carebonusnow.com Open in urlscan Pro
2606:4700:3031::6815:fc8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://carebonusnow.com/
Submission: On January 26 via api (January 26th 2024, 1:44:37 am UTC) from US — Scanned from US

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 11 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3031::6815:fc8, located in United States and belongs to CLOUDFLARENET, US. The main domain is carebonusnow.com.
TLS certificate: Issued by GTS CA 1P5 on January 23rd 2024. Valid for: 3 months.

This is the only time carebonusnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3031::6815:fc8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	3.213.228.14 3.213.228.14	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:10:... 2606:4700:10::ac43:29e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.236.63.188 34.236.63.188	14618 (AMAZON-AES) (AMAZON-AES)
1	54.230.139.137 54.230.139.137	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20ea:e600:4:1957:6500:93a1	16509 (AMAZON-02) (AMAZON-02)
3	45.223.17.68 45.223.17.68	19551 (INCAPSULA) (INCAPSULA)
4	54.164.40.54 54.164.40.54	14618 (AMAZON-AES) (AMAZON-AES)
1	54.91.34.239 54.91.34.239	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
35	13

10 2606:4700:3031::6815:fc8 (United States)

ASN13335 (CLOUDFLARENET, US)

carebonusnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.228.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-228-14.compute-1.amazonaws.com

mylanderportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.236.63.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-63-188.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.139.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-139-137.atl56.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ea:e600:4:1957:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-js.ringba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.223.17.68 (United States)

ASN19551 (INCAPSULA, US)

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.164.40.54 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-40-54.compute-1.amazonaws.com

display.ringba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.34.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-34-239.compute-1.amazonaws.com

info.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	carebonusnow.com carebonusnow.com	118 KB
5	ringba.com b-js.ringba.com — Cisco Umbrella Rank: 107905 display.ringba.com — Cisco Umbrella Rank: 84171	19 KB
4	leadid.com create.leadid.com — Cisco Umbrella Rank: 16554 info.leadid.com — Cisco Umbrella Rank: 86958	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	74 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	247 B
3	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 19602	22 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 28974	38 KB
1	mylanderportal.com mylanderportal.com
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369	31 KB
0	morehealthbenefits.com Failed morehealthbenefits.com Failed
35	11

	Domain	Requested by
10	carebonusnow.com	carebonusnow.com
4	display.ringba.com	b-js.ringba.com
4	connect.facebook.net	carebonusnow.com connect.facebook.net
3	www.facebook.com
3	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net deviceid.trueleadid.com
3	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
1	info.leadid.com	create.lidstatic.com
1	b-js.ringba.com	carebonusnow.com
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	create.lidstatic.com	carebonusnow.com
1	mylanderportal.com	carebonusnow.com
1	ajax.googleapis.com	carebonusnow.com
0	morehealthbenefits.com Failed	carebonusnow.com
35	13

This site contains no links.

Subject Issuer	Validity	Valid
carebonusnow.com GTS CA 1P5	`2024-01-23` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
mylanderportal.com R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-04` - `2024-02-02`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
create.leadid.com Amazon RSA 2048 M02	`2023-08-21` - `2024-09-17`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.ringba.com Amazon RSA 2048 M03	`2023-11-27` - `2024-12-23`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-16` - `2024-07-14`	6 months	crt.sh
*.leadid.com Amazon RSA 2048 M02	`2023-07-20` - `2024-08-17`	a year	crt.sh

This page contains 3 frames:

Frame: https://morehealthbenefits.com/
Frame ID: 345FFFE4CEA3BA00FE6225621CA14B71
Requests: 29 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=076500DD-B167-61B9-062F-733185E2AE2F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A57816B4-6C59-F397-7853-7E14E45D3E1B&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66
Frame ID: 87AFE389CE477405BEC7EB577A43D92E
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=076500DD-B167-61B9-062F-733185E2AE2F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A57816B4-6C59-F397-7853-7E14E45D3E1B&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66
Frame ID: F432A91E43EE7B0761C38C9371C40313
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

94 %
HTTPS

50 %
IPv6

11
Domains

13
Subdomains

13
IPs

1
Countries

306 kB
Transfer

814 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
carebonusnow.com/ 13 KB
5 KB 246ms
138ms Document
text/html 2606:4700:3031::6815:fc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carebonusnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:fc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cc7f3af34e1e1f64e737532386f5fed7a248dc07f7402000d909d7ce70976022

