urlscan.io logo urlscan.io
SecurityTrails logo

bonus.ly Open in urlscan Pro
34.225.60.45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url2710.email.bonus.ly/ls/click?upn=vkrIYAulYBVpHyf4pyo5Ynqzw5Y2MiF6R-2F0uLJpkU6Xp2k3DxO66X8L-2BfQXp2sVLiJtWbYaLLha6F5d...
Effective URL: https://bonus.ly/users/sign_in_start
Submission: On December 30 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 4 countries across 29 domains to perform 74 HTTP transactions. The main IP is 34.225.60.45, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is bonus.ly.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 30th 2020. Valid for: 2 years.
This is the only time bonus.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2600:9000:20e... 16509 (AMAZON-02)
2 3 34.225.60.45 14618 (AMAZON-AES)
9 2600:9000:21f... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.201.112.186 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 35.186.194.58 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 151.101.12.157 54113 (FASTLY)
1 13.225.73.63 16509 (AMAZON-02)
2 142.250.184.194 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 13.224.193.31 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.3 13414 (TWITTER)
1 104.244.42.5 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.193.116 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 99.80.125.216 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 52.142.114.2 8075 (MICROSOFT...)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
74 36
2    2600:9000:20eb:3a00:8:3386:40c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
url2710.email.bonus.ly
3    34.225.60.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-60-45.compute-1.amazonaws.com
bonus.ly
9    2600:9000:21f3:be00:1c:9ed0:1480:93a1 (United States)

ASN16509 (AMAZON-02, US)
production-cdn.bonus.ly
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
6    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    13.225.73.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-63.fra2.r.cloudfront.net
static.hotjar.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    13.224.193.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-31.fra2.r.cloudfront.net
script.hotjar.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.224.193.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-116.fra2.r.cloudfront.net
vars.hotjar.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
1    99.80.125.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-125-216.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:e7cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
2    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
forms.hubspot.com
Apex Domain
Subdomains		 Transfer
14 bonus.ly
url2710.email.bonus.ly
bonus.ly
production-cdn.bonus.ly
217 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
634 KB
8 google.com
www.google.com
44 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
3 KB
4 bing.com
bat.bing.com
c.bing.com
12 KB
4 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
in.hotjar.com
65 KB
4 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
106 KB
3 google.co.uk
www.google.co.uk
719 B
3 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
3 KB
2 hubspot.com
track.hubspot.com
forms.hubspot.com
2 KB
2 facebook.com
www.facebook.com
386 B
2 clarity.ms
d.clarity.ms Failed
c.clarity.ms
794 B
2 facebook.net
connect.facebook.net
113 KB
2 googleadservices.com
www.googleadservices.com
29 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 fullstory.com
edge.fullstory.com
rs.fullstory.com
67 KB
2 googletagmanager.com
www.googletagmanager.com
108 KB
1 hubapi.com
api.hubapi.com
947 B
1 hsleadflows.net
js.hsleadflows.net
87 KB
1 hs-banner.com
js.hs-banner.com
16 KB
1 hsadspixel.net
js.hsadspixel.net
3 KB
1 hs-analytics.net
js.hs-analytics.net
20 KB
1 t.co
t.co
471 B
1 twitter.com
analytics.twitter.com
675 B
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 licdn.com
snap.licdn.com
2 KB
1 hs-scripts.com
js.hs-scripts.com
980 B
0 g2crowd.com Failed
tracking.g2crowd.com Failed
0 salesloft.com Failed
scout-cdn.salesloft.com Failed
74 29
Domain Requested by
9 production-cdn.bonus.ly bonus.ly
production-cdn.bonus.ly
8 www.google.com bonus.ly
www.gstatic.com
www.google.com
6 www.gstatic.com www.google.com
www.gstatic.com
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 www.google.co.uk bonus.ly
3 bat.bing.com www.googletagmanager.com
bat.bing.com
bonus.ly
3 ajax.googleapis.com bonus.ly
3 bonus.ly 2 redirects
2 www.facebook.com bonus.ly
2 c.clarity.ms 1 redirects bonus.ly
2 googleads.g.doubleclick.net www.googleadservices.com
2 px.ads.linkedin.com 2 redirects
2 connect.facebook.net bonus.ly
connect.facebook.net
2 www.googleadservices.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com bonus.ly
js.hsadspixel.net
2 url2710.email.bonus.ly 2 redirects
1 forms.hubspot.com js.hsleadflows.net
1 track.hubspot.com
1 api.hubapi.com js.hsadspixel.net
1 c.bing.com 1 redirects
1 js.hsleadflows.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 t.co bonus.ly
1 analytics.twitter.com static.ads-twitter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 script.hotjar.com static.hotjar.com
1 px4.ads.linkedin.com bonus.ly
1 www.linkedin.com 1 redirects
1 static.hotjar.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 rs.fullstory.com edge.fullstory.com
1 edge.fullstory.com bonus.ly
1 js.hs-scripts.com bonus.ly
1 fonts.googleapis.com bonus.ly
0 d.clarity.ms Failed bat.bing.com
0 tracking.g2crowd.com Failed bonus.ly
0 scout-cdn.salesloft.com Failed bonus.ly
74 43

This site contains no links.

Subject Issuer Validity Valid
*.bonus.ly
Sectigo RSA Domain Validation Secure Server CA		 2020-05-30 -
2022-05-30		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
edge.fullstory.com
GTS CA 1D4		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.fullstory.com
R3		 2021-11-30 -
2022-02-28		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-08 -
2022-01-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
www.google.co.uk
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://bonus.ly/users/sign_in_start
Frame ID: 337E30492F8FC1A561225E9DC98A488C
Requests: 62 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG&co=aHR0cHM6Ly9ib251cy5seTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=kkd1e54jtedn
Frame ID: 93B40BC6776B35190C831F50FDCDE412
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 7FFBC5A4E15D31A86B2B3F997D2DEE0C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG
Frame ID: 4C6F2F6128DA4DE622CC2BEE8CD38B6C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In - Bonusly

Page URL History Show full URLs

  1. http://url2710.email.bonus.ly/ls/click?upn=vkrIYAulYBVpHyf4pyo5Ynqzw5Y2MiF6R-2F0uLJpkU6Xp2k3DxO66X8L-2BfQX... HTTP 301
    https://url2710.email.bonus.ly/ls/click?upn=vkrIYAulYBVpHyf4pyo5Ynqzw5Y2MiF6R-2F0uLJpkU6Xp2k3DxO66X8L-2BfQX... HTTP 302
    https://bonus.ly/company/rewards/new?utm_source=bonus.ly&utm_medium=email&utm_campaign=end-of... HTTP 302
    https://bonus.ly/users/sign_in HTTP 302
    https://bonus.ly/users/sign_in_start Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

74
Requests

93 %
HTTPS

65 %
IPv6

29
Domains

43
Subdomains

36
IPs

4
Countries

1548 kB
Transfer

4221 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url2710.email.bonus.ly/ls/click?upn=vkrIYAulYBVpHyf4pyo5Ynqzw5Y2MiF6R-2F0uLJpkU6Xp2k3DxO66X8L-2BfQXp2sVLiJtWbYaLLha6F5deLL7NNe3QTV-2FVYVjr7orwtZQNys6rlX4RuvFDDoZ0-2FPFqLWLAFbwZqE9hrbW5idcGW7ehwA-3D-3DX6EZ_fBXTogWHjb9FmuAsT7eExAtDbTzCGmbYytUCWp3CrierjR8ImXKbLFKlgA-2F6D87K8FTHPH8S6HBwCU7aDXr4K3vtii10U6t3WBxe9qArOx6AZuUrsSpR4lPkfhvSpKO-2BhDDUYXTQNCTnUEeGh50xYN5ZcVx60uo0YQCWegKy1kKN-2FugDGpyXGzVo0syWdRj3hKjRMXIGBz51ncrfzffbBxHWZZUT21inUvfZcGZyAGP76aTKtp-2FoQYS347T-2FyuPn-2BdaKd9qKaHzSDbmrg5bY5g-3D-3D HTTP 301
    https://url2710.email.bonus.ly/ls/click?upn=vkrIYAulYBVpHyf4pyo5Ynqzw5Y2MiF6R-2F0uLJpkU6Xp2k3DxO66X8L-2BfQXp2sVLiJtWbYaLLha6F5deLL7NNe3QTV-2FVYVjr7orwtZQNys6rlX4RuvFDDoZ0-2FPFqLWLAFbwZqE9hrbW5idcGW7ehwA-3D-3DX6EZ_fBXTogWHjb9FmuAsT7eExAtDbTzCGmbYytUCWp3CrierjR8ImXKbLFKlgA-2F6D87K8FTHPH8S6HBwCU7aDXr4K3vtii10U6t3WBxe9qArOx6AZuUrsSpR4lPkfhvSpKO-2BhDDUYXTQNCTnUEeGh50xYN5ZcVx60uo0YQCWegKy1kKN-2FugDGpyXGzVo0syWdRj3hKjRMXIGBz51ncrfzffbBxHWZZUT21inUvfZcGZyAGP76aTKtp-2FoQYS347T-2FyuPn-2BdaKd9qKaHzSDbmrg5bY5g-3D-3D HTTP 302
    https://bonus.ly/company/rewards/new?utm_source=bonus.ly&utm_medium=email&utm_campaign=end-of-month HTTP 302
    https://bonus.ly/users/sign_in HTTP 302
    https://bonus.ly/users/sign_in_start Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=414777&time=1640844310024&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D414777%26time%3D1640844310024%26url%3Dhttps%253A%252F%252Fbonus.ly%252Fusers%252Fsign_in_start%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=414777&time=1640844310024&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=414777&time=1640844310024&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&liSync=true&e_ipv6=AQKR5swJuWkCewAAAX4J8TeWPboPKHU70BPiH2Pn8lLRJgGaHWiMZ1eh8BgtqIIdtYEn5zaKrQ
Request Chain 60
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=FAFD31FC3D9245E295713C48E836FAE7&RedC=c.clarity.ms&MXFR=2A9BF6B8E9AB653C0F54E7A5EDAB6BE0 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=FAFD31FC3D9245E295713C48E836FAE7&MUID=1B8E273639B764E92B33362B38DC6522

