bonusbay.site Open in urlscan Pro
188.114.96.9  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response bonusbay.site/	10 KB 4 KB	585ms 245ms	Document text/html	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b637ad5c2f2ee667d727b0060b9ef64e6bb83b7772433e3bc1bc2231399bc5d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8d2769b87afc365c-FRA content-encoding zstd content-type text/html; charset=UTF-8 date Mon, 14 Oct 2024 12:01:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GQDT7yQ7%2FnHinxTj99ed171l1SzGEv4Ow4cc3IsJCiPYxIHGv4lJtdL%2F6N8t%2BJr65HssYYAB6giPTkgWsaWsbXYNvVoowuQfuMMLEB2iawEOGBeLuH%2B4jA5wGFOetIs3"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" vary accept-encoding
GET H3	200	speculation bonusbay.site/cdn-cgi/	128 B 551 B	74ms 64ms	Other application/speculationrules+json	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bonusbay.site/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://bonusbay.site Referer https://bonusbay.site/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZEx4MdOO1IwgqaivZn%2FSM%2F1qD6ChShyEsziNLOxsbgEcLQQXako1rQRag1SPkm4NAa7SZHmvjjDUzVhlmzBrnHejmdff1KIH40A4fqs7eSV223EOCVvQDIA6wqKSGaQ%2F"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769ba4d35365c-FRA access-control-allow-origin https://bonusbay.site alt-svc h3=":443"; ma=86400 content-length 128 date Mon, 14 Oct 2024 12:01:08 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H3	200	66e119f670f294.10576686.css bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/	10 KB 3 KB	172ms 160ms	Stylesheet text/css	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670f294.10576686.css Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aceaa3cf6aba4487a98dc2b0c474baae989e4836b0f6e5076ca27e605ad30dc3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"66e119f6-2657" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5rj0oLslY3qCIpxZ2dDtWyDv2oLQzRw8gQt7ECUoG61vwA%2F8mfUzsw5LKhoG6ToxrigJhyFQGMQqSx7p7LgvdRy5Yz0NMAEZTOmenTCI9rQ26LVLaNEUIcAgA0iOL9v9"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769ba5d45365c-FRA alt-svc h3=":443"; ma=86400 date Mon, 14 Oct 2024 12:01:08 GMT content-type text/css last-modified Wed, 11 Sep 2024 04:17:58 GMT vary Accept-Encoding server cloudflare
GET H3	200	66e119f670ee80.09660626.js Show response bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/	88 KB 33 KB	194ms 182ms	Script application/javascript	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670ee80.09660626.js Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"66e119f8-15ec3" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YBGyH1YG3PbOYfgS82k0aPYLyW5%2BdhuhkqidW8AyZAH5VpTQ%2BqCarS%2Bn7tEXw0KpKv3YQRyd%2FJg5kUZt%2BXEARgKsqEAcpQ4GILN%2FkEkGQQ5upBgYyddwCvit5e8iRtkB"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769ba5d46365c-FRA alt-svc h3=":443"; ma=86400 date Mon, 14 Oct 2024 12:01:08 GMT content-type application/javascript last-modified Wed, 11 Sep 2024 04:18:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	66e119f670efd9.97534004.js Show response bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/	4 KB 2 KB	169ms 153ms	Script application/javascript	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670efd9.97534004.js Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6faa233b68ed2c9f4ebcdb36a819006f11eb8d8af967ac5d7b4c9c9a1defa73f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"66e119f8-fa6" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NonmujMeMG1WnbMqjM3IHOBJfRyk8WPrh%2FWsg%2B2lQKZnPZWiGPHNAdE7pIOkDWhAloQ9yPyHnKO8viWe4cUNAUD8tj6QOx6%2BV4NofimnpPe8%2F8DSJc5uJ096%2Bf6MztWd"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769ba5d47365c-FRA alt-svc h3=":443"; ma=86400 date Mon, 14 Oct 2024 12:01:08 GMT content-type application/javascript last-modified Wed, 11 Sep 2024 04:18:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	66e119f670f416.16266008.txt bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/	2 KB 708 B	168ms 151ms	Stylesheet text/plain	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670f416.16266008.txt Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29a8eadfbcbdd78983b24d3404721064be470099a82d93238f33e8a75a2d7df9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC etag W/"66e119f7-66f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sgU%2FgKiynvxuK9uibKKXs65nIShf%2Bc1E90Fwd71BG0N4pytqdPKEq2TnTdUsw0wXlpj81U7%2BOt1KFw3qCGOGPOup1flPvPNQ8sGvdzkuX4zOjPkPzc%2B%2BUL7pYogDr4%2FP"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769ba6d50365c-FRA alt-svc h3=":443"; ma=86400 date Mon, 14 Oct 2024 12:01:08 GMT content-type text/plain last-modified Wed, 11 Sep 2024 04:17:59 GMT server cloudflare