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=2678400
cf-cache-status: EXPIRED
cf-ray: 84b511c0e9dc4bc1-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 01:44:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JdMsU%2Bi9DvX3yD0k8%2BemWQKPx3wu5n%2FcG3JIm23UhnntZ%2FeAJ%2FbgplkPFGbf%2FrEAkSBZIjuZbRBrbG1bleU0MXZtzcBq%2BIT4GcEDmpL%2BewBiyqYuSUqthvahUWbKAqHXqCWxgveBmvsi2zYTxfc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 styles.css
carebonusnow.com/css/ 3 KB
1 KB 173ms
166ms Stylesheet
text/css 2606:4700:3031::6815:fc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carebonusnow.com/css/styles.css
Requested by: Host: carebonusnow.com
URL: https://carebonusnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:fc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 123081148f2b16549f97e30ce29fbfe23a4cd769b1319f03cfa7e353a88f34a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:44:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"b35-CG4YrVb96XHM4kuH734tCT7qaFQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHDJ%2FTkEVmWWqBErk4zevyY0rUIVK%2FwZC8o7Fxfw%2Fu8eXvoZ%2Fpg%2B4MPROqlSxiyiQYkQD7qGwEcmK76DfVVlpjhPkHZnn53L1eC39Kmyjx8fwnvlLCt1hkl%2BIyYA0ZGATgf8MJN6tbt3kM%2BVbeJ%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 84b511c1da3b4bc1-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.webp
carebonusnow.com/images/ 3 KB
4 KB 170ms
164ms Image
image/webp 2606:4700:3031::6815:fc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://carebonusnow.com/images/logo.webp
Requested by: Host: carebonusnow.com
URL: https://carebonusnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:fc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0001aaeb9d257978c8985c0295c76f031200f806848b6b5f5704e78fd9eb8535

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:44:11 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"d74-isOCM8wMElmdoyyRc3sIdeNp/UA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2%2BoXK%2B%2F41Hl%2FtkXviy45soMMg%2FYciwbKbmJAJfS3%2BLaWcHQsO%2FL%2FpHMkN%2FUxqDm7PUcXQ4IBaednJc7pYqsp68WNrdh8sE5Gw%2FmmKn8i31ClgsuVAtBqqQsnLQk80PuS2eSxHPj4VmhvtjDyKs4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84b511c1da3c4bc1-BUF
alt-svc: h3=":443"; ma=86400
content-length: 3444

GET
H2 200 family.jpg
carebonusnow.com/images/ 99 KB
99 KB 275ms
270ms Image
image/jpeg 2606:4700:3031::6815:fc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://carebonusnow.com/images/family.jpg
Requested by: Host: carebonusnow.com
URL: https://carebonusnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:fc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d1965706316e1ad3d701bc06fa2f18b07a7ce8c12088adb7cccef426b5421a73

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:44:12 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"18aa8-dOsJpvbbOOoFaWPkj/+KOtIWbDE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmseRLcJvmt8PyMSE1jPUWI3WSDck2gjwKXdGBAWdevtYt%2Fwvzbu492aZ97V9uHXfaFm0eWcDLxvyQ7ulcLQCfrhAvjaTtpB9olrwNMK9Pag4CWC%2BvY4kY3a6SxA9UaedWZJ6QkLUkmVVkrtuI%2FE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 84b511c1da3d4bc1-BUF
alt-svc: h3=":443"; ma=86400
content-length: 101032

GET
H2 200 rocket-loader.min.js Show response
carebonusnow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 36ms
32ms Script
application/javascript 2606:4700:3031::6815:fc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://carebonusnow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: carebonusnow.com
URL: https://carebonusnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:fc8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Jan 2024 14:02:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b26a01-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYqVbpBIrtMh66e28ps0YAm0fV5Hr5KgzvNqPjexGXED1qh859Re21UFSqyHwbrOfXLZ34VLU573Zq0RKtA0LLPMDMS7c17OmEilQSmzsarBIKGJlQXddqMwV%2FI%2B5st9rSMPjn2YPVWRt2PFllQq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84b511c1da3f4bc1-BUF
expires: Sun, 28 Jan 2024 01:44:11 GMT