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in_start
bonus.ly/users/
Redirect Chain
  • http://url2710.email.bonus.ly/ls/click?upn=vkrIYAulYBVpHyf4pyo5Ynqzw5Y2MiF6R-2F0uLJpkU6Xp2k3DxO66X8L-2BfQXp2sVLiJtWbYaLLha6F5deLL7NNe3QTV-2FVYVjr7orwtZQNys6rlX4RuvFDDoZ0-2FPFqLWLAFbwZqE9hrbW5idcGW7...
  • https://url2710.email.bonus.ly/ls/click?upn=vkrIYAulYBVpHyf4pyo5Ynqzw5Y2MiF6R-2F0uLJpkU6Xp2k3DxO66X8L-2BfQXp2sVLiJtWbYaLLha6F5deLL7NNe3QTV-2FVYVjr7orwtZQNys6rlX4RuvFDDoZ0-2FPFqLWLAFbwZqE9hrbW5idcGW...
  • https://bonus.ly/company/rewards/new?utm_source=bonus.ly&utm_medium=email&utm_campaign=end-of-month
  • https://bonus.ly/users/sign_in
  • https://bonus.ly/users/sign_in_start
8 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bonus.ly/users/sign_in_start
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.225.60.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-60-45.compute-1.amazonaws.com
Software
/
Resource Hash
f5e42624c04e0919cc296a01dbbb8acf2d143b15382e420c009e177d914e8b57
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' fonts.gstatic.com fonts.googleapis.com js.intercomcdn.com *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly *.bootstrapcdn.com script.hotjar.com; img-src * data: blob:; object-src 'self' *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly; script-src 'self' 'unsafe-inline' connect.facebook.net graph.facebook.com googleads.g.doubleclick.net js.hs-analytics.net js.hs-scripts.com js.hsforms.net forms.hsforms.com js.hsleadflows.net js.chilipiper.com *.chilipiper.com *.hsadspixel.net *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly unpkg.com *.bnsly.co *.google.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.hscta.net *.hubspot.com *.intercom.io *.intercomcdn.com *.linkedin.com *.stripe.com *.twimg.com *.twitter.com zapier.com static.ads-twitter.com hotjar.com *.hotjar.com www.instagram.com *.fullstory.com *.licdn.com *.clearbit.com *.clearbitjs.com js.hs-banner.com bat.bing.com ct.capterra.com *.vimeo.com js.chargebee.com *.intellimize.com *.intellimize.co *.intellimizeio.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.bonus.ly *.google.com js.chilipiper.com *.chilipiper.com js.chargebee.com zapier.com; connect-src 'self' https://*.intercom.io wss://*.intercom.io wss://*.bonus.ly/cable wss://*.hotjar.com api.hubspot.com app.getsentry.com forms.hubspot.com *.hubapi.com syndication.twitter.com uploads.intercomcdn.com uploads.intercomusercontent.com *.algolianet.com *.algolia.net www.google-analytics.com www.facebook.com *.fullstory.com *.hotjar.io *.hotjar.com *.doubleclick.net *.apiary.io log.intellimize.co *.clearbit.com api.lever.co js.chilipiper.com *.chilipiper.com *.bonus.ly *.hsforms.com *.zapier.com *.zapier-staging.com; frame-ancestors 'self' *.bonus.ly *.next.sc *.screencloud.com *.screen.cloud *.screencloudapps.com http://localhost:* staffspace.oma.org http://10.0.0.4:* *.sharepoint.com *.it1.be dashboard.skilljar.com app.resplendentdata.com; frame-src 'self' fast.wistia.net js.stripe.com share.intercom.io bonus.ly *.bonus.ly *.hubspot.com *.addthis.com *.doubleclick.net *.google.com *.twitter.com *.vimeo.com *.hsforms.com *.youtube.com www.instagram.com *.hotjar.com api.intellimize.co js.chilipiper.com *.chilipiper.com my.pima.app bonusly.chargebee.com bonusly-test.chargebee.com js.chargebee.com *.intellimizeio.com intercom-sheets.com; media-src js.intercomcdn.com media.tenor.com *.bonus.ly
Strict-Transport-Security max-age=315569520; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Security-Policy
default-src 'self'; font-src 'self' fonts.gstatic.com fonts.googleapis.com js.intercomcdn.com *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly *.bootstrapcdn.com script.hotjar.com; img-src * data: blob:; object-src 'self' *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly; script-src 'self' 'unsafe-inline' connect.facebook.net graph.facebook.com googleads.g.doubleclick.net js.hs-analytics.net js.hs-scripts.com js.hsforms.net forms.hsforms.com js.hsleadflows.net js.chilipiper.com *.chilipiper.com *.hsadspixel.net *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly unpkg.com *.bnsly.co *.google.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.hscta.net *.hubspot.com *.intercom.io *.intercomcdn.com *.linkedin.com *.stripe.com *.twimg.com *.twitter.com zapier.com static.ads-twitter.com hotjar.com *.hotjar.com www.instagram.com *.fullstory.com *.licdn.com *.clearbit.com *.clearbitjs.com js.hs-banner.com bat.bing.com ct.capterra.com *.vimeo.com js.chargebee.com *.intellimize.com *.intellimize.co *.intellimizeio.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.bonus.ly *.google.com js.chilipiper.com *.chilipiper.com js.chargebee.com zapier.com; connect-src 'self' https://*.intercom.io wss://*.intercom.io wss://*.bonus.ly/cable wss://*.hotjar.com api.hubspot.com app.getsentry.com forms.hubspot.com *.hubapi.com syndication.twitter.com uploads.intercomcdn.com uploads.intercomusercontent.com *.algolianet.com *.algolia.net www.google-analytics.com www.facebook.com *.fullstory.com *.hotjar.io *.hotjar.com *.doubleclick.net *.apiary.io log.intellimize.co *.clearbit.com api.lever.co js.chilipiper.com *.chilipiper.com *.bonus.ly *.hsforms.com *.zapier.com *.zapier-staging.com; frame-ancestors 'self' *.bonus.ly *.next.sc *.screencloud.com *.screen.cloud *.screencloudapps.com http://localhost:* staffspace.oma.org http://10.0.0.4:* *.sharepoint.com *.it1.be dashboard.skilljar.com app.resplendentdata.com; frame-src 'self' fast.wistia.net js.stripe.com share.intercom.io bonus.ly *.bonus.ly *.hubspot.com *.addthis.com *.doubleclick.net *.google.com *.twitter.com *.vimeo.com *.hsforms.com *.youtube.com www.instagram.com *.hotjar.com api.intellimize.co js.chilipiper.com *.chilipiper.com my.pima.app bonusly.chargebee.com bonusly-test.chargebee.com js.chargebee.com *.intellimizeio.com intercom-sheets.com; media-src js.intercomcdn.com media.tenor.com *.bonus.ly
Content-Type
text/html; charset=utf-8
Etag
W/"f5e42624c04e0919cc296a01dbbb8acf"
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=315569520; includeSubDomains; preload
Via
1.1 spaces-router (279557a225d7)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
e1b9463a-655c-2933-e105-e71a0dbd85a8
X-Runtime
0.076730
X-Xss-Protection
1; mode=block
Date
Thu, 30 Dec 2021 06:05:09 GMT
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache
Content-Security-Policy
default-src 'self'; font-src 'self' fonts.gstatic.com fonts.googleapis.com js.intercomcdn.com *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly *.bootstrapcdn.com script.hotjar.com; img-src * data: blob:; object-src 'self' *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly; script-src 'self' 'unsafe-inline' connect.facebook.net graph.facebook.com googleads.g.doubleclick.net js.hs-analytics.net js.hs-scripts.com js.hsforms.net forms.hsforms.com js.hsleadflows.net js.chilipiper.com *.chilipiper.com *.hsadspixel.net *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly unpkg.com *.bnsly.co *.google.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.hscta.net *.hubspot.com *.intercom.io *.intercomcdn.com *.linkedin.com *.stripe.com *.twimg.com *.twitter.com zapier.com static.ads-twitter.com hotjar.com *.hotjar.com www.instagram.com *.fullstory.com *.licdn.com *.clearbit.com *.clearbitjs.com js.hs-banner.com bat.bing.com ct.capterra.com *.vimeo.com js.chargebee.com *.intellimize.com *.intellimize.co *.intellimizeio.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.bonus.ly *.google.com js.chilipiper.com *.chilipiper.com js.chargebee.com zapier.com; connect-src 'self' https://*.intercom.io wss://*.intercom.io wss://*.bonus.ly/cable wss://*.hotjar.com api.hubspot.com app.getsentry.com forms.hubspot.com *.hubapi.com syndication.twitter.com uploads.intercomcdn.com uploads.intercomusercontent.com *.algolianet.com *.algolia.net www.google-analytics.com www.facebook.com *.fullstory.com *.hotjar.io *.hotjar.com *.doubleclick.net *.apiary.io log.intellimize.co *.clearbit.com api.lever.co js.chilipiper.com *.chilipiper.com *.bonus.ly *.hsforms.com *.zapier.com *.zapier-staging.com; frame-ancestors 'self' *.bonus.ly *.next.sc *.screencloud.com *.screen.cloud *.screencloudapps.com http://localhost:* staffspace.oma.org http://10.0.0.4:* *.sharepoint.com *.it1.be dashboard.skilljar.com app.resplendentdata.com; frame-src 'self' fast.wistia.net js.stripe.com share.intercom.io bonus.ly *.bonus.ly *.hubspot.com *.addthis.com *.doubleclick.net *.google.com *.twitter.com *.vimeo.com *.hsforms.com *.youtube.com www.instagram.com *.hotjar.com api.intellimize.co js.chilipiper.com *.chilipiper.com my.pima.app bonusly.chargebee.com bonusly-test.chargebee.com js.chargebee.com *.intellimizeio.com intercom-sheets.com; media-src js.intercomcdn.com media.tenor.com *.bonus.ly
Content-Type
text/html; charset=utf-8
Location
https://bonus.ly/users/sign_in_start
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=315569520; includeSubDomains; preload
Via
1.1 spaces-router (279557a225d7)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
6d584dd5-3378-f826-0b4c-eb4f7c1768e0
X-Runtime
0.006880
X-Xss-Protection
1; mode=block
Date
Thu, 30 Dec 2021 06:05:09 GMT
Content-Length
102
emojione.sprites-7940da8f8e433fd8bb8167667aca0f15276fd5721cb05d0238fbebf937e91cf1.css
production-cdn.bonus.ly/assets/lib/ 		154 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://production-cdn.bonus.ly/assets/lib/emojione.sprites-7940da8f8e433fd8bb8167667aca0f15276fd5721cb05d0238fbebf937e91cf1.css
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:be00:1c:9ed0:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7940da8f8e433fd8bb8167667aca0f15276fd5721cb05d0238fbebf937e91cf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 18:41:37 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 15:50:35 GMT
server
AmazonS3
age
10409013
etag
W/"6ed95cafdf42f7a3a4411f17e9976db4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Px_S4tjI1J6dLQBkQswn_pZ7a_L-m4rLUxqmmxVPOXh_1j9yZyK4ZQ==
expires
Wed, 28 Apr 2021 21:50:34 GMT
funnel-in-733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4.css
production-cdn.bonus.ly/assets/ 		75 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://production-cdn.bonus.ly/assets/funnel-in-733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4.css
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:be00:1c:9ed0:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 05:37:44 GMT
content-encoding
gzip
last-modified
Fri, 08 Jan 2021 00:42:34 GMT
server
AmazonS3
age
28945646
etag
W/"f14926959ee346ad17985c66e0199e8f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
CbKCJnZCWOR2EUDYHDjm98tRv-57pJs_gd59Gem_igpkGd2fYA2wJQ==
expires
Sat, 08 Jan 2022 06:42:33 GMT
jquery-ui.min.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.min.css
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be92933b839bd4ce1b67c440bd9bd832d8a7333d578c7d1061d00edbceb557d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:16:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7645
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Dec 2022 23:16:53 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 18:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Dec 2022 18:02:38 GMT
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic,800,800italic
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21864c7ae108632152ec83380144f23d8f50ce5656b9e4989edae5cacea6c964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 06:05:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 30 Dec 2021 06:05:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Dec 2021 06:05:09 GMT
bonusly-logo-ee2fe74274af9b23b61057b3d58710e419a0f7bbc1d628165366f848f13f094e.svg
production-cdn.bonus.ly/assets/funnel_in/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://production-cdn.bonus.ly/assets/funnel_in/bonusly-logo-ee2fe74274af9b23b61057b3d58710e419a0f7bbc1d628165366f848f13f094e.svg
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:be00:1c:9ed0:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee2fe74274af9b23b61057b3d58710e419a0f7bbc1d628165366f848f13f094e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 07:16:10 GMT
content-encoding
gzip
last-modified
Tue, 03 Dec 2019 15:14:22 GMT
server
AmazonS3
age
3106140
etag
W/"366948d4e9fe91f0bd7390162cf6fc79"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
UOP4Ku-4jEI6pZemy04L3EuNwPDH37wanfmlsj8SWKQxnqOQ-rzTXA==
expires
Wed, 02 Dec 2020 21:14:21 GMT
api.js
www.google.com/recaptcha/ 		908 B
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaLoaded
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f1c8132e3e55e96ff1e665ad4f7a1e0d07c5d7cb0fa8ece9c669678bdadcf758
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
574
x-xss-protection
1; mode=block
expires
Thu, 30 Dec 2021 06:05:09 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 02:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Dec 2022 02:16:39 GMT
1973303.js
js.hs-scripts.com/ 		2 KB
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/1973303.js
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0eec92c49112c257a705e627559c4a8d6043838636e869f8e4862b9ec2d4452

