timebucks.com Open in urlscan Pro
151.139.128.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newofficecap1.com/
Effective URL:
https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Submission: On August 08 via api (August 8th 2021, 5:01:50 am UTC) from US

Summary HTTP 49 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 49 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to HIGHWINDS3, US. The main domain is timebucks.com.
TLS certificate: Issued by R3 on July 11th 2021. Valid for: 3 months.

This is the only time timebucks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	81.17.18.197 81.17.18.197	51852 (PLI-AS) (PLI-AS)
2 2	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
1 1	213.227.134.220 213.227.134.220	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	52.54.46.82 52.54.46.82	14618 (AMAZON-AES) (AMAZON-AES)
1 13	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3)
9	13.224.96.72 13.224.96.72	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.96.116 13.224.96.116	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.111 143.204.98.111	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.96.104 13.224.96.104	16509 (AMAZON-02) (AMAZON-02)
1	52.217.42.54 52.217.42.54	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	13.224.96.12 13.224.96.12	16509 (AMAZON-02) (AMAZON-02)
49	12

2 81.17.18.197 (Zurich, Switzerland) 1 redirects

ASN51852 (PLI-AS, PA)

newofficecap1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.192.101.24 (Dallas, United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p185689.mybetterdl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.134.220 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

live.maroohost.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.46.82 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

www.offertoro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.139.128.10 (United States) 1 redirects

ASN20446 (HIGHWINDS3, US)
PTR: map3.hwcdn.net

timebucks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.224.96.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-72.zrh50.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-116.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.111 (United States)

ASN16509 (AMAZON-02, US)

pushpros.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-104.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.42.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-12.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	gstatic.com fonts.gstatic.com	352 KB
13	timebucks.com 1 redirects timebucks.com	763 KB
9	webflow.com uploads-ssl.webflow.com	1 MB
3	google-analytics.com 1 redirects www.google-analytics.com	19 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	89 KB
2	offertoro.com 2 redirects www.offertoro.com	688 B
2	mybetterdl.com 2 redirects mybetterdl.com p185689.mybetterdl.com	1 KB
2	newofficecap1.com 1 redirects newofficecap1.com	3 KB
1	doubleclick.net stats.g.doubleclick.net	111 B
1	amazonaws.com s3.amazonaws.com	13 KB
1	pushpros.tech pushpros.tech	2 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	maroohost.online 1 redirects live.maroohost.online	314 B
49	13

	Domain	Requested by
18	fonts.gstatic.com	fonts.googleapis.com
13	timebucks.com	1 redirects newofficecap1.com timebucks.com
9	uploads-ssl.webflow.com	timebucks.com
3	www.google-analytics.com	1 redirects timebucks.com
2	www.offertoro.com	2 redirects
2	newofficecap1.com	1 redirects
1	vars.hotjar.com	timebucks.com
1	stats.g.doubleclick.net	timebucks.com
1	s3.amazonaws.com	newofficecap1.com
1	script.hotjar.com	timebucks.com
1	pushpros.tech	timebucks.com
1	static.hotjar.com	timebucks.com
1	fonts.googleapis.com	timebucks.com
1	live.maroohost.online	1 redirects
1	p185689.mybetterdl.com	1 redirects
1	mybetterdl.com	1 redirects
49	16

This site contains links to these domains. Also see Links.

Domain
www.timebucks.app
downloads.joinmassive.com

Subject Issuer	Validity	Valid
timebucks.com R3	`2021-07-11` - `2021-10-09`	3 months	crt.sh
uploads-ssl.webflow.com Amazon	`2020-10-26` - `2021-11-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
pushpros.tech Amazon	`2021-07-03` - `2022-08-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Frame ID: F490FFCA682E7F0EE6D42F6425A52C39
Requests: 47 HTTP requests in this frame

Frame: https://timebucks.com/software/lp3/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 23107BC3B972F2D63DEFA8A24BD5725F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: C5F3386658EB4AC372236E5792541F6A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://newofficecap1.com/ Page URL
http://newofficecap1.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyODQ... HTTP 302
https://mybetterdl.com/aS/feedclick?s=u6geJV4sLGsDkIYfb4a6rY8uDhK_8R6jFou0FLtwsPNflwG4Hx20VC9wp3zLH... HTTP 302
https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12Lr9QDN8fnx-GtzYNmogmdqFnty8fF5shiXDx1rgMLdt6... HTTP 302
https://live.maroohost.online/click?pid=666&offer_id=15374&sub1=86710580455&sub2=437368223 HTTP 302
https://www.offertoro.com/click_track/api?offer_id=19524861&pub_id=29197&pub_app_id=13096&USER_ID=610f... HTTP 302
https://www.offertoro.com/click_track/track/19524861/29197/94s224c4u27474u2u284w2s23444q2r2w2u2z2c4o2k... HTTP 307
https://timebucks.com/softwaredownload5.php?clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2... HTTP 302
https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Webflow () Expand

Overall confidence: 100%
Detected patterns

meta generator /Webflow/i

Page Statistics

49
Requests

98 %
HTTPS

27 %
IPv6

13
Domains

16
Subdomains

12
IPs

5
Countries

2286 kB
Transfer

2780 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.timebucks.app/oldhome

Search URL Search Domain Scan URL

URL: https://downloads.joinmassive.com/timebucks/source_5/windows/TimeBucksInstaller.exe
Title: DOWNLOAD