GET
H3 200 absf_v3.0.js
carebonusnow.com/js/ 854 B
920 B 212ms
211ms Script
text/javascript 2606:4700:3031::6815:fc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carebonusnow.com/js/absf_v3.0.js
Requested by: Host: carebonusnow.com
URL: https://carebonusnow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:fc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:44:12 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"356-8fIttMgCKLnZmSXrVpgWK1t7KTw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25exdjKvLZpO5VXW7KeDBhgYw37atNGL0xDcYa6tndNVnOCVew089IXFYGo5vlrRzeo9a%2FTrm%2BKNZZVqrnSYDb3kd1EFQzvDti0vk9%2B%2FGggHkuB0Iscp5yjzOHbM7Jo%2F5v7zGD1U3Se1RJ2TKcMD"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 84b511c2ff7a4bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 absf_v1.0_references.js Show response
carebonusnow.com/js/ 2 KB
1 KB 197ms
195ms Script
application/javascript 2606:4700:3031::6815:fc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carebonusnow.com/js/absf_v1.0_references.js
Requested by: Host: carebonusnow.com
URL: https://carebonusnow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:fc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f4072f447c005996868b6b87565da4dce65d821d77c1956b763de1ce74d2ae62

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:44:12 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"751-hK17w5UpbZeNtU4bdEfzKF8VCzU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLts5SnNLlCPhoQo6PGytwu6BfBSmY1GvgRvqgpRCV8RyJUwJHKaP45qIPPiveHtEZPr0QbsUECjzaft9SvWIUEU1IAz%2BeEjoNEAKfA%2FvCV%2B55fgY0BLP8LpILSG4VGH8LbEQoTRx3%2BBoyRPB%2FP7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 84b511c2ff7b4bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 loader.js Show response
carebonusnow.com/js/ 3 KB
1 KB 208ms
206ms Script
application/javascript 2606:4700:3031::6815:fc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carebonusnow.com/js/loader.js
Requested by: Host: carebonusnow.com
URL: https://carebonusnow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:fc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b9c145899fb05ff5510dfebe9d4ef2da5a8d3439aaa9f3754bb5e8e64bf66c71

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:44:12 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"aa8-7nA1H/3E0mrkEyTaaABVPNrGS3w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXn%2Bs%2BrBTmEQfqhaWHbExz3jNRabG4Bf4%2Bby9sWIP7FoklHTHt%2BLN5ylS2ZijjSsByvfxvA%2BZM%2BLrHtR7wi1xMgEqD7RrrJqOtdBJCC6uiq%2FzE1c6zhXWhmuTg%2FHKD%2F5oIVsrOV24qYFnfe9mumi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 84b511c2ff7c4bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 countdown.js Show response
carebonusnow.com/js/ 504 B
757 B 197ms
196ms Script
application/javascript 2606:4700:3031::6815:fc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carebonusnow.com/js/countdown.js
Requested by: Host: carebonusnow.com
URL: https://carebonusnow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:fc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0e47b1350cf329c793437da7e12c09f395d65726a80d9a7f35b6a0db85a896d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:44:12 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1f8-AUvfoIdMQ1X6qJRAcf5vy5+Y7Vg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQLLudvXiiv69FEkkMJ%2BuRCxLy%2Fr94v%2FjZowwpHSEaHSg0WzJTA90%2Ft2I13kDtapPMnWQbnqslDFXm5padooCMBCqn6UApN7RU4k%2F7m0fwEEHEaOZWdD6dxNC1%2Bnz6R3kkrVhmfsva%2BGF7D3DYgE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 84b511c2ff7e4bc9-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 98ms
32ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: carebonusnow.com
URL: https://carebonusnow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:38:35 GMT