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:10 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
2d34ecf2-9e01-4147-8cbe-2e60f31a7f5c
last-modified
Thu, 30 Dec 2021 06:02:46 GMT
server
cloudflare
x-trace
2B7F88ADD42C8758C336E3B4368752E3475B424D81000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://bonus.ly
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
6c5913287afc2c26-FRA
expires
Thu, 30 Dec 2021 06:06:10 GMT
funnel_in-ac4d2337ef9c03c8758cddf13b321a0a76d963d3c1158eb27a60d27248a3b782.js
production-cdn.bonus.ly/assets/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://production-cdn.bonus.ly/assets/funnel_in-ac4d2337ef9c03c8758cddf13b321a0a76d963d3c1158eb27a60d27248a3b782.js
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:be00:1c:9ed0:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac4d2337ef9c03c8758cddf13b321a0a76d963d3c1158eb27a60d27248a3b782

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 05:11:58 GMT
content-encoding
gzip
last-modified
Thu, 20 Aug 2020 17:10:04 GMT
server
AmazonS3
age
10284791
etag
W/"3954870e258cde1c5608f88d4753e868"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
0sx6AF4a6fUq0R2S7_zVT7sz3uABVG-5AepK-7Y3qqxJy9e_Zxnr_w==
expires
Fri, 20 Aug 2021 23:10:03 GMT
gtm.js
www.googletagmanager.com/ 		216 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N5K2M3S
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
90497bcfd9bfb2b435628b06c1702fc36704af250e72ff59673644331f344fdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:09 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70045
x-xss-protection
0
expires
Thu, 30 Dec 2021 06:05:09 GMT
fs.js
edge.fullstory.com/s/ 		219 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
50a5284de7a0b6a18645b623fe7cd7b193ed75387dc21eeb7b8527775fecae24