Search URL Search Domain Scan URL

URL: https://www.timebucks.app/terms
Title: our terms

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newofficecap1.com/ Page URL
http://newofficecap1.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyODQwNjA3OSwiaWF0IjoxNjI4Mzk4ODc5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWNqbzlwcjlqY2w3MWhiNmsxaDgwNDEiLCJuYmYiOjE2MjgzOTg4NzksInRzIjoxNjI4Mzk4ODc5NDY3MzU2fQ.gnPcUFFkK1nNOqa-nQnuJCcfEFw7wy_5p6J07B2QH3Y&sid=ab15a7c0-f805-11eb-89f9-fa6eae3e65e5 HTTP 302
https://mybetterdl.com/aS/feedclick?s=u6geJV4sLGsDkIYfb4a6rY8uDhK_8R6jFou0FLtwsPNflwG4Hx20VC9wp3zLHG-QT77-fedzUaupbTnNK1c9Rxz0pbUsp-ySLp7WzEZyY0OuJgxs4iewhBk62mhAGgs4gS41QDYTbhAEysjXg8JANJjEIILW_3V7XWOpnxryNlwrjG0nSZQzsmz0wrfk3qjIhpOsU0eB6-OuyWTqNL7sts1UmYbMkvIyUoX2h96zNimbEXGeGqyWEdfvoq97FfRB77QGKvvw3qW-BBAwsZFlNf2E49CWzBfUW1Ryv90gMTtxNRYCFjPihM_o2cBWL49tEcMf_jtu_heXufu-eeNiRzYw_3YjT9mNJnekDkDtsGkdqgZpdJCe8ajxDEHSFMyo1OyhHLAbjWOEVANsNfEKdWV_5gOd2de2O6z0S8i5vz5T1I3e_kcQv6K99tDixOQM6ZGOQrYCzfiOhlMUKxlaqLL6epQfztPoIi1_j7A2gx0G-ed09rPDQcDGq4nYkQM3BaPEUqCvPxR7yLrEyf5xLuYy49UzIkVPvvkOHjaZr_ehGbZtfof46_TG67V0i4DnA7CEd4_IdzYPWJWPHTtSEq85_AYEZQgcZUNV9UIdPyenCh8tQI5Omwe_bfof3We2Q8hcPSkKoJffCJLX6CKLguluoFl48BJaq-UelK6h3BtTU8g5PhYopNXKZy_CBk66xI2INy7ITtNzAid3J8q30MJZySg7UMWFCPhFNFv1SNnOihOyXWkIycImCKq3nygkBOtNtSPZg8IxSD3wmJbdaj0K_BqD91tT2tZBxK69f-DZ-HbtcyE7WWkB5XDehulyDZC1-bCIRlxfWE9yMAPrTZbfdL3GYolFuDWZB3ZE2E3yOABhCc5LFczToPCRSuxRnhIEKuA_lTPjoRWNZq_a2-1hgv4p3NfW5DiX1rb0g3qchxPX96b1dyQPtXcJTecQHYnF_uGKIhf9i8RXIBPiaHC6EZ1O5NZDuNOx_OGrEsF-SbY9F-h0wCSHtQnQHEt4tto633hCLxruZh0qJZTfP0f7e7Plm3cdolvMisrk30SaUNoHu1KPvWfEFlu4-m5-BjEgSgHYVPENlbqDXjUnQVQw4K1E-HTs-Feat60ijNzUBtLQ9JdmnRXHs3m32_EEaT9y8U6NjsKzLcKOpAXCSJ7GZdrIdPmqrbYvE2kjL1xR2mrokr7bOO1sATOyxe_2VDrr9icXlhZGoOxrq9Q6JWGKtkyD3Tx45enlhJN3AT7mD4plggOFdet5lSccv_LwXNfUAVHuostSnovR6E9gGftY3OKqfGfJLF1hDcEw0kosxQKiNv7qHwDIbn5ln5EWsqbd-9dheCk063s9aG00tv5w7gMMOFDeJTu6AXYz7K4LJjFYLj7HucHw8bH6xRnOZfHl-lIsU7dnNqXGp_UyGLzdl-nQzi_TuFrm4Vc43JH0NatE1cnb9Q5RUDuR6cw8pSGI61blKgbmh6y2RNxf5w HTTP 302
https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12Lr9QDN8fnx-GtzYNmogmdqFnty8fF5shiXDx1rgMLdt6N3AghfKZdct0Swa3yhHnUp9tMhwmrXToz9EVoFzCvr6nUsZVZhWVPP-29LJmEHdmZ7b6Qy9a1mHCyYxWC4-x7liowPVRMJPCTJ3U9K3G4bSoyEOp_uQSubp-5FsHj2pn3JSRRFzLFa_rBZwfnlpzJm0MPhR6GM5KoNnFO-7ynaPVkxnvCXoX73VCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeoWBGu3Yx722HW3MQ4JbibriXMcuO5IPlr6NVYLtl8wPGWSQsQHXjql&ui=u6geJV4sLGsDkIYfb4a6rfbWwvziNp_1xLgNeF8Zj-gj_vDy-BdsSxjhXCVOtU4oV2FdwzT9VNILEzgSbsW0oE6meJpCMhCs-teozpiCsYlDe6VAGpClug&si=1&oref=fcddd80fc9f00d5af9db80b9100a9243&optunit=CyYxWC4-x7liowPVRMJPCXnSiUDV5iGD&rb=V-fFlsGbQTw&rr=4&abtg=0 HTTP 302
https://live.maroohost.online/click?pid=666&offer_id=15374&sub1=86710580455&sub2=437368223 HTTP 302
https://www.offertoro.com/click_track/api?offer_id=19524861&pub_id=29197&pub_app_id=13096&USER_ID=610f652304431b0001770b80&SUBID1=666_437368223 HTTP 302
https://www.offertoro.com/click_track/track/19524861/29197/94s224c4u27474u2u284w2s23444q2r2w2u2z2c4o2k5x2x2/13096/web/5/y?from_api=1 HTTP 307
https://timebucks.com/softwaredownload5.php?clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253&sourceid=13096&sesskey=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253&source=13096 HTTP 302
https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1568975045&t=pageview&_s=1&dl=https%3A%2F%2Ftimebucks.com%2Fsoftware%2Flander6.php%3Fsubid%3D%26clickid%3D440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253&dr=http%3A%2F%2Fnewofficecap1.com%2F&ul=en-us&de=UTF-8&dt=Sweepstakes%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABE~&jid=1194475232&gjid=239985450&cid=1536917681.1628398888&tid=UA-82210809-1&_gid=1694456063.1628398888&_r=1&z=547398964 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-82210809-1&cid=1536917681.1628398888&jid=1194475232&_gid=1694456063.1628398888&gjid=239985450&_v=j83&z=547398964

