 02:27:49 GMT
Server
nginx
access-control-allow-methods
GET, HEAD, OPTIONS, POST, PUT
access-control-allow-origin
null
access-control-max-age
1800
Primary Request 0
bayonetqe.com/sf/tpl9/
Redirect Chain
  • https://startsapps.co/r2/8e1e7021-6494-4fbe-bc29-a3e08a3effda/473112/1455537482/19/4921052e-c64a-48d9-9787-c2143723c785/?red_param_1=https%3A%2F%2Fhandlor.com%2F&fctr=0
  • https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Requested by
Host: startsapps.co
URL: https://startsapps.co/r/8e1e7021-6494-4fbe-bc29-a3e08a3effda/473112/1455537482/19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5412 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6678abca597eba4e4bd73c4658a2e5000d90613695d410abe5440771402438d5

Request headers

Referer
https://startsapps.co/r/8e1e7021-6494-4fbe-bc29-a3e08a3effda/473112/1455537482/19
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
fr-FR,fr;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86b42ef0b90c0179-CDG
content-encoding
br
content-type
text/html
date
Thu, 28 Mar 2024 02:27:50 GMT
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbJZdpxG8ESsXGlQSsqiODxE%2BWflY5jdopal5LsVwRjXbUe1%2BWHoFT5Id%2FMSaTG2kxczroKjWF%2FYyPRFpcvS1fZ41goPEcX0U1GzDsIY7m5Oa0pZE8IueMnEcgqnbh0wGkOg6FG609UlEclY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
133
Date
Thu, 28 Mar 2024 02:27:50 GMT
Expires
Thu, 28 Mar 2024 02:27:50 GMT
Location
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Server
nginx
access-control-allow-methods
GET, HEAD, OPTIONS, POST, PUT
access-control-allow-origin
null
access-control-max-age
1800
268a7048dd.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/268a7048dd.js
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3bd0bb9c81300549973c534de26accf7b6104bed7bee20c8bf0371022dd7c2e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:51 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
86b42ef309c96ffc-CDG
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F8DMjkJ4gCNu-IHnOaOB
bundle.78c544487a1d9443f05e.css
bayonetqe.com/sf/tpl9/ 		510 KB
66 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bayonetqe.com/sf/tpl9/bundle.78c544487a1d9443f05e.css?t=1700553347372
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f73a59a6a09db50dff904f2fcf3c7eb2e4828542cd7dea1e61bd790094ef260

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40266
etag
W/"655c62b1-7f698"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YErG5tG25DEBOwwXT82EeDzqOqwsVZY%2FL1tLK0osKNwlLr3nBI6oyYpUOGIGKOwQ6yJWEW8aOZ9KMN2bxzB8KhmSOJ5yWrSjlxHBUa5gz5owGudQoUn81RAU%2Fm5emaiG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
86b42ef2bab3975c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 27 Mar 2025 15:16:39 GMT
img-3.png
bayonetqe.com/sf/tpl9/public/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bayonetqe.com/sf/tpl9/public/img-3.png
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c40a3ef77aea7e48c710fa701af1d074224846ebf30cd9d82b7596c15da2c1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40266
alt-svc
h3=":443"; ma=86400
content-length
2891
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
server
cloudflare
etag
"655c62b1-b4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N2H85U8UceaiOBE9aEVRt2WsKiEJjswI36K0C5NFWMhhZDBFjP5dc%2Fg1SZ%2Fberm7kh8Zl065%2B4WpLhio4iNBwN3geKjUM4%2FE3DgBmqXrCiXZht9a1I2jWI5wVjdKLCe1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86b42ef2bab7975c-FRA
expires
Thu, 27 Mar 2025 15:16:39 GMT
like.png
bayonetqe.com/sf/tpl9/public/ 		466 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bayonetqe.com/sf/tpl9/public/like.png
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7adac1888791ad42f547c97c9c9dad37faee15dfb5e76f20eabc8a0a0b6168e9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40266
alt-svc
h3=":443"; ma=86400
content-length
466
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
server
cloudflare
etag
"655c62b1-1d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eObIdvEMzCsfWXjAnPFUhrIxuTWvoV3OC6AOtHEJyS0EWom9zmHNCyQIwAzbGxA3aX0ieysSNpMrFsLhqp%2Br31hKjc58sqhgW2Kb9KMmG8AlSRt58QwdlTixoiNxLyYY"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86b42ef2dac6975c-FRA
expires
Thu, 27 Mar 2025 15:16:39 GMT
img-4.png
bayonetqe.com/sf/tpl9/public/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bayonetqe.com/sf/tpl9/public/img-4.png
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba90609efbf3e11565b8b9005e57d80f53a8837ce693c9023ccb0626461d212