Request headers

Referer
https://bonus.ly/
Origin
https://bonus.ly
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:03:24 GMT
content-encoding
gzip
age
105
x-guploader-uploadid
ADPycdvTzME6DaxJ7QMJdjPo3TvQ_cvdzzgPOe7KRfx5sSuIkG2Fw688LpGFgVDuiADhAW0WYJXz9toJ81h5Esomtgk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
67347
last-modified
Wed, 15 Dec 2021 19:15:03 GMT
server
UploadServer
etag
"ae62e8f5c7c7587ea691afdd7b461301"
x-goog-hash
crc32c=LKlKNg==, md5=rmLo9cfHWH6mka/de0YTAQ==
x-goog-generation
1639595703727219
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
67347
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 30 Dec 2021 07:03:24 GMT
sidebar-confetti-bg-a0e1ca337631f6d1e36a659bc2d69f28abeb6fc50c008ad7d1b30858ed5cbe12.svg
production-cdn.bonus.ly/assets/funnel_in/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://production-cdn.bonus.ly/assets/funnel_in/sidebar-confetti-bg-a0e1ca337631f6d1e36a659bc2d69f28abeb6fc50c008ad7d1b30858ed5cbe12.svg
Requested by
Host: production-cdn.bonus.ly
URL: https://production-cdn.bonus.ly/assets/funnel-in-733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:be00:1c:9ed0:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0e1ca337631f6d1e36a659bc2d69f28abeb6fc50c008ad7d1b30858ed5cbe12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://production-cdn.bonus.ly/assets/funnel-in-733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 23:29:40 GMT
content-encoding
gzip
last-modified
Tue, 03 Dec 2019 15:14:21 GMT
server
AmazonS3
age
7540530
etag
W/"90eb8f4dd54703e180fa4dae8e59cf7b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
tNWV-_cizPfAnBSl6MjHfTKRBlYp_xtjQL89CzzXe-Y9GQwEv_3TVg==
expires
Wed, 02 Dec 2020 21:14:20 GMT
Metropolis-Regular-896b709d9b0be31603a9a7a686c1be0bf6bc95f0b771b8d880200b12914a7bef.woff2
production-cdn.bonus.ly/assets/Metropolis/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://production-cdn.bonus.ly/assets/Metropolis/Metropolis-Regular-896b709d9b0be31603a9a7a686c1be0bf6bc95f0b771b8d880200b12914a7bef.woff2
Requested by
Host: production-cdn.bonus.ly
URL: https://production-cdn.bonus.ly/assets/funnel-in-733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:be00:1c:9ed0:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
896b709d9b0be31603a9a7a686c1be0bf6bc95f0b771b8d880200b12914a7bef

Request headers

Referer
https://production-cdn.bonus.ly/assets/funnel-in-733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4.css
Origin
https://bonus.ly
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 05:57:05 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
vary
Origin
age
7517285
x-cache
Hit from cloudfront
content-length
16388
last-modified
Wed, 24 Oct 2018 19:18:35 GMT
server
AmazonS3
etag
"4a405762789758475f736592772ebfd1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
cILbUiDLET7Xbplgj_LkbRacR_vbDA7HZcZBR1AHEBtLZKWjm6-xaw==
expires
Fri, 25 Oct 2019 01:18:34 GMT
Metropolis-SemiBold-3ed1f19770eef1e0a1d426f6b051b985554d24936643880b847ab9b1e3db108b.woff2
production-cdn.bonus.ly/assets/Metropolis/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://production-cdn.bonus.ly/assets/Metropolis/Metropolis-SemiBold-3ed1f19770eef1e0a1d426f6b051b985554d24936643880b847ab9b1e3db108b.woff2
Requested by
Host: production-cdn.bonus.ly
URL: https://production-cdn.bonus.ly/assets/funnel-in-733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:be00:1c:9ed0:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ed1f19770eef1e0a1d426f6b051b985554d24936643880b847ab9b1e3db108b

Request headers

Referer
https://production-cdn.bonus.ly/assets/funnel-in-733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4.css
Origin
https://bonus.ly
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 02:50:04 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
vary
Origin
age
27918906
x-cache
Hit from cloudfront
content-length
16576
last-modified
Wed, 24 Oct 2018 19:18:34 GMT
server
AmazonS3
etag
"b89d50b5e6051bbeea3ff77c6a12b59a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
eDP6s3iEc9R0vxmZxRPiFpRMbsjTW9WXK7ChDNDwXlyGN80X_cswmw==
expires
Fri, 25 Oct 2019 01:18:33 GMT
Metropolis-Bold-b2dd63db47efae6ed399cac4ae15cc012a77a02e72cb3274b599531152032a3c.woff2
production-cdn.bonus.ly/assets/Metropolis/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://production-cdn.bonus.ly/assets/Metropolis/Metropolis-Bold-b2dd63db47efae6ed399cac4ae15cc012a77a02e72cb3274b599531152032a3c.woff2
Requested by
Host: production-cdn.bonus.ly
URL: https://production-cdn.bonus.ly/assets/funnel-in-733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:be00:1c:9ed0:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2dd63db47efae6ed399cac4ae15cc012a77a02e72cb3274b599531152032a3c

Request headers

Referer
https://production-cdn.bonus.ly/assets/funnel-in-733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4.css
Origin
https://bonus.ly
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 01:37:35 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
vary
Origin
age
7705655
x-cache
Hit from cloudfront
content-length
16728
last-modified
Wed, 24 Oct 2018 19:18:34 GMT
server
AmazonS3
etag
"6a80125e795aa81c6f251aa83e44062b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
aSgBEAk1pSFMDxpJwSZAvifCWaeVNzR4gUZg9ApP_sAcTKDFZJyMPA==
expires
Fri, 25 Oct 2019 01:18:33 GMT
fa-solid-900-6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7.woff2
production-cdn.bonus.ly/assets/font-awesome/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://production-cdn.bonus.ly/assets/font-awesome/fa-solid-900-6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7.woff2
Requested by
Host: production-cdn.bonus.ly
URL: https://production-cdn.bonus.ly/assets/funnel-in-733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:be00:1c:9ed0:1480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer
https://production-cdn.bonus.ly/assets/funnel-in-733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4.css
Origin
https://bonus.ly
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 07:14:24 GMT
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
vary
Origin
age
7685446
x-cache
Hit from cloudfront
content-length
80300
last-modified
Wed, 18 Nov 2020 17:08:18 GMT
server
AmazonS3
etag
"8e1ed89b6ccb8ce41faf5cb672677105"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
gppCkCcVDUCsOH1CMbiW3C81QICCQPJnJieaeJTVwVgJeAcqxiyhuQ==
expires
Thu, 18 Nov 2021 23:08:17 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bonus.ly
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 11:03:59 GMT
x-content-type-options
nosniff
age
154870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47836
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:32:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 11:03:59 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bonus.ly
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 00:14:34 GMT
x-content-type-options
nosniff
age
107435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 00:14:34 GMT
page
rs.fullstory.com/rec/ 		45 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4d3ca025f743dfa95cc330dcf83abc9992b455a48ea5d715f59adb1f0765d888
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bonus.ly/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 30 Dec 2021 06:05:09 GMT
via
1.1 google
x-content-type-options
nosniff
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://bonus.ly
access-control-allow-credentials
true
alt-svc
clear
content-length
45
recaptcha__de.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 		348 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bonus.ly/
Origin
https://bonus.ly
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 23:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139097
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 29 Dec 2022 23:46:45 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5K2M3S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3843
date
Thu, 30 Dec 2021 05:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 30 Dec 2021 07:01:06 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5K2M3S
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 30 Dec 2021 06:05:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=41029
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5K2M3S
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:09 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100176-IAD, cache-fra19167-FRA
hotjar-1260982.js
static.hotjar.com/c/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1260982.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5K2M3S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.73.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-63.fra2.r.cloudfront.net
Software
/
Resource Hash
51fe92150e7573cd567f57ca955dc91511fe541cf23662cc2a21ccdfde799a41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:09 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/834083b5ec98db428ea9188f681210a5
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
LRQHXoaiBycejtRA3uGGpZdeAbc6q69c-K6JwvY2skEIxsUTSJfCiQ==
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5K2M3S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:05:09 GMT
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5K2M3S
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:09 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F37B7DC327EE4B12A8173CB7FD6ED68A Ref B: FRAEDGE1409 Ref C: 2021-12-30T06:05:09Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
+usuB1lKPnZDhlbhAp98j9+f3vhIu9KjBC+LbI0laC8VLy4rVufJowHjhAmFarEZ6cH79xrlEGhWXQ9VjwffvQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 30 Dec 2021 06:05:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
sl.js
scout-cdn.salesloft.com/ 		0
0
863.js
tracking.g2crowd.com/attribution_tracking/conversions/ 		0
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1389945349&t=pageview&_s=1&dl=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&ul=en-us&de=UTF-8&dt=Sign%20In%20-%20Bonusly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=941504865&gjid=1670231314&cid=4470772.1640844310&tid=UA-34854530-1&_gid=1348942598.1640844310&_r=1&gtm=2wgc10N5K2M3S&cd3=logged-out&cd6=(type%20not%20set)&cd7=(name%20not%20set)&cd8=(domain%20not%20set)&cd9=(industry%20not%20set)&cd10=(subindustry%20not%20set)&cd11=(employee%20range%20not%20set)&cd12=(revenue%20not%20set)&cd13=(rank%20not%20set)&cd14=(city%20not%20set)&cd15=(state%20not%20set)&cd16=(country%20not%20set)&cd17=(code%20not%20set)&z=1267053565
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bonus.ly/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bonus.ly
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 93B4 		40 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG&co=aHR0cHM6Ly9ib251cy5seTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=kkd1e54jtedn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ecc24f0930f79a6844ae9bb9cc2f58a2d85690fa93f6887a999f1e0d6e9a2844
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DUv5zAPSvCy07590rfQPhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 30 Dec 2021 06:05:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-DUv5zAPSvCy07590rfQPhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20874
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=414777&time=1640844310024&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D414777%26time%3D1640844310024%26url%3Dhttps%253A%252F%252Fbonus.ly%252Fusers%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=414777&time=1640844310024&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=414777&time=1640844310024&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&liSync=true&e_ipv6=AQKR5swJuWkCewAAAX4J8TeWPboPKHU70BPiH2Pn8lLRJgGaH...
0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=414777&time=1640844310024&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&liSync=true&e_ipv6=AQKR5swJuWkCewAAAX4J8TeWPboPKHU70BPiH2Pn8lLRJgGaHWiMZ1eh8BgtqIIdtYEn5zaKrQ
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:10 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-lva1
content-type
application/javascript
content-length
0
x-li-uuid
Mr5tATVzxRZQ2FlXBSsAAA==