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
newofficecap1.com/ 473 B
834 B 918ms
858ms Document
text/html 81.17.18.197
PLI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://newofficecap1.com/
Protocol: HTTP/1.1
Server: 81.17.18.197 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
Software: nginx /
Resource Hash: c2212b6698d16b98cf57fd239f68de003b96e4b5f1a5f10d896d1dc515cfd9b3

Request headers

Host: newofficecap1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 473
content-type: text/html; charset=utf-8
date: Sun, 08 Aug 2021 05:01:18 GMT
server: nginx
set-cookie: sid=ab15a7c0-f805-11eb-89f9-fa6eae3e65e5; path=/; domain=.newofficecap1.com; expires=Fri, 26 Aug 2089 08:15:26 GMT; max-age=2147483647; HttpOnly

GET
H2

200

Primary Request lander6.php Show response
timebucks.com/software/
Redirect Chain

http://newofficecap1.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyODQwNjA3OSwiaWF0IjoxNjI4Mzk4ODc5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWNqbzlwcjlqY2w3MWhiNmsxaDg...
https://mybetterdl.com/aS/feedclick?s=u6geJV4sLGsDkIYfb4a6rY8uDhK_8R6jFou0FLtwsPNflwG4Hx20VC9wp3zLHG-QT77-fedzUaupbTnNK1c9Rxz0pbUsp-ySLp7WzEZyY0OuJgxs4iewhBk62mhAGgs4gS41QDYTbhAEysjXg8JANJjEIILW_3V...
https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12Lr9QDN8fnx-GtzYNmogmdqFnty8fF5shiXDx1rgMLdt6N3AghfKZdct0Swa3yhHnUp9tMhwmrXToz9EVoFzCvr6nUsZVZhWVPP-29LJmEHdmZ7b6Qy9a1mHCyYxWC4-x7liowP...
https://live.maroohost.online/click?pid=666&offer_id=15374&sub1=86710580455&sub2=437368223
https://www.offertoro.com/click_track/api?offer_id=19524861&pub_id=29197&pub_app_id=13096&USER_ID=610f652304431b0001770b80&SUBID1=666_437368223
https://www.offertoro.com/click_track/track/19524861/29197/94s224c4u27474u2u284w2s23444q2r2w2u2z2c4o2k5x2x2/13096/web/5/y?from_api=1
https://timebucks.com/softwaredownload5.php?clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253&sourceid=13096&sesskey=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253&...
https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253

27 KB
9 KB

366ms
65ms

Document
text/html

151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Requested by: Host: newofficecap1.com
URL: http://newofficecap1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: openresty /
Resource Hash: 68a6e4acf5a4a98003251b7b1aaf745e89c0c8d1ddb25c06d7c0e745223e6a6b

Request headers

:method: GET
:authority: timebucks.com
:scheme: https
:path: /software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://newofficecap1.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://newofficecap1.com/

Response headers

date: Sun, 08 Aug 2021 05:01:26 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: br
content-length: 8937
content-type: text/html; charset=UTF-8
server: openresty
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-hw: 1628398886.cds041.fr8.hn,1628398886.cds208.fr8.sc,1628398886.cdn2-redis02-fra1.stackpath.systems.-.wx,1628398886.cds208.fr8.p

Redirect headers

date: Sun, 08 Aug 2021 05:01:26 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
server: openresty
location: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-hw: 1628398886.cds041.fr8.hn,1628398886.cds134.fr8.sc,1628398886.cdn2-redis02-fra1.stackpath.systems.-.wx,1628398886.cds134.fr8.p

GET
H2 200 timebucks.webflow.347d1fcb5.css
timebucks.com/software/lp3/ 68 KB
12 KB 332ms
29ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://timebucks.com/software/lp3/timebucks.webflow.347d1fcb5.css
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: openresty /
Resource Hash: 363069fea6dc1726502d53b5a7e37bda5f5e5aa15c7fd3e27f04ac14726697e4

Request headers

:path: /software/lp3/timebucks.webflow.347d1fcb5.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: timebucks.com
referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 05:01:26 GMT
content-encoding: br
last-modified: Fri, 24 Jul 2020 03:34:19 GMT
server: openresty
etag: "1595561659"
x-hw: 1628398886.cds041.fr8.hn,1628398886.cds098.fr8.c
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 12018

GET
H2 200 analytics.js.download Show response
timebucks.com/software/lp3/ 45 KB
45 KB 507ms
205ms Script
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://timebucks.com/software/lp3/analytics.js.download
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: openresty /
Resource Hash: fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Request headers

:path: /software/lp3/analytics.js.download
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: timebucks.com
referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 05:01:27 GMT
last-modified: Fri, 24 Jul 2020 03:34:10 GMT
server: openresty
x-hw: 1628398886.cds041.fr8.hn,1628398886.cds168.fr8.sc,1628398887.cdn2-wafbe01-fra1.stackpath.systems.-.wx,1628398887.cds168.fr8.p
content-type: application/octet-stream
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 45958