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40266
alt-svc
h3=":443"; ma=86400
content-length
2542
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
server
cloudflare
etag
"655c62b1-9ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=soggiB%2FY%2BMMtAyNHJ4rBOQPuKk%2F8JxULCVNlET4%2BnUEeOUf3qsJ%2F5ARvFtwAyepqSSx%2BFM%2Bltii9WlvuUabT9FnGfC%2BzBKPFu7vdSdL9Y1SelmdaBN%2Fvwx%2BCk%2Btn1Ixc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86b42ef2bab8975c-FRA
expires
Thu, 27 Mar 2025 15:16:39 GMT
img-5.png
bayonetqe.com/sf/tpl9/public/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bayonetqe.com/sf/tpl9/public/img-5.png
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fba1dafda080b2bf2c0074fc8eb29203c48f2afa916065df41a0a76e48f63987

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40266
alt-svc
h3=":443"; ma=86400
content-length
1691
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
server
cloudflare
etag
"655c62b1-69b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2DRdkpABhOzjIe7ec6Dy%2BkUtvW%2BHxH29G%2BvHTSf%2BOcvi6FqiCoJuL0r7s%2Bx9BaK8KgFxdzWFWyXgzMLYiLWuS6fc2wUu1MAuBKNU%2BPi7X1AD90wS%2FS3Pnv4DBrS%2FDQLT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86b42ef2dabf975c-FRA
expires
Thu, 27 Mar 2025 15:16:39 GMT
img-6.png
bayonetqe.com/sf/tpl9/public/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bayonetqe.com/sf/tpl9/public/img-6.png
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182600ef12499261e2e971331530eb1caacd6c2106c4c864d158ac9c4a9a2327

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40266
alt-svc
h3=":443"; ma=86400
content-length
2491
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
server
cloudflare
etag
"655c62b1-9bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QKGTvpsWidjUH9Jnfz0FG5zxSxPs40fJ3hESrhoIwHk8pEFJztxCMSAbqD0alflspToZfCR4arqRVUlayVEPk0mjMSa5atGe38wjr1%2BD0w6YXid%2BtFbyhARoD%2Bwv%2FZdN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86b42ef2dac1975c-FRA
expires
Thu, 27 Mar 2025 15:16:39 GMT
img-7.png
bayonetqe.com/sf/tpl9/public/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bayonetqe.com/sf/tpl9/public/img-7.png
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ff0a6dfebce308d517e495941065eb38cc8b37a7b2bf67df272aea25f69c40

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40266
alt-svc
h3=":443"; ma=86400
content-length
2997
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
server
cloudflare
etag
"655c62b1-bb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mo2HsOW5rL8DzE9tD%2Bu%2FXwgLEr416odU68%2FnyDqK3ISCCqlf4M4gJExbhq8w%2FxY5x6tqVdzqFwInXcl%2BaHvO1LiFelPtyx4B25qpuBy1xZYpvKlpSz00estqfwZ5NE66"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86b42ef2dac2975c-FRA
expires
Thu, 27 Mar 2025 15:16:39 GMT
img-8.png
bayonetqe.com/sf/tpl9/public/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bayonetqe.com/sf/tpl9/public/img-8.png
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
845a5200eb01a02833e74b09ab84d6ec2aab5ee16211ee1a31b7eb6a4bb61ecc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40266
alt-svc
h3=":443"; ma=86400
content-length
3700
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
server
cloudflare
etag
"655c62b1-e74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5axMHCZqAmooZlTarxFPd9B2PSKIoLgI9bR4t2UalIXOhuDewOB0wFrT99%2FE1HG5WOK9OmDi01p4b%2FTllouQ3Q5vmbpmRK%2BwN%2Bn8V1gq7aF%2Fb%2B%2BkfKJv724BeqEmxgrd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86b42ef2dac7975c-FRA
expires
Thu, 27 Mar 2025 15:16:39 GMT
img-9.png
bayonetqe.com/sf/tpl9/public/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bayonetqe.com/sf/tpl9/public/img-9.png
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18f551911c68e079ef629648f47ad743c99d47e9d5c0d5a475c7392a1f0ab248

