xion.bonusblock.io Open in urlscan Pro
2606:4700:3036::6815:1d77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xion.bonusblock.io/
Effective URL:
https://xion.bonusblock.io/
Submission: On July 20 via api (July 20th 2024, 12:36:42 pm UTC) from US — Scanned from DE

Summary HTTP 7 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3036::6815:1d77, located in United States and belongs to CLOUDFLARENET, US. The main domain is xion.bonusblock.io.
TLS certificate: Issued by WE1 on June 15th 2024. Valid for: 3 months.

This is the only time xion.bonusblock.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3036::6815:1d77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	65.108.205.158 65.108.205.158	24940 (HETZNER-AS) (HETZNER-AS)
7	4

4 2606:4700:3036::6815:1d77 (United States)

ASN13335 (CLOUDFLARENET, US)

xion.bonusblock.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.staging.cookie3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.108.205.158 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.158.205.108.65.clients.your-server.de

c.staging.cookie3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	bonusblock.io xion.bonusblock.io	3 MB
3	cookie3.co cdn.staging.cookie3.co c.staging.cookie3.co — Cisco Umbrella Rank: 605134	22 KB
7	2

	Domain	Requested by
4	xion.bonusblock.io	xion.bonusblock.io
2	c.staging.cookie3.co	cdn.staging.cookie3.co
1	cdn.staging.cookie3.co	xion.bonusblock.io
7	3

This site contains links to these domains. Also see Links.

Domain
app.cookie3.co

Subject Issuer	Validity	Valid
bonusblock.io WE1	`2024-06-15` - `2024-09-13`	3 months	crt.sh
sni2c820gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-14` - `2024-11-13`	a year	crt.sh
c.staging.cookie3.co E6	`2024-06-08` - `2024-09-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xion.bonusblock.io/
Frame ID: 06B749A15E0B1FC7AE99C7642A1C4A0D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XION Ecosystem Exploration

Page URL History Show full URLs

http://xion.bonusblock.io/ HTTP 307
https://xion.bonusblock.io/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