GET
H2 200 webfont.js.download Show response
timebucks.com/software/lp3/ 13 KB
13 KB 375ms
73ms Script
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://timebucks.com/software/lp3/webfont.js.download
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: openresty /
Resource Hash: 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Request headers

:path: /software/lp3/webfont.js.download
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: timebucks.com
referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 05:01:26 GMT
last-modified: Fri, 24 Jul 2020 03:34:21 GMT
server: openresty
x-hw: 1628398886.cds041.fr8.hn,1628398886.cds250.fr8.sc,1628398886.cdn2-wafbe02-fra1.stackpath.systems.-.wx,1628398886.cds250.fr8.p
content-type: application/octet-stream
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13188

GET
H2 200 css
timebucks.com/software/lp3/ 34 KB
34 KB 419ms
117ms Stylesheet
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://timebucks.com/software/lp3/css
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: openresty /
Resource Hash: 9d5ae9aa19580be0920c8986eed935aad41fe301a8b9bdfd4dbb8ca7f770ef38

Request headers

:path: /software/lp3/css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: timebucks.com
referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 05:01:26 GMT
last-modified: Fri, 24 Jul 2020 03:34:12 GMT
server: openresty
x-hw: 1628398886.cds041.fr8.hn,1628398886.cds245.fr8.sc,1628398886.cdn2-redis01-fra1.stackpath.systems.-.wx,1628398886.cds245.fr8.p
content-type: application/octet-stream
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 34937

GET
H2 200 js Show response
timebucks.com/software/lp3/ 85 KB
85 KB 726ms
424ms Script
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://timebucks.com/software/lp3/js
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: openresty /
Resource Hash: 7caf6b5ddda737594c6db1ff3f9fb1d3603ab063b167480a59c35801f56a5ebb

Request headers

:path: /software/lp3/js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: timebucks.com
referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 05:01:27 GMT
last-modified: Fri, 24 Jul 2020 03:34:16 GMT
server: openresty
x-hw: 1628398887.cds041.fr8.hn,1628398887.cds235.fr8.sc,1628398887.cdn2-wafbe03-fra1.stackpath.systems.-.wx,1628398887.cds235.fr8.p
content-type: application/octet-stream
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 86728

GET
H2 200 hotjar-1816751.js.download Show response
timebucks.com/software/lp3/ 4 KB
4 KB 411ms
109ms Script
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://timebucks.com/software/lp3/hotjar-1816751.js.download
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: openresty /
Resource Hash: fa3ab04647a6c2a95d98be0553c5ff28b3e647f18d501c059c7889ee8271cf28

Request headers

:path: /software/lp3/hotjar-1816751.js.download
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: timebucks.com
referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 05:01:27 GMT
last-modified: Fri, 24 Jul 2020 03:34:13 GMT
server: openresty
x-hw: 1628398887.cds041.fr8.hn,1628398887.cds232.fr8.sc,1628398887.cdn2-wafbe02-fra1.stackpath.systems.-.wx,1628398887.cds232.fr8.p
content-type: application/octet-stream
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3867

GET
H2 200 modules.22ffbc00f37e258e2fc8.js.download Show response
timebucks.com/software/lp3/ 424 KB
424 KB 934ms
632ms Script
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://timebucks.com/software/lp3/modules.22ffbc00f37e258e2fc8.js.download
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: openresty /
Resource Hash: 6e4645526bc90c1bf23ce760ef2aa74deb2ea72846c3d587bcca96f87cb665e0

Request headers

:path: /software/lp3/modules.22ffbc00f37e258e2fc8.js.download
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: timebucks.com
referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 05:01:27 GMT
last-modified: Fri, 24 Jul 2020 03:34:17 GMT
server: openresty
x-hw: 1628398887.cds041.fr8.hn,1628398887.cds097.fr8.sc,1628398887.cdn2-redis02-fra1.stackpath.systems.-.wx,1628398887.cds097.fr8.p
content-type: application/octet-stream
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 434103

GET
H2 200 5eb576dbd3681d238259301b_Logo-black.png
timebucks.com/software/lp3/ 8 KB
8 KB 341ms
39ms Image
image/png 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timebucks.com/software/lp3/5eb576dbd3681d238259301b_Logo-black.png
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: openresty /
Resource Hash: de5b63d2816148b6c167f662b7267cf227f6cc19099acca72834c5857b56a1b1

Request headers

:path: /software/lp3/5eb576dbd3681d238259301b_Logo-black.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: timebucks.com
referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 05:01:27 GMT
last-modified: Fri, 24 Jul 2020 03:34:07 GMT
server: openresty
etag: "1595561647"
x-hw: 1628398887.cds041.fr8.hn,1628398887.cds128.fr8.c
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 7958

GET
H2 200 5eb5d359ddf6ad751a3e4eaf_COMPUTER%20timebucks-p-800.png
uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/ 62 KB
63 KB 208ms
122ms Image
image/png 13.224.96.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/5eb5d359ddf6ad751a3e4eaf_COMPUTER%20timebucks-p-800.png
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-72.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ebc15e34a55127bc584505d0473d61895f390245331adc80ad39737aba039cf

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 21:28:04 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 21:47:11 GMT
server: AmazonS3
age: 977604
etag: "a124c6fed3d2b70df0a168b6311a1f17"
x-cache: Hit from cloudfront
x-amz-version-id: HmmE.NC7ylzz9t4FWf7UpxpPjBN2vMAq
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/png
content-length: 63561
x-amz-cf-id: EIVsJ9KWjS2t6_wMor5oerV-2rG_QzDIEh0uWRiH-xgNeMIVSckhDg==

GET
H2 200 5eb2ee84da3d4153ddb87fe8_small%20badges-p-500.png
uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/ 11 KB
12 KB 207ms
121ms Image
image/png 13.224.96.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/5eb2ee84da3d4153ddb87fe8_small%20badges-p-500.png
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-72.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c5f03ede4174579471c26e148ddbfbfa288769405add63572b5f65b34b7c0e9