GET
H3 200 bootstrap@5.3.0.min.prot.js Show response
carebonusnow.com/js/ 632 B
858 B 154ms
153ms Script
text/javascript 2606:4700:3031::6815:fc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://carebonusnow.com/js/bootstrap@5.3.0.min.prot.js
Requested by: Host: carebonusnow.com
URL: https://carebonusnow.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:fc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 93720b7d0047b43b089ed778f251d3239b30b0db269c75270e24b4b0f9e1cd5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:44:12 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"278-wcwbUZQw5YN20K3Y7gqn+Ng2VqQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6zW6i4CmSSb4b2t9dCTQIrCyKW1vvuynq7mPFLse57AJyNFM3SWo7RBFhkrjLMxlySo2znP9k859fXP7Y9aNQKVzuH898FU2XozTq3E%2BJ%2BIfL%2BuOJgqdXZGGgKdgRndNrZCUTeP8jCFgM5wI%2B5P"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 84b511c2ff7f4bc9-BUF
alt-svc: h3=":443"; ma=86400

OPTIONS
H/1.1 404
NOT FOUND location
mylanderportal.com/api/ Frame 0
0 139ms
41ms Preflight
text/html 3.213.228.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mylanderportal.com/api/location
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.213.228.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-228-14.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://carebonusnow.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://carebonusnow.com
Connection: keep-alive
Content-Length: 232
Content-Type: text/html; charset=utf-8
Date: Fri, 26 Jan 2024 01:44:12 GMT
Server: nginx/1.22.1
Vary: Origin

POST location
mylanderportal.com/api/ 0
0

GET /
morehealthbenefits.com/ 0
0

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 213 KB
57 KB 102ms
34ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: carebonusnow.com
URL: https://carebonusnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 Jan 2024 01:44:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57022
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: xwpyX4NuEx72wEndosFR122L+rpZTosPqy1ZqsXXAU23ywTQYoDar8KecVGGyPwpWs+QbYepoDvZxtCkp3pAnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 a57816b4-6c59-f397-7853-7e14e45d3e1b.js
create.lidstatic.com/campaign/ 121 KB
38 KB 106ms
41ms Script
text/javascript 2606:4700:10::ac43:29e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString
Requested by: Host: carebonusnow.com
URL: https://carebonusnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:44:12 GMT
x-amz-version-id: 0TYZIhZnCiJDj1Gzr_aWxHS1MWCxaYWH
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 7J8FWQTJSKANQTN0
age: 5
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: SCHOVz3r+ycSNFw8J6VfEtykKWxpIUrO6ELBXv9E+eLZ/acyJxnB8ovgMwd19XQEYkE97Vk4ZrTDFL3esXCDAQ==
last-modified: Thu, 18 Jan 2024 02:21:13 GMT
server: cloudflare
etag: W/"bc138804ddd94411bd78fba4df4e96b0"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 84b511c4bf8b4bcc-BUF

POST
H2 200 GenerateToken
create.leadid.com/2.12.1/ 36 B
660 B 287ms
98ms XHR
text/plain 34.236.63.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=ae68e589-60bc-4591-a6ec-996b44000cd8&_=158913171

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.236.63.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-63-188.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://carebonusnow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 Jan 2024 01:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1333889473851400
connect.facebook.net/signals/config/ 53 KB
11 KB 179ms
178ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1333889473851400?v=2.9.142&r=stable&domain=carebonusnow.com&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 Jan 2024 01:44:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: WLo1u535Y27ggQ4g/MLQoRABb0Rl5F7KU4vj2ZBUHxwf7WtZB6Sj58MBhGuE6aJ+4W/aLB9Hi3TOaFMG05leXw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 6411826982256929
connect.facebook.net/signals/config/ 20 KB
3 KB 129ms
129ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/6411826982256929?v=2.9.142&r=stable&domain=carebonusnow.com&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97%2C170%2C169%2C171%2C176%2C177%2C178%2C174%2C166%2C113%2C165%2C167%2C104%2C132%2C126%2C129%2C110%2C161%2C201%2C98%2C202%2C139%2C102%2C124%2C117%2C162%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 Jan 2024 01:44:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: JWYQ5uca5st8h7r0x5WJGRrJ6thXy3vr/+Nw/y6gFrUJPyFYg7HLmHnlk1DNB77HvfcP5q1BHvuI9xCcXcOT/Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 87AF 3 KB
2 KB 147ms
42ms Document
text/html 54.230.139.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=076500DD-B167-61B9-062F-733185E2AE2F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A57816B4-6C59-F397-7853-7E14E45D3E1B&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.230.139.137 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-139-137.atl56.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://carebonusnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Age: 39126
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 25 Jan 2024 14:52:06 GMT
ETag: W/"65a0715c-dbb"
Last-Modified: Thu, 11 Jan 2024 22:53:16 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 4cc685c660795f2a3ffdaa4847751a1c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: EjMQDSu0IscGyk6LDwTRb2i5OLpotsL7Ut6AYSLTlRQKDr5GkH-LwA==
X-Amz-Cf-Pop: ATL56-C2
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom
create.leadid.com/2.12.1/ 0
623 B 45ms
45ms XHR
text/plain 34.236.63.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=ae68e589-60bc-4591-a6ec-996b44000cd8&token=076500DD-B167-61B9-062F-733185E2AE2F&_=158913172