GET H3	200	66e119f670f594.69200421.css bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/	100 KB 24 KB	173ms 155ms	Stylesheet text/css	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670f594.69200421.css Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 816ab0109aa027a46db558c45766935f781718622e5077c117c2db65c0eb4367 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://bonusbay.site Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"66e119f6-190bf" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BK5D6EQdynC8X%2FCcTn%2BVqQLSMB09OhCRBR0lscIkF7mPRGWYKj%2FKnflncboevR%2FPF0prS4erIb9xexEEcGqsAhyi5hyXuxirTyOQaNVt%2B%2FeQ7kZPl3kHGOvlyPwPp9pj"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769ba6d51365c-FRA alt-svc h3=":443"; ma=86400 date Mon, 14 Oct 2024 12:01:08 GMT content-type text/css last-modified Wed, 11 Sep 2024 04:17:58 GMT vary Accept-Encoding server cloudflare
GET H3	200	66e119f670f127.66604306.js Show response bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/	4 KB 2 KB	288ms 271ms	Script application/javascript	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670f127.66604306.js Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45adddea93ba67b62501879f4b43278e281a879be7276104fe7f2e6191830a97 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"66e119f8-10b8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRPW%2B%2BAEmdPIMykdtFjqyRSmIEEAJJ21Fr4OzH6IernWTjHhBJ10qOGF80chlaVodxOk%2BqbodeIRZF%2FGP5fqjj%2BTxzs6e2Mp%2FETGKe88TVxD%2Fomrp5OToHoT3vs3jito"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769ba6d52365c-FRA alt-svc h3=":443"; ma=86400 date Mon, 14 Oct 2024 12:01:08 GMT content-type application/javascript last-modified Wed, 11 Sep 2024 04:18:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	66e119f670e0c4.40676908.png bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/	174 KB 175 KB	193ms 176ms	Image image/png	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670e0c4.40676908.png Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a75b40bc8b02b32b9e88b93d029e6f906dcdcc08058a94bdbc1f5fbfab16d397 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "66e119f8-2b90c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lQUvP%2F1q77jSfvi7bgdBH01ACPRUzbItsShmlLV1myrAeY5sJfZwxRbncdwSuLPMRFohNtiqTXqkWHukqrShMMDfCNS%2BKIvZdXxdvU4WUo9iJ4v3hQLYsXtYiePjaj3G"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769ba6d54365c-FRA accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 178444 date Mon, 14 Oct 2024 12:01:08 GMT content-type image/png last-modified Wed, 11 Sep 2024 04:18:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	66e119f670e467.77280850.png bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/	390 KB 391 KB	192ms 175ms	Image image/png	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670e467.77280850.png Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63361e2263a0f5d4cbd2684a8b6b80594295865a01661b3470bdd582e76a8a62 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "66e119f8-6180e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0hN3dmdchBeL5zuu9hSd86euyJyOgOMBJEQWFStSgFp9TVVECWPDhxi8HYsR1AB%2Bm4qRn1IUx0Gv%2B6gtFiLpYhkPk%2FGbBME7Zi2yqDF93xcCKFuJ4a8OZIGxOGFA5CeC"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769ba6d56365c-FRA accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 399374 date Mon, 14 Oct 2024 12:01:08 GMT content-type image/png last-modified Wed, 11 Sep 2024 04:18:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	66e119f670e8c2.46907356.png bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/	2 KB 2 KB	326ms 324ms	Image image/png	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670e8c2.46907356.png Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1656d8ea8f04ae8428e85d97c924e4647883dfb00ae6cb38a7dc545d9bb6b57 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "66e119f8-6d4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8aiRM%2BV9bAH7SOOgGgiuZEtAqRYPjLyE59pp5fvUfsR6kvOpAux4ZyrJ8p25%2FaCduOJKC35L1ImwH9TABvjbsuHBLZaqOHeMzBUOOSV32RLNpXeigl0LyAOSDklHA5q"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769bc3fb0365c-FRA accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 1748 date Mon, 14 Oct 2024 12:01:08 GMT content-type image/png last-modified Wed, 11 Sep 2024 04:18:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	66e119f670ebb9.24090224.png bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/	82 KB 82 KB	326ms 325ms	Image image/png	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670ebb9.24090224.png Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b63ebf6fb84a9afb106af48e627991cd3b592108fef8dc9cd0ac46eee560f369 