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 01:40:35 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Wed, 06 May 2020 17:06:17 GMT
server: AmazonS3
age: 962453
etag: "04ea4fcc558f31ea6e5223036160d7df"
x-cache: Hit from cloudfront
x-amz-version-id: dqnyf8BUjCrQVjjx8crHwQDuWOIxrASp
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/png
content-length: 11450
x-amz-cf-id: ksPmAOJ5m6k_oopUoT7ViNhuXxol36CyVyWN8s5XEj30pwIDXNcstw==

GET
H2 200 5ea1efe834a4546e6957419b_1-p-500.jpeg
uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/ 26 KB
27 KB 229ms
143ms Image
image/jpeg 13.224.96.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/5ea1efe834a4546e6957419b_1-p-500.jpeg
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-72.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2676524c3c9c2ee914b8ab5cf92375025d51155439e76ae8ae45e723d097a03e

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 01:40:35 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Apr 2020 19:43:41 GMT
server: AmazonS3
age: 962452
etag: "49127103e8efaffc180d3e960d65205d"
x-cache: Hit from cloudfront
x-amz-version-id: BIh7SVazPY_0uOghwazXAvPB0W0HsQlR
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 26809
x-amz-cf-id: wEWIW1H65u-q7-KeBD0m30OPROzfWphfScExP6fzPgQO9tG4IIcOyg==

GET
H2 200 5ea1eff4b95f1877b0e8c82c_2-p-500.jpeg
uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/ 25 KB
26 KB 196ms
111ms Image
image/jpeg 13.224.96.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/5ea1eff4b95f1877b0e8c82c_2-p-500.jpeg
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-72.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f840ddeadb6b926009630b36066ecf339e569154496944853b8f8c83517b3eea

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 01:40:35 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Apr 2020 19:43:52 GMT
server: AmazonS3
age: 962452
etag: "0333ee8b553ecbe5d6d40142307d8d5f"
x-cache: Hit from cloudfront
x-amz-version-id: cBsHsbGQO_oS47yD2UsT7Mu8FQy4CY9B
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 25969
x-amz-cf-id: hoDtOLJ0P7fXGI-f0s2RaiPvsj3_xIOTKvLoOc7HfI22rNQnTLyuUg==

GET
H2 200 5ea1effeb95f18fe54e8c8fd_3-p-500.jpeg
uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/ 41 KB
41 KB 141ms
55ms Image
image/jpeg 13.224.96.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/5ea1effeb95f18fe54e8c8fd_3-p-500.jpeg
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-72.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8046fa6790b92ddd2021890be6ee39323918bf3b32bdfe944dcea984ea361fb1

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 01:40:35 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Apr 2020 19:44:03 GMT
server: AmazonS3
age: 962453
etag: "5d5229ee9eb4c8c51d29415f569b37ba"
x-cache: Hit from cloudfront
x-amz-version-id: w3BK0YNzL4GWOP2vBHIkPir2MTfkLZNH
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 41658
x-amz-cf-id: LNi4bJ0DvVLgLMwryC-pd4RGdwBlvGpAyGjfp2rqFXmw_exnSyrNeA==

GET
H2 200 5ea1effe158fa1c122a3e6ec_4-p-500.jpeg
uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/ 25 KB
25 KB 229ms
143ms Image
image/jpeg 13.224.96.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/5ea1effe158fa1c122a3e6ec_4-p-500.jpeg
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-72.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d2ebc34736bbbc58891cf476e56a00ada31abe15e020ba383614c25a7553645

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 01:40:35 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Apr 2020 19:44:03 GMT
server: AmazonS3
age: 962452
etag: "27d9660dca4c9b00c3d76dbd599072e0"
x-cache: Hit from cloudfront
x-amz-version-id: q8kC4Nq9XLiF3jbLOaB8hBMLj2XOfqiC
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 25347
x-amz-cf-id: HjpqHJgqiEmN2NUDw2-H_2mlEXc3xkhZIbAoi6327lOQNgfMQAZLYg==

GET
H2 200 jquery-3.4.1.min.220afd743d.js.download Show response
timebucks.com/software/lp3/ 86 KB
86 KB 490ms
189ms Script
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://timebucks.com/software/lp3/jquery-3.4.1.min.220afd743d.js.download
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: openresty /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

:path: /software/lp3/jquery-3.4.1.min.220afd743d.js.download
pragma: no-cache
origin: https://timebucks.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: timebucks.com
referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://timebucks.com
Referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 05:01:27 GMT
last-modified: Fri, 24 Jul 2020 03:34:14 GMT
server: openresty
x-hw: 1628398887.cds041.fr8.hn,1628398887.cds123.fr8.sc,1628398887.cdn2-wafbe02-fra1.stackpath.systems.-.wx,1628398887.cds123.fr8.p
content-type: application/octet-stream
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 88145

GET
H2 200 webflow.17dcb8967.js.download Show response
timebucks.com/software/lp3/ 40 KB
40 KB 418ms
115ms Script
application/octet-stream 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://timebucks.com/software/lp3/webflow.17dcb8967.js.download
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: openresty /
Resource Hash: a8b2f8f6a8bf1e0c08589f0a90feeb6a56faaf7bae3979cbfa8edb22ecdf734a

Request headers

:path: /software/lp3/webflow.17dcb8967.js.download
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: timebucks.com
referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 05:01:27 GMT
last-modified: Fri, 24 Jul 2020 03:34:20 GMT
server: openresty
x-hw: 1628398887.cds041.fr8.hn,1628398887.cds285.fr8.sc,1628398887.cdn2-wafbe01-fra1.stackpath.systems.-.wx,1628398887.cds285.fr8.p
content-type: application/octet-stream
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 41021