Redirect headers

date
Thu, 30 Dec 2021 06:05:10 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F6A9F6F4BE7A4DDA97D703CB1EC9E828 Ref B: FRAEDGE1209 Ref C: 2021-12-30T06:05:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=414777&time=1640844310024&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&liSync=true&e_ipv6=AQKR5swJuWkCewAAAX4J8TeWPboPKHU70BPiH2Pn8lLRJgGaHWiMZ1eh8BgtqIIdtYEn5zaKrQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXUVtZA6x7uk2nyLBEN/Q==
modules.6d5409da698bc5e020b1.js
script.hotjar.com/ 		228 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6d5409da698bc5e020b1.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1260982.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-31.fra2.r.cloudfront.net
Software
/
Resource Hash
9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 16:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
741304
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
61259
access-control-allow-origin
*
last-modified
Tue, 21 Dec 2021 16:09:54 GMT
etag
"a250696209ae851dce97a4101057f333"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
P5Pl1l5xysgSRKoriYhkRct7r0Tl2PtirZGzC9G-g3gzS1zAQQDmCg==
collect
stats.g.doubleclick.net/j/ 		7 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-34854530-1&cid=4470772.1640844310&jid=941504865&gjid=1670231314&_gid=1348942598.1640844310&_u=YEBAAEAAAAAAAC~&z=1371896852
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bonus.ly/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 30 Dec 2021 06:05:10 GMT
content-type
text/plain
access-control-allow-origin
https://bonus.ly
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nv1j9&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=45ee2162-19eb-4bc1-a5a8-00d12738033b&tw_document_href=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Thu, 30 Dec 2021 06:05:10 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
509e94d7b45240de4954e3fc6ac64203f9bc009df78e57579c2ce8cf8e7bad7c
x-transaction
8c69ffa7bf43f82d
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nv1j9&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=45ee2162-19eb-4bc1-a5a8-00d12738033b&tw_document_href=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Thu, 30 Dec 2021 06:05:10 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
a1ba53d0405923f41d351e52a4cedefab7f6d3d2837ec6bd0f3a2e97783239f8
x-transaction
acdb402d43f3bd0b
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991155754/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991155754/?random=1640844310041&cv=9&fst=1640844310041&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&tiba=Sign%20In%20-%20Bonusly&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24db50cc59a9a5f1cbd8c36fa358de041abb76578da3844fa14141738a93ac91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1005
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
17372234.js
bat.bing.com/p/action/ 		682 B
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17372234.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3c5c0ce8aef3421e363ade83e12b52c24c5199d8ec011870edd0822edb7f095e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:09 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 07FF52DC865C44858AA7771E5DEB2C74 Ref B: FRAEDGE1409 Ref C: 2021-12-30T06:05:10Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
585
0
bat.bing.com/action/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17372234&tm=gtm002&Ver=2&mid=4a69e12c-6050-4d9e-b623-b842e67d44a4&sid=71d37d80693611eca3350947ac4becb2&vid=71d38fa0693611ec97cbbf9cde0e2771&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20In%20-%20Bonusly&p=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&r=&lt=1194&evt=pageLoad&msclkid=N&sv=1&rn=352754
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5DDFA2E595B249199C3EF65E4F2BFE49 Ref B: FRAEDGE1409 Ref C: 2021-12-30T06:05:10Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-a1ae2079824d1c48aa9ce06efb256f18.html
vars.hotjar.com/ Frame 7FFB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1260982.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-116.fra2.r.cloudfront.net
Software
/
Resource Hash
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/

Response headers

content-type
text/html
content-length
1044
date
Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6215abf691a11c2f451680e635d30daa"
last-modified
Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
gQq_8j7NqzLMuZFzaH04qpjXUTmO6c3pKajTMvWKdp63qU0P09aLug==
age
2383924
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34854530-1&cid=4470772.1640844310&jid=941504865&_u=YEBAAEAAAAAAAC~&z=2060883088
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34854530-1&cid=4470772.1640844310&jid=941504865&_u=YEBAAEAAAAAAAC~&z=2060883088
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 93B4 		51 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG&co=aHR0cHM6Ly9ib251cy5seTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=kkd1e54jtedn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:00:20 GMT
x-content-type-options
nosniff
age
147890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52473
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 28 Dec 2022 13:00:20 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 93B4 		348 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG&co=aHR0cHM6Ly9ib251cy5seTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=kkd1e54jtedn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 23:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139097
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 29 Dec 2022 23:46:45 GMT
/
www.google.com/pagead/1p-user-list/991155754/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/991155754/?random=1640844310041&cv=9&fst=1640844000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&tiba=Sign%20In%20-%20Bonusly&async=1&fmt=3&is_vtc=1&random=3528056344&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/991155754/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/991155754/?random=1640844310041&cv=9&fst=1640844000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&tiba=Sign%20In%20-%20Bonusly&async=1&fmt=3&is_vtc=1&random=3528056344&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/1260982/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1260982/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6d5409da698bc5e020b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.125.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-125-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de

Request headers

Referer
https://bonus.ly/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 30 Dec 2021 06:05:10 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 93B4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 07:03:19 GMT
x-content-type-options
nosniff
age
514911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 31 Dec 2021 07:03:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 93B4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG&co=aHR0cHM6Ly9ib251cy5seTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=kkd1e54jtedn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 11:18:05 GMT
x-content-type-options
nosniff
age
154025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 93B4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG&co=aHR0cHM6Ly9ib251cy5seTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=kkd1e54jtedn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 06:37:08 GMT
x-content-type-options
nosniff
age
516482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 24 Dec 2022 06:37:08 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 93B4 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG&co=aHR0cHM6Ly9ib251cy5seTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=kkd1e54jtedn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG&co=aHR0cHM6Ly9ib251cy5seTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&cb=kkd1e54jtedn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 30 Dec 2021 06:05:10 GMT
bframe
www.google.com/recaptcha/api2/ Frame 4C6F 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c2f5dd035625817bacd04b252ba9f04b417ce56098a77b58135ad6545807b15f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IyVoJLwDef2Wh5KWvZ5ijg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 30 Dec 2021 06:05:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-IyVoJLwDef2Wh5KWvZ5ijg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1973303.js
js.hs-analytics.net/analytics/1640844300000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1640844300000/1973303.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1973303.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
201febdef21a436be6f53074d428b7f8cbaf5516566d783fb750dd4c13328761

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:10 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
VPTFFDY38HAHBKVE
x-amz-server-side-encryption
AES256
cf-ray
6c59132b69ecdfef-FRA
x-amz-id-2
8WnT1Y0idCS8wUBIJdOwjvgERB6yxcApPOjVu2jxJoq6GqvTDASpbxPlO8HB/biknvXpBdxWBTY=
last-modified
Tue, 31 Aug 2021 16:34:51 GMT
server
cloudflare
etag
W/"0718d027772c93407eeb4a0887993cfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Thu, 30 Dec 2021 06:10:10 GMT
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1973303.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1462ee824fc3172a7c7fb70f6f2276fa6be8bcffaa9eea71ef529c94eb56124