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40266
alt-svc
h3=":443"; ma=86400
content-length
3286
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
server
cloudflare
etag
"655c62b1-cd6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=16ayuDYdzRcNdPSyz8gKnLQ1fg0Bu%2FPon%2FR5bWsiJ8PD4TXVrwBViwz8C%2FIbJaoAjQzjuTg7upKzbCAl%2FZMeVNjqKTlN8yIvXc27vEJ0Y0gWtnKQxjYl0%2FstKQsIw1m%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86b42ef2dac8975c-FRA
expires
Thu, 27 Mar 2025 15:16:39 GMT
img-10.png
bayonetqe.com/sf/tpl9/public/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bayonetqe.com/sf/tpl9/public/img-10.png
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40266
alt-svc
h3=":443"; ma=86400
content-length
1292
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
server
cloudflare
etag
"655c62b1-50c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KB11DxBp36Rb7CoK%2FM05RqnhgTwFjEkxJqeNpWdgCLSuCRKBIq9FD8wNkzc%2FZJcTyqL7kp65lk067rB2HOQxiksN21JRFmJNjkINxw3d%2FshtcemOkiXg0pTiRG5aqggn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86b42ef2daca975c-FRA
expires
Thu, 27 Mar 2025 15:16:39 GMT
img-11.png
bayonetqe.com/sf/tpl9/public/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bayonetqe.com/sf/tpl9/public/img-11.png
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ca3bcdc244a011cff113f873678ee9de68479a7f6c7f360b171c3edbc96dd1a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40266
alt-svc
h3=":443"; ma=86400
content-length
2282
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
server
cloudflare
etag
"655c62b1-8ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zwK45GWPL9GBGpLVddJkOuK19tcR%2Bh7bo%2Bdg7VZknQUSpaOGuTGI%2BYXjqLqUHUq2yPgROacBD3u48i1NNI2mFDyInxaVbUewj37F%2BSk6Hbr2boahPHsvI6r4u2BqjeM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86b42ef2dacb975c-FRA
expires
Thu, 27 Mar 2025 15:16:39 GMT
img-12.png
bayonetqe.com/sf/tpl9/public/ 		875 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bayonetqe.com/sf/tpl9/public/img-12.png
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40266
alt-svc
h3=":443"; ma=86400
content-length
875
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
server
cloudflare
etag
"655c62b1-36b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YrA9LMMvCX5o1AtZO0KZn8rAFMmhqxtcH4NQevOTO1%2Bx3YoE9snlR0S2juBNL%2Fwbo2O5GSOsVC5G6CuoVhsWBul0swjEzdtqm3ae%2BmSTxOYh5UxGL6b%2BsHR6gNhLS9Md"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
86b42ef2dacc975c-FRA
expires
Thu, 27 Mar 2025 15:16:39 GMT
12.edcadadd.chunk.js
bayonetqe.com/sf/tpl9/js/ 		390 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bayonetqe.com/sf/tpl9/js/12.edcadadd.chunk.js
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cabce79f3dee68718e08a244032a6889d16968c4a82d438abbb330346ae11b4a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40266
etag
W/"655c62b1-616be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kg3jltjpCJZifY%2BKtbr24GQbFH4UwvLtfpZhWMEW6ib4Z5C86ojlM8IGvNLLRqntQIXNz3Y%2Ff1G1znznDhWu4Gc08bdB0cPPOlZxJm4yHuZBVuPDUDUcP0xZSHWUIvmh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
86b42ef2dac4975c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 27 Mar 2025 15:16:39 GMT
app.31e8575a.js
bayonetqe.com/sf/tpl9/js/ 		853 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bayonetqe.com/sf/tpl9/js/app.31e8575a.js
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d800a43d4a11c55cbee875bbf61729fd6a746a210c53ae5d5ea91b763341d78