GET
H2 200 css
fonts.googleapis.com/ 29 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic

Requested by

Host: timebucks.com
URL: https://timebucks.com/software/lp3/webfont.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e5509e6e7492d3b56024d5f937b36ad61de0834105d70ef2bbfb83198f9e2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 03:19:47 GMT
server: ESF
date: Sun, 08 Aug 2021 05:01:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Aug 2021 05:01:27 GMT

GET
H2 200 hotjar-1816751.js Show response
static.hotjar.com/c/ 4 KB
2 KB 2422ms
2348ms Script
application/javascript 13.224.96.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1816751.js?sv=6

Requested by

Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-116.zrh50.r.cloudfront.net

Software

Resource Hash

623fa7d01ea162847a049ad52cd10672524b7e5eb42ee0648fc714d04677fa9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 05:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
etag: W/a0bda181f2289d563d5ffa8cdc455dd6
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1902
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-id: hr2Bv0fTYIpRah4to_rNRIvhCru-R3nM-erzPp6ccsPB-6sw7Ppcfg==

GET
H2 200 GetPushScript Show response
pushpros.tech/ 2 KB
2 KB 547ms
220ms Fetch
application/json 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=timebucks.com
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3c9b6a1b5d827a72e2a3444732d5a24849899bf55887e71a65033845ef2f4f78

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 05:01:27 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: c77ac442-00cd-4216-bea7-ae6d03edbda9
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-610f6527-6626e7d0772801ff449f054f;Sampled=0
x-amz-apigw-id: Duy-NFIhoAMFkLQ=
content-length: 2180
x-amz-cf-id: fmRI1QzMi9okeVcQaCg4vBtkCtkWaqHthZFDlgVo9m7xxRShlYAGpg==

GET
H2 200 5eb5d2ef170d89a1d2ad280d_dollar%20background.jpg
uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/ 721 KB
722 KB 546ms
481ms Image
image/jpeg 13.224.96.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/5eb5d2ef170d89a1d2ad280d_dollar%20background.jpg
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lp3/timebucks.webflow.347d1fcb5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-72.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48986588ac9dcfbd636bfc3e61c3819fe865482d347cc16d16fd7151c20e47ed

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 23:34:42 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 21:45:21 GMT
server: AmazonS3
age: 970006
etag: "cb585ffdeb23a7ee75996d3f8fc587b3"
x-cache: Hit from cloudfront
x-amz-version-id: YXfL6sJWQnWT_W0ZqjtoaaPvdFVbxVEy
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 738225
x-amz-cf-id: CTciNQSd7LoDY2hJ2LyFKC2pZYjQIo38hfN-curXBieMFz2e4k0Yag==

GET
H2 200 5eb5c26717e59a03dec4ea7d_money-pattern.jpg
uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/ 96 KB
96 KB 217ms
152ms Image
image/jpeg 13.224.96.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/5eb5c26717e59a03dec4ea7d_money-pattern.jpg
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lp3/timebucks.webflow.347d1fcb5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-72.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 633c479bfe7c94a62769f65b5f09a10b0c7695a66af0cffe39cd1d8159c24d16

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 01:40:36 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Fri, 08 May 2020 20:34:49 GMT
server: AmazonS3
age: 962452
etag: "e0dd90bdd07249a42ab857ca3b580273"
x-cache: Hit from cloudfront
x-amz-version-id: zifEnfQp1OfjEb1wUtSZ_7pzdN_lHgW1
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 97994
x-amz-cf-id: bF0ap6ivtHRXExZFc8HAmm8j479WaxQw5xd5FfB-WATbrdRntSgfmg==

GET
H2 200 5ea1ee79b7c5c5657dced885_Graphik-Bold-Web.woff
uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/ 33 KB
34 KB 147ms
75ms Font
application/x-font-woff 13.224.96.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/5ea1ee79b7c5c555b2ced871/5ea1ee79b7c5c5657dced885_Graphik-Bold-Web.woff
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lp3/timebucks.webflow.347d1fcb5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-72.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00dfb2e0b9c29e51391581a334298c96ddbaaa847c99f7bd9f15e3902a496bec

Request headers

Origin: https://timebucks.com
Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 23:35:46 GMT
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 969942
x-cache: Hit from cloudfront
content-length: 34240
last-modified: Thu, 23 Apr 2020 19:37:30 GMT
server: AmazonS3
etag: "7f020dc941e936c5708aa81e356815c4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 8lyuWdR0M9G1VZttRg0oplSgA4lcdndQ
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: application/x-font-woff
x-amz-cf-id: qG5fxizYSfzQIP1kU-AlF1gGWAJ67MGC27ZwiwnsCgVsQ5KjYPA4Lg==

GET
H2 200 JTUQjIg1_i6t8kCHKm45_QpRyS7m.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUQjIg1_i6t8kCHKm45_QpRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d08191823eaeeacf724c684d09477a181f03288fd650bdf5fa57cbf1d446a956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:24:38 GMT
x-content-type-options: nosniff
age: 131809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19032
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:49:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:24:38 GMT

GET
H2 200 JTUOjIg1_i6t8kCHKm459WxZqh7k29M.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
19 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUOjIg1_i6t8kCHKm459WxZqh7k29M.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3062ac23d9facc83fd5a570852f30a52bee3abd8c29126e8fb90c5e0dc5325b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:38:49 GMT
x-content-type-options: nosniff
age: 130958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19220
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:49:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:38:49 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_aZA3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
19 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_aZA3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c316d8c903540b9368aec67a0ced1cee04e64e34a7aadc25ee3d1d34a0523a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:31:02 GMT
x-content-type-options: nosniff
age: 131425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19592
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:49:31 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:31:02 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZBg_z_PZw.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
20 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUPjIg1_i6t8kCHKm459WxZBg_z_PZw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