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.236.63.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-63-188.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://carebonusnow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 Jan 2024 01:44:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 CA701edcfda750434cbdf14b7ceddcabf1
b-js.ringba.com/ 17 KB
17 KB 150ms
53ms Script
text/html 2600:9000:20ea:e600:4:1957:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-js.ringba.com/CA701edcfda750434cbdf14b7ceddcabf1
Requested by: Host: carebonusnow.com
URL: https://carebonusnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ea:e600:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:42:11 GMT
via: 1.1 77deda202124ec17aac7cacac8230f8a.cloudfront.net (CloudFront)
x-aspnet-version: 4.0.30319
x-amz-cf-pop: BOS50-C1
age: 121
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 17076
x-runtime: 0.0000
server: Microsoft-IIS/10.0
access-control-max-age: 300
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public
x-amz-cf-id: w_2amXE-LujSja7AXxDIkHNNliWE-mWmLFjmEgFr0HnAb4zP9rRSwQ==
expires: Fri, 26 Jan 2024 01:47:11 GMT

GET
H3 200 254961090299261
connect.facebook.net/signals/config/ 20 KB
3 KB 141ms
140ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/254961090299261?v=2.9.142&r=stable&domain=carebonusnow.com&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97%2C170%2C169%2C171%2C176%2C177%2C178%2C174%2C166%2C113%2C165%2C167%2C104%2C132%2C126%2C129%2C110%2C161%2C201%2C98%2C202%2C139%2C102%2C124%2C117%2C162%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 26 Jan 2024 01:44:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: f69BiHaZDRIAF8vZIBFuCB538plC0OnitClm+FTFFDEDNUxrijVXxwGVPYpOraqe+PLCcGrDDQ5iWK11kOdpBg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe.html
deviceid.trueleadid.com/ Frame F432 4 KB
2 KB 105ms
43ms Document
text/html 45.223.17.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://deviceid.trueleadid.com/iframe.html?token=076500DD-B167-61B9-062F-733185E2AE2F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A57816B4-6C59-F397-7853-7E14E45D3E1B&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66

Requested by

Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=076500DD-B167-61B9-062F-733185E2AE2F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A57816B4-6C59-F397-7853-7E14E45D3E1B&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.17.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Fri, 26 Jan 2024 01:44:12 GMT
etag: W/"6554d155-1049"
expires: Sat, 27 Jan 2024 01:44:12 GMT
last-modified: Wed, 15 Nov 2023 14:10:29 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-iinfo: 8-15211056-15183490 pNNy RT(1706233452557 27) q(0 0 0 0) r(1 1) U24
x-incap-sess-cookie-hdr: CJyRZ8RNjl+FiTIotP0iFGwOs2UAAAAAAZWyQFFhQmkWhbWfYvbz/w==

POST
H/1.1 200
OK gnbulk
display.ringba.com/v2/nis/ 394 B
781 B 189ms
43ms XHR
application/json 54.164.40.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://display.ringba.com/v2/nis/gnbulk
Requested by: Host: b-js.ringba.com
URL: https://b-js.ringba.com/CA701edcfda750434cbdf14b7ceddcabf1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.40.54 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-40-54.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://carebonusnow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 01:44:12 GMT
X-Runtime: 0.0020
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Max-Age: 300
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://carebonusnow.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 394
Expires: -1