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 02:27:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Nov 2023 07:56:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
40266
etag
W/"655c62b1-d559c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F4y2O4oTCFK8faecou%2FspnzQsXG2KULHtoG7O357tDlZFX6d2uf2UIjy2z5DPfCtHTTqI2L%2B6pjBUCCWen8NlVHtF%2BHMY1pRZkbUItgCEy%2FYazbLcOmaz2S0UiBU8n1m"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
86b42ef2dac5975c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 27 Mar 2025 15:16:39 GMT
css2
fonts.googleapis.com/ 		2 KB
849 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap
Requested by
Host: bayonetqe.com
URL: https://bayonetqe.com/sf/tpl9/bundle.78c544487a1d9443f05e.css?t=1700553347372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
3d3fdef74b51045d7a82aa9a0ac59011087be9a9a59083272c3d7a5c8ba521b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://bayonetqe.com/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 28 Mar 2024 02:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Mar 2024 01:23:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Mar 2024 02:27:51 GMT
ace-push.js
virtualpushplatform.com/ 		0
0
summary
beacon.bayonetqe.com/geo/ 		0
0
shein.png
bayonetqe.com/sf/tpl9/public/shein/ 		0
0
cart.png
bayonetqe.com/sf/tpl9/public/shein/ 		0
0
e0caed8f-1761-4470-9a8b-afa091237d91
beacon.bayonetqe.com/g/ 		0
0
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		0
0
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		0
0
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
virtualpushplatform.com
URL
https://virtualpushplatform.com/ace-push.js
Domain
beacon.bayonetqe.com
URL
https://beacon.bayonetqe.com/geo/summary
Domain
bayonetqe.com
URL
https://bayonetqe.com/sf/tpl9/public/shein/shein.png
Domain
bayonetqe.com
URL
https://bayonetqe.com/sf/tpl9/public/shein/cart.png
Domain
beacon.bayonetqe.com
URL
https://beacon.bayonetqe.com/g/e0caed8f-1761-4470-9a8b-afa091237d91?logo=shein&item=F7H8&logo=106s&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Domain
ka-f.fontawesome.com
URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Domain
ka-f.fontawesome.com
URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Domain
ka-f.fontawesome.com
URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

2 Cookies

Domain/Path Name / Value
handlor.com/ Name: uid23297
Value: 1455537482-20240327212749-dbe76eb0fd47eb24f70be6e12b2235e8-
.startsapps.co/ Name: 59ac36b4-23b1-4055-b75f-105ff07efe37-check
Value: 4921052e-c64a-48d9-9787-c2143723c785

3 Console Messages

Source Level URL
Text
network error URL: http://qg.topword.info/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bayonetqe.com/sf/tpl9/0?logo=106s&item=F7H8&sub1=6JQU_473112&sub3=4921052e-c64a-48d9-9787-c2143723c785
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bayonetqe.com
beacon.bayonetqe.com
fonts.googleapis.com
handlor.com
ka-f.fontawesome.com
kit.fontawesome.com
qg.topword.info
startsapps.co
virtualpushplatform.com
bayonetqe.com
beacon.bayonetqe.com
ka-f.fontawesome.com
virtualpushplatform.com
172.67.184.196
193.105.134.13
2606:4700:3037::6815:5412
2606:4700:4400::ac40:93bc
2a00:1450:4001:806::200a
62.210.12.122
67.217.62.46
01ff0a6dfebce308d517e495941065eb38cc8b37a7b2bf67df272aea25f69c40
0ca3bcdc244a011cff113f873678ee9de68479a7f6c7f360b171c3edbc96dd1a
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
182600ef12499261e2e971331530eb1caacd6c2106c4c864d158ac9c4a9a2327
18f551911c68e079ef629648f47ad743c99d47e9d5c0d5a475c7392a1f0ab248
1d800a43d4a11c55cbee875bbf61729fd6a746a210c53ae5d5ea91b763341d78
3d3fdef74b51045d7a82aa9a0ac59011087be9a9a59083272c3d7a5c8ba521b5
4ba90609efbf3e11565b8b9005e57d80f53a8837ce693c9023ccb0626461d212
5f73a59a6a09db50dff904f2fcf3c7eb2e4828542cd7dea1e61bd790094ef260
6678abca597eba4e4bd73c4658a2e5000d90613695d410abe5440771402438d5
73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa
7427d07fc2fa38fe01453b8895b7f487a7e5e82a46e5905c367a541d87e067ee
7adac1888791ad42f547c97c9c9dad37faee15dfb5e76f20eabc8a0a0b6168e9
845a5200eb01a02833e74b09ab84d6ec2aab5ee16211ee1a31b7eb6a4bb61ecc
9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606
b0c40a3ef77aea7e48c710fa701af1d074224846ebf30cd9d82b7596c15da2c1
cabce79f3dee68718e08a244032a6889d16968c4a82d438abbb330346ae11b4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bd0bb9c81300549973c534de26accf7b6104bed7bee20c8bf0371022dd7c2e
fba1dafda080b2bf2c0074fc8eb29203c48f2afa916065df41a0a76e48f63987