351f0a64df0a688a2130b6ffbf83c5d487852ddcb991170cbfd4111790db156d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:38:49 GMT
x-content-type-options: nosniff
age: 130958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19880
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:49:58 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:38:49 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:06:47 GMT
x-content-type-options: nosniff
age: 132880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19536
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:50:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:06:47 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZYgzz_PZw.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
20 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUPjIg1_i6t8kCHKm459WxZYgzz_PZw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b143c7d20fbf7be386e696a25c41d5614c0cbf9f4b2a0da4ee90e64b4832561b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:38:49 GMT
x-content-type-options: nosniff
age: 130958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19920
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:49:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:38:49 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:06:47 GMT
x-content-type-options: nosniff
age: 132880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:50:06 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:06:47 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v17/ 20 KB
20 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec83f9cccd120b3497a09d26618b516b2bd2c8e0e930919c0eda5516991901f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:19:54 GMT
x-content-type-options: nosniff
age: 132093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20248
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:50:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:19:54 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
20 KB 14ms
12ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:05:55 GMT
x-content-type-options: nosniff
age: 132932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19868
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:50:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:05:55 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZOg3z_PZw.woff2
fonts.gstatic.com/s/montserrat/v17/ 20 KB
20 KB 18ms
16ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUPjIg1_i6t8kCHKm459WxZOg3z_PZw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d661a41012e76f1e4516e67d936485f55af13c8a05fea837aa4d4efdf612736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:38:47 GMT
x-content-type-options: nosniff
age: 130960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20272
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:50:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:38:47 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
19 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:08:56 GMT
x-content-type-options: nosniff
age: 132751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19824
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:51:03 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:08:56 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZFgrz_PZw.woff2
fonts.gstatic.com/s/montserrat/v17/ 20 KB
20 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUPjIg1_i6t8kCHKm459WxZFgrz_PZw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68532604ba7561a346cbf951c0216463f5edf0ed7e02cc0bb4bcd19ab265c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:35:25 GMT
x-content-type-options: nosniff
age: 131162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20368
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:51:13 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:35:25 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 20 KB
20 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:08:54 GMT
x-content-type-options: nosniff
age: 132753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:51:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:08:54 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZcgvz_PZw.woff2
fonts.gstatic.com/s/montserrat/v17/ 20 KB
20 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a4722f7c6bfc8ed582a1da7f4e552be5350efe348638b31ec4a1291963c8e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:38:49 GMT
x-content-type-options: nosniff
age: 130958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20516
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:51:07 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:38:49 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 20 KB
20 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:27:28 GMT
x-content-type-options: nosniff
age: 131639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20016
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:51:40 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:27:28 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZbgjz_PZw.woff2
fonts.gstatic.com/s/montserrat/v17/ 20 KB
20 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUPjIg1_i6t8kCHKm459WxZbgjz_PZw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

820a6afc8e16fed1d011f6bb97958a303a0a4ffdc2a0aa8524c418124baca897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:38:49 GMT
x-content-type-options: nosniff
age: 130958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20536
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:51:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:38:49 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 19 KB
19 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:06:45 GMT
x-content-type-options: nosniff
age: 132882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:52:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:06:45 GMT

GET
H2 200 JTUPjIg1_i6t8kCHKm459WxZSgnz_PZw.woff2
fonts.gstatic.com/s/montserrat/v17/ 20 KB
20 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v17/JTUPjIg1_i6t8kCHKm459WxZSgnz_PZw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f350dae62c1aa2b4c25f3c78100b1239358816a1511f4ade7d627348ff8859a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://timebucks.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:38:49 GMT
x-content-type-options: nosniff
age: 130958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20224
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:52:29 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:38:49 GMT

GET
H2 200 modules.22ffbc00f37e258e2fc8.js Show response
script.hotjar.com/ 424 KB
87 KB 176ms
75ms Script
application/javascript 13.224.96.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.22ffbc00f37e258e2fc8.js

Requested by

Host: timebucks.com
URL: https://timebucks.com/software/lp3/hotjar-1816751.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-104.zrh50.r.cloudfront.net

Software

Resource Hash

6e4645526bc90c1bf23ce760ef2aa74deb2ea72846c3d587bcca96f87cb665e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 05:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15378174
x-cache: Hit from cloudfront
content-length: 88703
access-control-allow-origin: *
last-modified: Thu, 23 Jul 2020 18:35:38 GMT
etag: "4f918bf96a686363bfd7cbcbc152b471"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: k0cw46HphuEaFsVxwnVrD6z05-sFEDumEEOHI4carNbIifQ35sroZw==

GET
H/1.1 200
OK trackpush.min.js Show response
s3.amazonaws.com/trackpush/ 46 KB
13 KB 712ms
121ms Script
text/javascript 52.217.42.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Requested by: Host: newofficecap1.com
URL: http://newofficecap1.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.42.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a35b48f7b22048dcfba9b0cb7cdca6297dbe95a53d283f2d0f5c011e82bf736

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 05:01:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 20:59:56 GMT
Server: AmazonS3
x-amz-request-id: 2284RQ2E79JJNR2E
ETag: "5310252b209ffc616ca6090c078939c9"
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 13030
x-amz-id-2: t/5IZm7RjVuKO3+ivapKbnqUqQZaDOfclS58K7w9AI0P+OqZBQI1tHrwMmg/V5PG5ECZwF7gp/A=

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html Show response
timebucks.com/software/lp3/ Frame 2310 2 KB
1 KB 1366ms
1066ms Document
text/html 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://timebucks.com/software/lp3/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: openresty /
Resource Hash: 2818358574d2065e1d44c3cf76788bac37ccb2e52ba1022e315f413e343db367