POST
H2 200 info
info.leadid.com/ 1 B
109 B 173ms
41ms XHR
text/plain 54.91.34.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://info.leadid.com/info?msn=3&pid=ae68e589-60bc-4591-a6ec-996b44000cd8&token=076500DD-B167-61B9-062F-733185E2AE2F&_=158913173
Requested by: Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a57816b4-6c59-f397-7853-7e14e45d3e1b.js?snippet_version=2&callback=addToQueryString
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.91.34.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-34-239.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://carebonusnow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 26 Jan 2024 01:44:12 GMT
server: nginx
content-type: text/plain;charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 102ms
34ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1333889473851400&ev=PageView&dl=https%3A%2F%2Fcarebonusnow.com%2F%3Fleadid%3D076500DD-B167-61B9-062F-733185E2AE2F&rl=&if=false&ts=1706233452870&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4126&fbp=fb.1.1706233452868.1607960848&ler=empty&it=1706233452396&coo=false&exp=d3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 26 Jan 2024 01:44:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 102ms
35ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=6411826982256929&ev=PageView&dl=https%3A%2F%2Fcarebonusnow.com%2F%3Fleadid%3D076500DD-B167-61B9-062F-733185E2AE2F&rl=&if=false&ts=1706233452872&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4126&fbp=fb.1.1706233452868.1607960848&ler=empty&it=1706233452396&coo=false&exp=d3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 26 Jan 2024 01:44:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 102ms
35ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=254961090299261&ev=PageView&dl=https%3A%2F%2Fcarebonusnow.com%2F%3Fleadid%3D076500DD-B167-61B9-062F-733185E2AE2F&rl=&if=false&ts=1706233452873&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4126&fbp=fb.1.1706233452868.1607960848&ler=empty&it=1706233452396&coo=false&exp=d3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://carebonusnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 26 Jan 2024 01:44:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 _Incapsula_Resource
deviceid.trueleadid.com/ Frame F432 137 KB
19 KB 36ms
36ms Script
application/javascript 45.223.17.68
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://deviceid.trueleadid.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=768934366

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=076500DD-B167-61B9-062F-733185E2AE2F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A57816B4-6C59-F397-7853-7E14E45D3E1B&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.17.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/iframe.html?token=076500DD-B167-61B9-062F-733185E2AE2F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A57816B4-6C59-F397-7853-7E14E45D3E1B&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19799
content-type: application/javascript

GET
H2 200 SaveDeviceId.js
create.leadid.com/2.12.1/ Frame F432 0
627 B 128ms
45ms Script
text/javascript 34.236.63.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.12.1/SaveDeviceId.js?lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66&lck=A57816B4-6C59-F397-7853-7E14E45D3E1B&methods=48&token=076500DD-B167-61B9-062F-733185E2AE2F&uuid=222bea8acd16492692cd350862bcb7f9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.236.63.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-63-188.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 01:44:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 _Incapsula_Resource
deviceid.trueleadid.com/ Frame F432 1 B
36 B 25ms
25ms Image
text/plain 45.223.17.68
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deviceid.trueleadid.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9234965616011312

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.223.17.68 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://deviceid.trueleadid.com/iframe.html?token=076500DD-B167-61B9-062F-733185E2AE2F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A57816B4-6C59-F397-7853-7E14E45D3E1B&lac=F252983F-4BD1-0DD8-CD81-F4700AF60B66
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

POST
H/1.1 200
OK hb
display.ringba.com/v1/nis/ 0
338 B 44ms
44ms XHR
text/plain 54.164.40.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://display.ringba.com/v1/nis/hb
Requested by: Host: b-js.ringba.com
URL: https://b-js.ringba.com/CA701edcfda750434cbdf14b7ceddcabf1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.40.54 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-40-54.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://carebonusnow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 01:44:17 GMT
X-Runtime: 0.0020
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Max-Age: 300
Access-Control-Allow-Origin: https://carebonusnow.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: -1

POST
H/1.1 200
OK hb
display.ringba.com/v1/nis/ 0
338 B 48ms
48ms XHR
text/plain 54.164.40.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://display.ringba.com/v1/nis/hb
Requested by: Host: b-js.ringba.com
URL: https://b-js.ringba.com/CA701edcfda750434cbdf14b7ceddcabf1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.40.54 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-40-54.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://carebonusnow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 01:44:22 GMT
X-Runtime: 0.0020
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Max-Age: 300
Access-Control-Allow-Origin: https://carebonusnow.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: -1