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:10 GMT
via
1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
14
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.260/bundles/pixels-release.js&cfRay=6c5912d2ce7f2bd2-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 21 Dec 2021 12:57:36 UTC
server
cloudflare
etag
W/"4810ba79843c6ef24b5495e240dece67"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
Boqywn5qgiRrIgfbl8XekFtn0W1ZcHLq
cache-control
max-age=600
x-hs-cache-status
EXPIRED
x-amz-cf-pop
IAD89-P1
cf-ray
6c59132b5de18b9c-FRA
x-amz-cf-id
MXE6Ro7O2Ue6HaNhdqqIDfEKe5UD-yTCXJhB_CTBiD2fGmNwO853BA==
x-hs-target-asset
adsscriptloaderstatic/static-1.260/bundles/pixels-release.js
1973303.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/1973303.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1973303.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4de46c9647d00a7dbe57e77e2696be7134ccbb6653dc3540620fe85e821e10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:10 GMT
content-encoding
br
cf-cache-status
HIT
age
143
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-request-id
K7EKVVJB9GXEFRE5
x-amz-id-2
TKD8ZMdOQatrGbjpBtHTUaA92l8N43PmXeOOYewdAOBlXGorBA9unFOKZhO825OJuf2HqQrNx1k=
timing-allow-origin
*
last-modified
Fri, 03 Sep 2021 19:32:26 GMT
server
cloudflare
etag
W/"e99e197193d28d21f8819f7e3bd8bc02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
8ZdCccqET0_S.Lq22vRM5TBKrBrBK8el
access-control-allow-origin
https://bonus.ly
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
6c59132b6b928bbd-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 30 Dec 2021 06:07:47 GMT
leadflows.js
js.hsleadflows.net/ 		537 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1973303.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea

Request headers

Referer
https://bonus.ly/
Origin
https://bonus.ly
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:10 GMT
via
1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
42746
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js&cfRay=6c54ff9048c1693f-IAD
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
6c59132b6dc05c85-FRA
last-modified
Fri, 10 Dec 2021 01:08:50 UTC
server
cloudflare
etag
W/"a20da5f3327ff62c3dfbc71571e4fc6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
L5EK4Wtvn0GVRD3yODp9CC_dzIEEuKk.
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-P1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
AKMIDoNKiT7YR71TK7FbAhauxoRRrXtuVV2AeUS1S7_uSeK_jlsNzQ==
x-hs-target-asset
lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js
styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 4C6F 		51 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:00:20 GMT
x-content-type-options
nosniff
age
147890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52473
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 28 Dec 2022 13:00:20 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 4C6F 		348 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 23:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139097
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 29 Dec 2022 23:46:45 GMT
clarity.js
d.clarity.ms/s/0.6.31/ 		0
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=FAFD31FC3D9245E295713C48E836FAE7&RedC=c.clarity.ms&MXFR=2A9BF6B8E9AB653C0F54E7A5EDAB6BE0
  • https://c.clarity.ms/c.gif?CtsSyncId=FAFD31FC3D9245E295713C48E836FAE7&MUID=1B8E273639B764E92B33362B38DC6522
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=FAFD31FC3D9245E295713C48E836FAE7&MUID=1B8E273639B764E92B33362B38DC6522
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:10 GMT
last-modified
Fri, 05 Nov 2021 17:19:23 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f95a3e4769d2d71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 65CF836B986A46FC9B05FF7BECC398C0 Ref B: FRAEDGE1409 Ref C: 2021-12-30T06:05:10Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=FAFD31FC3D9245E295713C48E836FAE7&MUID=1B8E273639B764E92B33362B38DC6522
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
reload
www.google.com/recaptcha/api2/ Frame 4C6F 		35 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
43072607e2d756eed95a7db52b1868ef2f40ebbfb64c90e310a91fae0c050e81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&k=6Lem1BgUAAAAAHzWJvTYdYq_xabbmxhZTQ5UH4kG
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 30 Dec 2021 06:05:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21236
x-xss-protection
1; mode=block
expires
Thu, 30 Dec 2021 06:05:10 GMT
433534167062953
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/433534167062953?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed65204ab8c68cc7ec6ea2e9effd68dfe545740ae555d73f49a0b60ffbc477d9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88938
x-xss-protection
0
pragma
public
x-fb-debug
jCWJp7ua97Y0dZ1/xpZNgRAEt0MbG7V4TeIn5I78IuNI1ZbxrjNpxTQqjdwPX4kSX439JvoqXolDiQebnnikTg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 30 Dec 2021 06:05:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=433534167062953&ev=PageView&dl=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&rl=&if=false&ts=1640844311060&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1640844311058.1411361990&it=1640844311009&coo=false&rqm=GET
Requested by
Host: bonus.ly
URL: https://bonus.ly/users/sign_in_start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 30 Dec 2021 06:05:11 GMT
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 		67 B
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=1973303
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6253e57e99cb9d1cb1b7b2b20a653ffbc464273a6754989ef0dcaf1391f9ee5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
bd6ad64b-e769-43ec-8329-190664f90d7e
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
x-trace
2B79D34712487535024E63C14B2115C133B8FB0451000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21nfUp%2F9bJt%2BHNL1pO2FEM%2FPlruhdXzU5bo%2BcmiuHrujsQ1%2BYFgQAjXxdDqPi48htAU5ZJXh9cbkqUfsYRh%2F5NkM%2FWYOhIADth%2BIXY5IbzWKrrq3BS0kBnH%2F%2FUg3aGI7oplNaSwMYwW1XpDJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://bonus.ly
access-control-allow-credentials
false
cf-ray
6c5913307d308be5-FRA
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/ 		45 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=1973303&pu=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&t=Sign+In+-+Bonusly&cts=1640844311096&vi=abdfb2f81f178f24519a293351d36f31&nc=true&u=207646477.abdfb2f81f178f24519a293351d36f31.1640844311092.1640844311092.1640844311092.1&b=207646477.1.1640844311092&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:11 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
c23e2274-b932-4976-a589-578c0b9f31ef
cf-ray
6c5913307eed6910-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tog%2FWJBzXUGhz3V4ikYCvvK%2FhresKx7oD3PdR9sE5zaB%2BrDQsb5SVmGRhiJaR%2FVK4SqnZz7zc3M2Y8jPxj4wbB1fAlJaeOktZ0UCH%2BY2r8Y2Py0KW2xUHb7D12Aaz2On9pBy%2BrxsJskb18pgHKYh"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
json
forms.hubspot.com/lead-flows-config/v1/config/ 		167 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=1973303&utk=abdfb2f81f178f24519a293351d36f31&__hstc=207646477.abdfb2f81f178f24519a293351d36f31.1640844311092.1640844311092.1640844311092.1&__hssc=207646477.1.1640844311092&currentUrl=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24d0d91fc4b6f9e2b0fbff52b212f46f395a62df510ea56716a889f93c6e4d1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
c75e3c0a-e9f3-443e-ad56-865435c77566
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag
none
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvAV99C3Hzsqk4jKV6Cc8lsaPMMqMVwN9dlV4Xksew%2FpoAo%2Fc9WTZ33oa78deB9R%2BKsKrGWmE9j6ThpDuQXs0%2F50Zqv1WOJ%2BssfMuiWQIRzur0XZhJXGh%2FS5xlMn7QhzFvPfXYWJXuBeZPwlTOjt"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://bonus.ly
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
6c591331092b4eaa-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-991155754
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32834fac656c5f2cf394328ed92b17fe9a65d8fc03e6e18b1a2688b455a37d6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39611
x-xss-protection
0
expires
Thu, 30 Dec 2021 06:05:11 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-991155754
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 30 Dec 2021 06:05:11 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991155754/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991155754/?random=1640844311332&cv=9&fst=1640844311332&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&tiba=Sign%20In%20-%20Bonusly&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8c4d6d835f7a6575b23ecb04c746e254840dd8b6dd8de6dbbb1bc6899b3e081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1033
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/991155754/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/991155754/?random=1640844311332&cv=9&fst=1640844000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&tiba=Sign%20In%20-%20Bonusly&async=1&fmt=3&is_vtc=1&random=3046087197&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/991155754/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/991155754/?random=1640844311332&cv=9&fst=1640844000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&tiba=Sign%20In%20-%20Bonusly&async=1&fmt=3&is_vtc=1&random=3046087197&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Dec 2021 06:05:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=433534167062953&ev=Microdata&dl=https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start&rl=&if=false&ts=1640844311563&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sign%20In%20-%20Bonusly%5Cn%22%2C%22meta%3Adescription%22%3A%22Sign%20into%20your%20Bonusly%20account%20to%20start%20recognizing%20and%20rewarding%20your%20colleagues.%5Cn%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Sign%20In%20-%20Bonusly%5Cn%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fproduction-cdn.bonus.ly%2Fassets%2Flogo%2Frectangular_banner_logo_920-e355428ac570c2ca72ba799a5f714acb7ae13c1245dae2162dcbf8fa55cc4d6c.jpg%22%2C%22og%3Alogo%22%3A%22https%3A%2F%2Fproduction-cdn.bonus.ly%2Fassets%2Flogo%2Fbonusly_logo_128-a657d859f3ac233174cb9aab7ed77a2ff1556a979f33fa333c5b5962f750e351.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fbonus.ly%2Fusers%2Fsign_in_start%22%2C%22og%3Adescription%22%3A%22Sign%20into%20your%20Bonusly%20account%20to%20start%20recognizing%20and%20rewarding%20your%20colleagues.%5Cn%22%2C%22twitter%3Asite%22%3A%22https%3A%2F%2Fbonus.ly%22%2C%22twitter%3Acreator%22%3A%22%40bonusly%22%2C%22twitter%3Atitle%22%3A%22Sign%20In%20-%20Bonusly%5Cn%22%2C%22twitter%3Adescription%22%3A%22Sign%20into%20your%20Bonusly%20account%20to%20start%20recognizing%20and%20rewarding%20your%20colleagues.%5Cn%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1640844311058.1411361990&it=1640844311009&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bonus.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 06:05:11 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Thu, 30 Dec 2021 06:05:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
scout-cdn.salesloft.com
URL
https://scout-cdn.salesloft.com/sl.js
Domain
tracking.g2crowd.com
URL
https://tracking.g2crowd.com/attribution_tracking/conversions/863.js?p=https://bonus.ly/users/sign_in_start&e=
Domain
d.clarity.ms
URL
https://d.clarity.ms/s/0.6.31/clarity.js