7
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

2609 kB
Transfer

10489 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://app.cookie3.co/privacy
Title: Cookie3 Analytics Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xion.bonusblock.io/ HTTP 307
https://xion.bonusblock.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response xion.bonusblock.io/ Redirect Chain http://xion.bonusblock.io/ https://xion.bonusblock.io/	5 KB 2 KB	111ms 78ms	Document text/html	2606:4700:3036::6815:1d77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xion.bonusblock.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1d77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ebb21c76593d725f02b02cdde3b34694b75223ce46dd0f3637a900da874f1530` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8a62ff6bb9111e4c-FRA content-encoding br content-type text/html date Sat, 20 Jul 2024 12:36:35 GMT last-modified Thu, 18 Jul 2024 20:39:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmKyq52X%2FlrotoLfP72usmnWflkDSy7MTFTUWs0RmdKqasj1a%2BUvJtI1iau0p5mQXo7vZr2sikh11foz21qkWRKYmu3P1k8FdHQYLl4DAKcbbc3VhUuNObB5bQP8WKOCE3Mpq%2B1RhPqk%2FIZ%2Fwu3ybtI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers Location https://xion.bonusblock.io/ Non-Authoritative-Reason HttpsUpgrades
GET H3	200	index-ab7a4de2.js Show response xion.bonusblock.io/assets/	9 MB 2 MB	37ms 36ms	Script application/javascript	2606:4700:3036::6815:1d77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xion.bonusblock.io/assets/index-ab7a4de2.js Requested by Host: xion.bonusblock.io URL: https://xion.bonusblock.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1d77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3b31a15c59157551d58c3b30040e36a3b8203dcdabaab8e22a44498382aa971e` Request headers Referer https://xion.bonusblock.io/ Origin https://xion.bonusblock.io User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 12:36:35 GMT content-encoding br cf-cache-status HIT last-modified Thu, 18 Jul 2024 20:39:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6078 etag W/"66997d95-904392" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDfVOazH46JEGYMmF3MkNWQwqwHSOlMmi3Z1J%2F878kkQTKu9fTKPMBhhkjrDI3gJEol4HMyWMMQdhwnr1JwvVTaUNWoNJ%2FAeMqW%2FGVJKBbl1IGBvCBiN4kniqVVcZdHKvH%2Fat14E%2FDwPpgnsshwo138%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8a62ff6c39fa1e4c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	index-28285577.css xion.bonusblock.io/assets/	399 KB 62 KB	84ms 84ms	Stylesheet text/css	2606:4700:3036::6815:1d77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xion.bonusblock.io/assets/index-28285577.css Requested by Host: xion.bonusblock.io URL: https://xion.bonusblock.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1d77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2828557781851ecc9abddd7f3c213514ac45e2da7f6b6b5fb1a6f14a1f834b7f` Request headers Referer https://xion.bonusblock.io/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 12:36:35 GMT content-encoding br cf-cache-status HIT last-modified Thu, 18 Jul 2024 20:39:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6078 etag W/"66997d95-63c49" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3bmOSVAKwjqh9hRZUmU9rBuuUWzyNCeQ8V2FjuT2%2BESm%2BE%2FGFXeZ2ycnGCAHckHVRTt1583aBHHFco%2FEjuyR86OB%2B%2BjzolvHoJNVGU6Twds6aRj%2BRB3nyJ5q1tMCqLzxsSh1TdPXOl1X6zh8LPNjnHA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a62ff6c39ff1e4c-FRA alt-svc h3=":443"; ma=86400
GET H2	200	cookie3.analytics.min.js Show response cdn.staging.cookie3.co/scripts/analytics/latest/	64 KB 22 KB	157ms 17ms	Script application/javascript	2606:2800:233:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.staging.cookie3.co/scripts/analytics/latest/cookie3.analytics.min.js Requested by Host: xion.bonusblock.io URL: https://xion.bonusblock.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/4883) / Resource Hash `0d3a138fb86d1ac447720144eeb0dc9b3d04f9a92499372efbcd9c84938b9aaf` Request headers Referer https://xion.bonusblock.io/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 20 Jul 2024 12:36:36 GMT content-encoding gzip content-md5 L6OGAjOg16nY4WBtrZ/n8Q== age 550721 x-cache HIT content-length 22272 x-ms-lease-status unlocked last-modified Wed, 15 Nov 2023 10:57:13 GMT server ECAcc (ama/4883) etag 0x8DBE5C99FFCF6BB vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 02ff566d-601e-0033-439f-d56ffb000000 access-control-expose-headers Content-Length,Content-MD5 x-ms-version 2009-09-19
GET DATA	200 OK	truncated /	770 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8a774eb0abb95644661e5a1e2947468e6401178fab36ae09b98f39f72c00899a` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `2b36d5663e1c504ee6475b4bb58f6cf9fbb3c3e51c08ad42dbb1bbe379b58dbf` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
POST H2	204	lake c.staging.cookie3.co/	0 133 B	167ms 66ms	Ping text/plain	65.108.205.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://c.staging.cookie3.co/lake?action_name=XION%20Ecosystem%20Exploration&idsite=47&rec=1&r=687579&h=14&m=36&s=37&url=https%3A%2F%2Fxion.bonusblock.io%2F&_id=fba6177e3a6463ba&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension2=&pv_id=WanoIt&pf_net=34&pf_srv=78&pf_tfr=2&pf_dm1=13&pf_dm2=1193&pf_onl=0&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D Requested by Host: cdn.staging.cookie3.co URL: https://cdn.staging.cookie3.co/scripts/analytics/latest/cookie3.analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.205.158 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.205.108.65.clients.your-server.de Software openresty / PHP/8.1.16 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://xion.bonusblock.io/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://xion.bonusblock.io date Sat, 20 Jul 2024 12:36:37 GMT access-control-allow-credentials true server openresty x-powered-by PHP/8.1.16
GET H3	200	favicon.ico xion.bonusblock.io/	15 KB 2 KB	24ms 24ms	Other image/x-icon	2606:4700:3036::6815:1d77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xion.bonusblock.io/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:1d77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fef45f8ac955a3e9f9a9a97b082f361823e743db1996f696d042084204481ceb` Request headers Referer https://xion.bonusblock.io/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 12:36:37 GMT content-encoding br cf-cache-status HIT last-modified Fri, 29 Mar 2024 19:39:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4175 etag W/"660718fb-3c2e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h9p%2BYqibLV4rgHyezyCKibRwDH9KYdQcAQOjQO9GhUYopHQ1A9%2FMg1UluZK91UJeb7pAxdprfiTZ2S7qxIpU54azoe1hxrmX85KsBOuW2fDMC6ecyLLr4beRh56WGvr6Jd235vGccfrt6gA9rcYMsu8%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 8a62ff73ec2e1e4c-FRA alt-svc h3=":443"; ma=86400
POST H2	204	lake c.staging.cookie3.co/	0 132 B	61ms 60ms	Ping text/plain	65.108.205.158 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://c.staging.cookie3.co/lake?action_name=XION%20Ecosystem%20Exploration&idsite=47&rec=1&r=005771&h=14&m=36&s=37&url=https%3A%2F%2Fxion.bonusblock.io%2F&_id=fba6177e3a6463ba&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension2=&pv_id=R2LTC8&pf_net=34&pf_srv=78&pf_tfr=2&pf_dm1=13&pf_dm2=1193&pf_onl=0&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D Requested by Host: cdn.staging.cookie3.co URL: https://cdn.staging.cookie3.co/scripts/analytics/latest/cookie3.analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.205.158 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.158.205.108.65.clients.your-server.de Software openresty / PHP/8.1.16 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://xion.bonusblock.io/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://xion.bonusblock.io date Sat, 20 Jul 2024 12:36:37 GMT access-control-allow-credentials true server openresty x-powered-by PHP/8.1.16

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			xion.bonusblock.io/	1970-01-21 07:37:14	Name: _pk_id.47.36de Value: fba6177e3a6463ba.1721478997.
			xion.bonusblock.io/	1970-01-20 22:11:20	Name: _pk_ses.47.36de Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.staging.cookie3.co
cdn.staging.cookie3.co
xion.bonusblock.io
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3036::6815:1d77
65.108.205.158
0d3a138fb86d1ac447720144eeb0dc9b3d04f9a92499372efbcd9c84938b9aaf
2828557781851ecc9abddd7f3c213514ac45e2da7f6b6b5fb1a6f14a1f834b7f
2b36d5663e1c504ee6475b4bb58f6cf9fbb3c3e51c08ad42dbb1bbe379b58dbf
3b31a15c59157551d58c3b30040e36a3b8203dcdabaab8e22a44498382aa971e
8a774eb0abb95644661e5a1e2947468e6401178fab36ae09b98f39f72c00899a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb21c76593d725f02b02cdde3b34694b75223ce46dd0f3637a900da874f1530
fef45f8ac955a3e9f9a9a97b082f361823e743db1996f696d042084204481ceb

xion.bonusblock.io Open in urlscan Pro 2606:4700:3036::6815:1d77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

67 %IPv6

2 Domains

3 Subdomains

4 IPs

2 Countries

2609 kBTransfer

10489 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

2 Cookies

Indicators

xion.bonusblock.io Open in urlscan Pro
2606:4700:3036::6815:1d77 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

2609 kB
Transfer

10489 kB
Size

2
Cookies

7 HTTP transactions
2 data transactions