POST
H/1.1 200
OK hb
display.ringba.com/v1/nis/ 0
338 B 43ms
43ms XHR
text/plain 54.164.40.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://display.ringba.com/v1/nis/hb
Requested by: Host: b-js.ringba.com
URL: https://b-js.ringba.com/CA701edcfda750434cbdf14b7ceddcabf1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.40.54 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-40-54.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://carebonusnow.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 26 Jan 2024 01:44:27 GMT
X-Runtime: 0.0020
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Max-Age: 300
Access-Control-Allow-Origin: https://carebonusnow.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mylanderportal.com
URL: https://mylanderportal.com/api/location

Domain: morehealthbenefits.com
URL: https://morehealthbenefits.com/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
carebonusnow.com/	1970-01-20 17:57:14	Name: leadid_token-F252983F-4BD1-0DD8-CD81-F4700AF60B66-A57816B4-6C59-F397-7853-7E14E45D3E1B Value: 076500DD-B167-61B9-062F-733185E2AE2F
.carebonusnow.com/	1970-01-20 20:06:49	Name: _fbp Value: fb.1.1706233452868.1607960848
.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: 4myOWHZZEB5cYhOpC30iGwAAAAC0Zg6joQDT52qE4JB+BJ+Q
.trueleadid.com/	1970-01-21 02:41:39	Name: visid_incap_3051494 Value: tPUMEzqcTKa5W/+cJuWPyGwOs2UAAAAAQUIPAAAAAABpchFxzjbI8i0Pfwq6dAzI
.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_1451_3051494 Value: wkFOX18+4AmFiTIotP0iFGwOs2UAAAAAbtlkUp/EIXQxSzjDHmn+bA==
.deviceid.trueleadid.com/	1970-01-21 03:33:13	Name: uuid Value: 222bea8acd16492692cd350862bcb7f9

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://carebonusnow.com/ Message: Access to XMLHttpRequest at 'https://mylanderportal.com/api/location' from origin 'https://carebonusnow.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
network	error	URL: https://mylanderportal.com/api/location Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://connect.facebook.net/signals/config/1333889473851400?v=2.9.142&r=stable&domain=carebonusnow.com&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97(Line 95) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b-js.ringba.com
carebonusnow.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
display.ringba.com
info.leadid.com
morehealthbenefits.com
mylanderportal.com
www.facebook.com
morehealthbenefits.com
mylanderportal.com
2600:9000:20ea:e600:4:1957:6500:93a1
2606:4700:10::ac43:29e5
2606:4700:3031::6815:fc8
2607:f8b0:4004:c09::5f
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.213.228.14
34.236.63.188
45.223.17.68
54.164.40.54
54.230.139.137
54.91.34.239
0001aaeb9d257978c8985c0295c76f031200f806848b6b5f5704e78fd9eb8535
0e47b1350cf329c793437da7e12c09f395d65726a80d9a7f35b6a0db85a896d9
123081148f2b16549f97e30ce29fbfe23a4cd769b1319f03cfa7e353a88f34a3
93720b7d0047b43b089ed778f251d3239b30b0db269c75270e24b4b0f9e1cd5f
b9c145899fb05ff5510dfebe9d4ef2da5a8d3439aaa9f3754bb5e8e64bf66c71
cc7f3af34e1e1f64e737532386f5fed7a248dc07f7402000d909d7ce70976022
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1965706316e1ad3d701bc06fa2f18b07a7ce8c12088adb7cccef426b5421a73
f4072f447c005996868b6b87565da4dce65d821d77c1956b763de1ce74d2ae62
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

carebonusnow.com Open in urlscan Pro 2606:4700:3031::6815:fc8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

35 Requests

94 %HTTPS

50 %IPv6

11 Domains

13 Subdomains

13 IPs

1 Countries

306 kBTransfer

814 kBSize

6 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

carebonusnow.com Open in urlscan Pro
2606:4700:3031::6815:fc8 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

94 %
HTTPS

50 %
IPv6

11
Domains

13
Subdomains

13
IPs

1
Countries

306 kB
Transfer

814 kB
Size

6
Cookies

35 HTTP transactions
0 data transactions