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "66e119f8-1481d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCGwHKBaU6bStEafPM1DlXiCllthA0DKdWXdBTf2PENcozuniY343yZMz6FZwDgTVwGd4gSdwQWWda1n9wxx32ODeFh5xVGCXVirDZXOBzox%2BZ1X4j4Cz5ppFyJ9hA1D"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769bc3fb1365c-FRA accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 83997 date Mon, 14 Oct 2024 12:01:08 GMT content-type image/png last-modified Wed, 11 Sep 2024 04:18:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	66e119f670ed19.58024639.png bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/	281 KB 282 KB	363ms 361ms	Image image/png	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670ed19.58024639.png Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be8c84c3dc22ce02e4f579bb87f708a99aea320cad16000eb8bf65fe4b77d2ba Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "66e119f8-465a3" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOAz053OnqguJ3DQ%2B7IuC59T3JXqIaeR%2BDNeR%2BT5k%2B7RKd18lXgQEh%2FqHE%2Bq07K5rKMhgp4j9bfxNpnZvN2Q5Ds8ihXIBgq7fc8tWqwDVAtuSyBiRUsBZ9fNvrs2%2BnVG"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769bc3fb2365c-FRA accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 288163 date Mon, 14 Oct 2024 12:01:08 GMT content-type image/png last-modified Wed, 11 Sep 2024 04:18:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	226 KB 58 KB	202ms 46ms	Script application/x-javascript	157.240.251.9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra5.fbcdn.net Software / Resource Hash 48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Mon, 14 Oct 2024 12:01:08 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4542, tp=11, tpl=0, uplat=1, ullat=-1 pragma public x-fb-debug lPFTxMPBrdXSZwFcnsdJLpBPzqqPYfrIcGR8yOj+fEyPB4UZVpqtuM6mhlcbcdY6vvILif1G6NB1LO4OkEwe2g== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 59131 x-xss-protection 0 origin-agent-cluster ?1
GET H/1.1	200 OK	66e01ca8b81de3e73ad28844 Show response track.sample-hunters.pro/	193 B 1 KB	369ms 143ms	XHR application/json	2a00:c98:2030:a025:9:: LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://track.sample-hunters.pro/66e01ca8b81de3e73ad28844?format=json&&sub19=&sub20= Requested by Host: bonusbay.site URL: https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670f127.66604306.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:c98:2030:a025:9:: Neumünster, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software / Resource Hash 9429d3d49ef234e30a54dc37b6b3baad95563c2a2810ca0efd56255548069b32 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers Transfer-Encoding chunked Access-Control-Expose-Headers Content-Length,Content-Range Content-Encoding gzip X-Kong-Request-Id b5f0ff5754ded45da7311d5943a4480c Connection close X-Kong-Upstream-Latency 46 Access-Control-Allow-Origin * X-Kong-Proxy-Latency 11 Date Mon, 14 Oct 2024 12:01:08 GMT Content-Type application/json Vary Accept-Encoding
GET H3	200	482448664434398 Show response connect.facebook.net/signals/config/	68 KB 13 KB	223ms 218ms	Script application/x-javascript	157.240.251.9 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/482448664434398?v=2.9.170&r=stable&domain=bonusbay.site&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra5.fbcdn.net Software / Resource Hash 0d8e2aa1fac11933962e61c0c139d01d51bcf1e772c8307d14492161d1aa9345 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Mon, 14 Oct 2024 12:01:08 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=42, rtx=0, c=68, mss=1232, tbw=67342, tp=64, tpl=0, uplat=168, ullat=0 pragma public x-fb-debug L8n40srdX/qJ7FvtgNzSrqLVX9wCBSDUcMHSgKyTmey8fhVrgYtH4UlH+9y3HQ4LPfycr4En8j/B7QEuGaixpw== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H/1.1	204 No Content	view Show response track.sample-hunters.pro/	0 285 B	387ms 280ms	XHR text/plain	2a00:c98:2030:a025:9:: LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://track.sample-hunters.pro/view?clickid=670d08047a611865b4778e11 Requested by Host: bonusbay.site URL: https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670f127.66604306.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:c98:2030:a025:9:: Neumünster, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers X-Kong-Upstream-Latency 235 Access-Control-Expose-Headers Content-Length,Content-Range Access-Control-Allow-Origin * X-Kong-Proxy-Latency 10 X-Kong-Request-Id 0caa133ee416a60261c46e0f9d91960f Date Mon, 14 Oct 2024 12:01:09 GMT Connection close