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery object| dataLayerData object| dataLayer string| GoogleAnalyticsObject function| ga string| locale boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FullStory function| recaptchaLoaded function| handleCaptchaSubmission function| QRCode object| Handlebars function| _ object| Backbone object| Components object| FunnelIn object| JST string| _fs_loaded function| _fs_shutdown object| google_tag_manager object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data string| _linkedin_data_partner_id function| twq function| hj object| _hjSettings function| fbq function| _fbq string| SLScoutObject function| slscout object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_511226 function| lintrk boolean| _already_called_lintrk object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| twttr function| UET function| UET_init function| UET_push function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ueto_3cd9e9d5cc object| uetq object| _hsp boolean| PIXELS_RAN object| _hsq boolean| _hspb_loaded function| clarity object| globalRoot undefined| hns function| bindToWindowOnError function| defineProperties object| leadflows object| hubspot function| OutpostErrorReporter boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| LEAD_FLOW_DOCUMENT_READY_RAN

35 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABBMTcPkUWUKU9eOTamVLMAruybLT_JxMrsryuvoYBgd029uT6mjGZngvVI0TmoqDMn05HaDrpJE0j6rhwcCadA
bonus.ly/ Name: _special_sauce_session
Value: a3NvN3IvOXhncHZjbGFtWGRJV3RDVFh0N0hyZHU4VmtTMXZ4bTg5cWpPT1RBRkRJNE9mOEF0QWRENmdSS0VEcHhkbFZTdS9LWnZkRyt2a0lXeEZYNk0zdXRKNW5scElpWkd0aThEZHh0RDZldWdlVVdoYTkzWUFzMExWMFVZNWNVU3BFWjhIekk1V3dSb0NXcTZXSkdRN0ViOE5IV1pzZjdXeXNWcVZGd3huazdrczJzOGFNd3d1VlJiOUpncUZmMTlqVVZ2eC9PcFB6S2wwZ0pZZGN5REQ4ZEhBNUZwL0hTUmY3dkkxbkVuS05nOW45K0RKWGkxc0lrOGFkODdTZStBUlNPcWJPb0Zya2NHMVN1Nmc0RkZOeEVvMlVHNzUvc2N5SStsUGZjbnlOeUllb3NZcUoySWdXUmJ2bFVOZ0hDNjdrWW01RWJFNFFNQlRmcm5zS29aeElRZ2ZkeFg1WjBTYitHd21GU1hjYmc4bEYxOUNiaFVzWnJmNE1mSkhLRE4rZHBaMGtaM3Z5UEdsSlEyNmZWVllEVXJhc2xUa0hVOVoxa1pSYklBZEdBS1M3RjFDcHFyVWRSSmN4Z0JnMFNlcUVlalNFc2Q0QUZQeXNaMmtzWFBwakFONVRpQTIydmhzVncrbnphUms9LS1SOUNCaDVHNjQ4SUwvUXhsM1RtdGpnPT0%3D--394972f1814f1465c1a99b89e2a43b4251d55452
.bonus.ly/ Name: _gcl_au
Value: 1.1.485201926.1640844310
.bonus.ly/ Name: _ga
Value: GA1.2.4470772.1640844310
.bonus.ly/ Name: _gid
Value: GA1.2.1348942598.1640844310
.bonus.ly/ Name: _gat
Value: 1
.bing.com/ Name: MUID
Value: 1B8E273639B764E92B33362B38DC6522
.bonus.ly/ Name: _uetsid
Value: 71d37d80693611eca3350947ac4becb2
.bonus.ly/ Name: _uetvid
Value: 71d38fa0693611ec97cbbf9cde0e2771
.bonus.ly/ Name: _hjSessionUser_1260982
Value: eyJpZCI6IjZhYWE3YTNkLWI3NmEtNTRmZS1hYjNlLWJjMmRhNmQ1OTU2YSIsImNyZWF0ZWQiOjE2NDA4NDQzMTAwNzYsImV4aXN0aW5nIjpmYWxzZX0=
.bonus.ly/ Name: _hjFirstSeen
Value: 1
.bonus.ly/ Name: _hjSession_1260982
Value: eyJpZCI6ImFhMTExNTk3LWZlZTMtNGNhMC1iNWIyLTM3ZTNlYzcxYzdiYiIsImNyZWF0ZWQiOjE2NDA4NDQzMTAxNDV9
bonus.ly/ Name: _hjIncludedInPageviewSample
Value: 1
.bonus.ly/ Name: _hjAbsoluteSessionInProgress
Value: 0
bonus.ly/ Name: _hjIncludedInSessionSample
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQLPCXpk6WQI0AAAAX4J8TZqC1XWenzpAGEofSvCGk2QQq1BPwMwctvwNJRgcte8ykrZDgu3d7_28Q
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQI8DXh2FV5OkwAAAX4J8TZqSGuT0hHLI6HSn5GUbvKg9h0xwoYxfzdh6RXIweCpNh18UUS1xVjiBjR2sI4WZQ
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&7e2d7b82-24f5-4a73-8a9f-ad9f1c8a099a"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2378:u=1:x=1:i=1640844310:t=1640930710:v=2:sig=AQEVjOSqG6CN_xMEJuk5vNAbk_Aob5vk"
.twitter.com/ Name: personalization_id
Value: "v1_LY1TVbI/xa9VClaDfdrCTA=="
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20211230060510a7013106-2b51-4245-8a5e-fa5e1b8e76e3AQGv6JO2LnSv-I5vTa-KgLZOnWjmI_cY"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDA4NDQzMTA7MjswMjGiY4oM+0ygRhq+HbKht/8Rxdg3EZlWw9ZqBZSBU6suLA==
.c.bing.com/ Name: SRM_B
Value: 1B8E273639B764E92B33362B38DC6522
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1B8E273639B764E92B33362B38DC6522
.c.clarity.ms/ Name: ANONCHK
Value: 0
.bonus.ly/ Name: _fbp
Value: fb.1.1640844311058.1411361990
.bonus.ly/ Name: __hstc
Value: 207646477.abdfb2f81f178f24519a293351d36f31.1640844311092.1640844311092.1640844311092.1
.bonus.ly/ Name: hubspotutk
Value: abdfb2f81f178f24519a293351d36f31
.bonus.ly/ Name: __hssrc
Value: 1
.bonus.ly/ Name: __hssc
Value: 207646477.1.1640844311092
.hubspot.com/ Name: __cf_bm
Value: 738a3fINVeNZ_V6aDSPX_NPh1nk0LS.R6O26a5BErwY-1640844311-0-AUx5CSAoSrnLBiYKIldXKLm3zx5ObvuqnXAYgqCL1N8EWY/tcG8THoGUAqc6ahJiLfoWkfpBzR42ZoeJapHHFZc=
.doubleclick.net/ Name: IDE
Value: AHWqTUmmdVqmU5Rifa6IGPuWrtaGiMBelaocVFrikIalO-BN27_MZg4TDglKTXHj