GET H2	200	/ www.facebook.com/tr/	0 274 B	174ms 45ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=482448664434398&ev=PageView&dl=https%3A%2F%2Fbonusbay.site%2F&rl=&if=false&ts=1728907269088&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728907269084.59443216053994722&ler=empty&cdl=API_unavailable&it=1728907268788&coo=false&rqm=GET Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2945, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Mon, 14 Oct 2024 12:01:09 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	320ms 193ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=482448664434398&ev=PageView&dl=https%3A%2F%2Fbonusbay.site%2F&rl=&if=false&ts=1728907269088&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728907269084.59443216053994722&ler=empty&cdl=API_unavailable&it=1728907268788&coo=false&rqm=FGET Requested by Host: bonusbay.site URL: https://bonusbay.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425600179588866564"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Mon, 14 Oct 2024 12:01:09 GMT content-type image/png vary Accept-Encoding x-fb-debug M/KywSqtBTuL2/Tk5/41zXus33QcWWo1bFOYlJ31MI/Bhm0F3Y0Fq3loFWqCW9vLm7sAR3g30/zyKyqSq63D5w== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425600179588866564", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=23, rtx=0, c=14, mss=1297, tbw=3263, tp=-1, tpl=-1, uplat=147, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H3	200	index.html bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/	10 KB 3 KB	166ms 166ms	Other text/html	188.114.96.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a27197955293f5af7e402f8904592f3f93583cc66986b20453b054507392a6bd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://bonusbay.site/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC speculation-rules "/cdn-cgi/speculation" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v6RHONWgaUnvUJzSC9DQGNuJFFVVvAJZYkcEGjGvOCHI%2FeISNwzEqXw7mcAVFCXzFubKDioDhYDlYBw7IgouaaEmCqjeuP3IrgmSoiP8P9khlqtHSo6o11053NxwWVd4"}],"group":"cf-nel","max_age":604800} cf-ray 8d2769c21f3c365c-FRA alt-svc h3=":443"; ma=86400 date Mon, 14 Oct 2024 12:01:09 GMT content-type text/html last-modified Wed, 11 Sep 2024 14:46:16 GMT vary accept-encoding server cloudflare

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| getCookie string| campaignID number| cachebuster string| rtkClickID object| urlParams string| pixelParams string| initialSrc function| stripTrailingSlash object| rawData function| fixHrefWithClick function| setCookie function| fbq function| _fbq string| domain number| currentYear object| xhr object| xhrr

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bonusbay.site/	1970-01-21 00:16:33	Name: uclick Value: scj6d5bl
			bonusbay.site/	1970-01-21 00:16:33	Name: uclickhash Value: scj6d5bl-scj6d5bl-1mbz-0-2tsl-hoir-g5a1-c284af
			bonusbay.site/	1970-01-21 00:58:19	Name: rtkclickid-store Value: 670d08047a611865b4778e11
			.bonusbay.site/	1970-01-21 02:24:43	Name: _fbp Value: fb.1.1728907269084.59443216053994722

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://bonusbay.site/(Line 20) Message: Failed to find a valid digest in the 'integrity' attribute for resource 'https://bonusbay.site/landers/us_-_walmart66e119f5bc8f16.60059283/66e119f5bc9035.97750558/66e119f670f594.69200421.css' with computed SHA-512 integrity 'yL8WxRDjp0t+8pEPYHgF9tk1WxH1/1YFuQPmkTM1V/SV1MpbXxGkMFjJdwGDl5cov/hQMyDCbRTcAtRh13A1Fg=='. The resource has been blocked.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bonusbay.site
connect.facebook.net
track.sample-hunters.pro
www.facebook.com
157.240.251.9
188.114.96.9
2a00:c98:2030:a025:9::
2a03:2880:f177:185:face:b00c:0:25de
0d8e2aa1fac11933962e61c0c139d01d51bcf1e772c8307d14492161d1aa9345
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
29a8eadfbcbdd78983b24d3404721064be470099a82d93238f33e8a75a2d7df9
45adddea93ba67b62501879f4b43278e281a879be7276104fe7f2e6191830a97
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
4b637ad5c2f2ee667d727b0060b9ef64e6bb83b7772433e3bc1bc2231399bc5d
63361e2263a0f5d4cbd2684a8b6b80594295865a01661b3470bdd582e76a8a62
6faa233b68ed2c9f4ebcdb36a819006f11eb8d8af967ac5d7b4c9c9a1defa73f
816ab0109aa027a46db558c45766935f781718622e5077c117c2db65c0eb4367
9429d3d49ef234e30a54dc37b6b3baad95563c2a2810ca0efd56255548069b32
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a27197955293f5af7e402f8904592f3f93583cc66986b20453b054507392a6bd
a75b40bc8b02b32b9e88b93d029e6f906dcdcc08058a94bdbc1f5fbfab16d397
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aceaa3cf6aba4487a98dc2b0c474baae989e4836b0f6e5076ca27e605ad30dc3
b63ebf6fb84a9afb106af48e627991cd3b592108fef8dc9cd0ac46eee560f369
be8c84c3dc22ce02e4f579bb87f708a99aea320cad16000eb8bf65fe4b77d2ba
d1656d8ea8f04ae8428e85d97c924e4647883dfb00ae6cb38a7dc545d9bb6b57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855