3 Console Messages

Source Level URL
Text
security error
Message:
Refused to load the script 'https://scout-cdn.salesloft.com/sl.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' connect.facebook.net graph.facebook.com googleads.g.doubleclick.net js.hs-analytics.net js.hs-scripts.com js.hsforms.net forms.hsforms.com js.hsleadflows.net js.chilipiper.com *.chilipiper.com *.hsadspixel.net *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly unpkg.com *.bnsly.co *.google.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.hscta.net *.hubspot.com *.intercom.io *.intercomcdn.com *.linkedin.com *.stripe.com *.twimg.com *.twitter.com zapier.com static.ads-twitter.com hotjar.com *.hotjar.com www.instagram.com *.fullstory.com *.licdn.com *.clearbit.com *.clearbitjs.com js.hs-banner.com bat.bing.com ct.capterra.com *.vimeo.com js.chargebee.com *.intellimize.com *.intellimize.co *.intellimizeio.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error
Message:
Refused to load the script 'https://tracking.g2crowd.com/attribution_tracking/conversions/863.js?p=https://bonus.ly/users/sign_in_start&e=' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' connect.facebook.net graph.facebook.com googleads.g.doubleclick.net js.hs-analytics.net js.hs-scripts.com js.hsforms.net forms.hsforms.com js.hsleadflows.net js.chilipiper.com *.chilipiper.com *.hsadspixel.net *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly unpkg.com *.bnsly.co *.google.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.hscta.net *.hubspot.com *.intercom.io *.intercomcdn.com *.linkedin.com *.stripe.com *.twimg.com *.twitter.com zapier.com static.ads-twitter.com hotjar.com *.hotjar.com www.instagram.com *.fullstory.com *.licdn.com *.clearbit.com *.clearbitjs.com js.hs-banner.com bat.bing.com ct.capterra.com *.vimeo.com js.chargebee.com *.intellimize.com *.intellimize.co *.intellimizeio.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://bat.bing.com/p/action/17372234.js
Message:
Refused to load the script 'https://d.clarity.ms/s/0.6.31/clarity.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' connect.facebook.net graph.facebook.com googleads.g.doubleclick.net js.hs-analytics.net js.hs-scripts.com js.hsforms.net forms.hsforms.com js.hsleadflows.net js.chilipiper.com *.chilipiper.com *.hsadspixel.net *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly unpkg.com *.bnsly.co *.google.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.hscta.net *.hubspot.com *.intercom.io *.intercomcdn.com *.linkedin.com *.stripe.com *.twimg.com *.twitter.com zapier.com static.ads-twitter.com hotjar.com *.hotjar.com www.instagram.com *.fullstory.com *.licdn.com *.clearbit.com *.clearbitjs.com js.hs-banner.com bat.bing.com ct.capterra.com *.vimeo.com js.chargebee.com *.intellimize.com *.intellimize.co *.intellimizeio.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; font-src 'self' fonts.gstatic.com fonts.googleapis.com js.intercomcdn.com *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly *.bootstrapcdn.com script.hotjar.com; img-src * data: blob:; object-src 'self' *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly; script-src 'self' 'unsafe-inline' connect.facebook.net graph.facebook.com googleads.g.doubleclick.net js.hs-analytics.net js.hs-scripts.com js.hsforms.net forms.hsforms.com js.hsleadflows.net js.chilipiper.com *.chilipiper.com *.hsadspixel.net *.recognition.cdn.bonus.ly production-cdn.bonus.ly staging-cdn.bonus.ly unpkg.com *.bnsly.co *.google.com *.googleadservices.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.gstatic.com *.hscta.net *.hubspot.com *.intercom.io *.intercomcdn.com *.linkedin.com *.stripe.com *.twimg.com *.twitter.com zapier.com static.ads-twitter.com hotjar.com *.hotjar.com www.instagram.com *.fullstory.com *.licdn.com *.clearbit.com *.clearbitjs.com js.hs-banner.com bat.bing.com ct.capterra.com *.vimeo.com js.chargebee.com *.intellimize.com *.intellimize.co *.intellimizeio.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.bonus.ly *.google.com js.chilipiper.com *.chilipiper.com js.chargebee.com zapier.com; connect-src 'self' https://*.intercom.io wss://*.intercom.io wss://*.bonus.ly/cable wss://*.hotjar.com api.hubspot.com app.getsentry.com forms.hubspot.com *.hubapi.com syndication.twitter.com uploads.intercomcdn.com uploads.intercomusercontent.com *.algolianet.com *.algolia.net www.google-analytics.com www.facebook.com *.fullstory.com *.hotjar.io *.hotjar.com *.doubleclick.net *.apiary.io log.intellimize.co *.clearbit.com api.lever.co js.chilipiper.com *.chilipiper.com *.bonus.ly *.hsforms.com *.zapier.com *.zapier-staging.com; frame-ancestors 'self' *.bonus.ly *.next.sc *.screencloud.com *.screen.cloud *.screencloudapps.com http://localhost:* staffspace.oma.org http://10.0.0.4:* *.sharepoint.com *.it1.be dashboard.skilljar.com app.resplendentdata.com; frame-src 'self' fast.wistia.net js.stripe.com share.intercom.io bonus.ly *.bonus.ly *.hubspot.com *.addthis.com *.doubleclick.net *.google.com *.twitter.com *.vimeo.com *.hsforms.com *.youtube.com www.instagram.com *.hotjar.com api.intellimize.co js.chilipiper.com *.chilipiper.com my.pima.app bonusly.chargebee.com bonusly-test.chargebee.com js.chargebee.com *.intellimizeio.com intercom-sheets.com; media-src js.intercomcdn.com media.tenor.com *.bonus.ly
Strict-Transport-Security max-age=315569520; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
api.hubapi.com
bat.bing.com
bonus.ly
c.bing.com
c.clarity.ms
connect.facebook.net
d.clarity.ms
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
production-cdn.bonus.ly
px.ads.linkedin.com
px4.ads.linkedin.com
rs.fullstory.com
scout-cdn.salesloft.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
track.hubspot.com
tracking.g2crowd.com
url2710.email.bonus.ly
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
d.clarity.ms
scout-cdn.salesloft.com
tracking.g2crowd.com
104.244.42.3
104.244.42.5
108.174.10.14
13.224.193.116
13.224.193.31
13.225.73.63
142.250.184.194
151.101.12.157
2600:9000:20eb:3a00:8:3386:40c0:93a1
2600:9000:21f3:be00:1c:9ed0:1480:93a1
2606:4700::6811:44b0
2606:4700::6811:73b0
2606:4700::6811:cbcc
2606:4700::6811:d6cc
2606:4700::6811:e7cc
2606:4700::6812:14bf
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9c
2a02:26f0:6c00::210:ba20
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.225.60.45
35.186.194.58
35.201.112.186
52.142.114.2
99.80.125.216
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e4de46c9647d00a7dbe57e77e2696be7134ccbb6653dc3540620fe85e821e10
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
201febdef21a436be6f53074d428b7f8cbaf5516566d783fb750dd4c13328761
21864c7ae108632152ec83380144f23d8f50ce5656b9e4989edae5cacea6c964
24d0d91fc4b6f9e2b0fbff52b212f46f395a62df510ea56716a889f93c6e4d1c
24db50cc59a9a5f1cbd8c36fa358de041abb76578da3844fa14141738a93ac91
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
32834fac656c5f2cf394328ed92b17fe9a65d8fc03e6e18b1a2688b455a37d6c
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c5c0ce8aef3421e363ade83e12b52c24c5199d8ec011870edd0822edb7f095e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ed1f19770eef1e0a1d426f6b051b985554d24936643880b847ab9b1e3db108b
43072607e2d756eed95a7db52b1868ef2f40ebbfb64c90e310a91fae0c050e81
4d3ca025f743dfa95cc330dcf83abc9992b455a48ea5d715f59adb1f0765d888
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
50a5284de7a0b6a18645b623fe7cd7b193ed75387dc21eeb7b8527775fecae24
51fe92150e7573cd567f57ca955dc91511fe541cf23662cc2a21ccdfde799a41
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6253e57e99cb9d1cb1b7b2b20a653ffbc464273a6754989ef0dcaf1391f9ee5e
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
733a81fa9228b77a876e086427f8c10cc45e4ad3c91d6a28c99b4b14f0d949f4
7940da8f8e433fd8bb8167667aca0f15276fd5721cb05d0238fbebf937e91cf1
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
896b709d9b0be31603a9a7a686c1be0bf6bc95f0b771b8d880200b12914a7bef
90497bcfd9bfb2b435628b06c1702fc36704af250e72ff59673644331f344fdf
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a0e1ca337631f6d1e36a659bc2d69f28abeb6fc50c008ad7d1b30858ed5cbe12
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac4d2337ef9c03c8758cddf13b321a0a76d963d3c1158eb27a60d27248a3b782
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2dd63db47efae6ed399cac4ae15cc012a77a02e72cb3274b599531152032a3c
b8c4d6d835f7a6575b23ecb04c746e254840dd8b6dd8de6dbbb1bc6899b3e081
bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea
be92933b839bd4ce1b67c440bd9bd832d8a7333d578c7d1061d00edbceb557d3
c0eec92c49112c257a705e627559c4a8d6043838636e869f8e4862b9ec2d4452
c2f5dd035625817bacd04b252ba9f04b417ce56098a77b58135ad6545807b15f
d1462ee824fc3172a7c7fb70f6f2276fa6be8bcffaa9eea71ef529c94eb56124
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc24f0930f79a6844ae9bb9cc2f58a2d85690fa93f6887a999f1e0d6e9a2844
ed65204ab8c68cc7ec6ea2e9effd68dfe545740ae555d73f49a0b60ffbc477d9
ee2fe74274af9b23b61057b3d58710e419a0f7bbc1d628165366f848f13f094e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
f1c8132e3e55e96ff1e665ad4f7a1e0d07c5d7cb0fa8ece9c669678bdadcf758
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f5e42624c04e0919cc296a01dbbb8acf2d143b15382e420c009e177d914e8b57
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3