Request headers

:method: GET
:authority: timebucks.com
:scheme: https
:path: /software/lp3/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _hjid=91d3811e-2570-4550-b29a-40c5e751ed19
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253

Response headers

date: Sun, 08 Aug 2021 05:01:28 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: br
content-length: 1003
content-type: text/html
last-modified: Fri, 24 Jul 2020 03:34:11 GMT
server: openresty
accept-ranges: bytes
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-hw: 1628398888.cds041.fr8.hn,1628398888.cds016.fr8.sc,1628398888.cdn2-wafbe01-fra1.stackpath.systems.-.wx,1628398888.cds016.fr8.p

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5093
date: Sun, 08 Aug 2021 03:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sun, 08 Aug 2021 05:36:34 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1568975045&t=pageview&_s=1&dl=https%3A%2F%2Ftimebucks.com%2Fsoftware%2Flander6.php%3Fsubid%3D%26clickid%3D440374w2s2a4b4s2i26413q2b4x2e2s2z2t...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-82210809-1&cid=1536917681.1628398888&jid=1194475232&_gid=1694456063.1628398888&gjid=239985450&_v=j83&z=547398964

35 B
111 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-82210809-1&cid=1536917681.1628398888&jid=1194475232&_gid=1694456063.1628398888&gjid=239985450&_v=j83&z=547398964

Requested by

Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 08 Aug 2021 05:01:27 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Aug 2021 05:01:27 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-82210809-1&cid=1536917681.1628398888&jid=1194475232&_gid=1694456063.1628398888&gjid=239985450&_v=j83&z=547398964
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame C5F3 0
0 460ms
137ms Document
application/xml 13.224.96.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: timebucks.com
URL: https://timebucks.com/software/lp3/hotjar-1816751.js.download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-12.zrh50.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://timebucks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://timebucks.com/

Response headers

content-type: application/xml
content-length: 243
date: Sun, 08 Aug 2021 05:01:28 GMT
content-encoding: br
x-robots-tag: none
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Ibw23GBw5oJlxruj9n-YF55jAp5mF1Dra24RxSyLjbjhneYBQ2wIJA==

GET
H3-29 200 collect
www.google-analytics.com/r/ 35 B
54 B 13ms
13ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1568975045&t=pageview&_s=1&dl=https%3A%2F%2Ftimebucks.com%2Fsoftware%2Flander6.php%3Fsubid%3D%26clickid%3D440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253&dr=http%3A%2F%2Fnewofficecap1.com%2F&ul=en-us&de=UTF-8&dt=Sweepstakes%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABE~&jid=1255583502&gjid=301544111&cid=1536917681.1628398888&tid=UA-135690027-14&_gid=1694456063.1628398888&_r=1&gtm=2ou7f0&z=722460101

Requested by

Host: timebucks.com
URL: https://timebucks.com/software/lander6.php?subid=&clickid=440374w2s2a4b4s2i26413q2b4x2e2s2z2t213b4c274t2y213t2y2v2w253

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://timebucks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Aug 2021 05:01:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.timebucks.com/	1970-01-19 20:19:58	Name: _gat_gtag_UA_135690027_14 Value: 1
.timebucks.com/	1970-01-20 13:51:10	Name: _ga Value: GA1.2.1536917681.1628398888
.timebucks.com/	1970-01-19 20:19:58	Name: _gat Value: 1
.timebucks.com/	1970-01-19 20:21:25	Name: _gid Value: GA1.2.1694456063.1628398888
.timebucks.com/	1969-12-31 23:59:59	Name: _hjid Value: 91d3811e-2570-4550-b29a-40c5e751ed19

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://s3.amazonaws.com/trackpush/trackpush.min.js(Line 1) Message: [aimtell] Browser does not support push
console-api	warning	URL: https://timebucks.com/software/lp3/modules.22ffbc00f37e258e2fc8.js.download(Line 1) Message: Hotjar Tracking Warning: Multiple Hotjar tracking codes were detected on this page. Tracking will not work as expected.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
live.maroohost.online
mybetterdl.com
newofficecap1.com
p185689.mybetterdl.com
pushpros.tech
s3.amazonaws.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
timebucks.com
uploads-ssl.webflow.com
vars.hotjar.com
www.google-analytics.com
www.offertoro.com
13.224.96.104
13.224.96.116
13.224.96.12
13.224.96.72
143.204.98.111
151.139.128.10
173.192.101.24
213.227.134.220
2a00:1450:4001:800::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9b
52.217.42.54
52.54.46.82
81.17.18.197
00dfb2e0b9c29e51391581a334298c96ddbaaa847c99f7bd9f15e3902a496bec
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e5509e6e7492d3b56024d5f937b36ad61de0834105d70ef2bbfb83198f9e2b2
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
1a4722f7c6bfc8ed582a1da7f4e552be5350efe348638b31ec4a1291963c8e8e
2676524c3c9c2ee914b8ab5cf92375025d51155439e76ae8ae45e723d097a03e
2818358574d2065e1d44c3cf76788bac37ccb2e52ba1022e315f413e343db367
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
3062ac23d9facc83fd5a570852f30a52bee3abd8c29126e8fb90c5e0dc5325b4
351f0a64df0a688a2130b6ffbf83c5d487852ddcb991170cbfd4111790db156d
363069fea6dc1726502d53b5a7e37bda5f5e5aa15c7fd3e27f04ac14726697e4
3a35b48f7b22048dcfba9b0cb7cdca6297dbe95a53d283f2d0f5c011e82bf736
3c9b6a1b5d827a72e2a3444732d5a24849899bf55887e71a65033845ef2f4f78
3d2ebc34736bbbc58891cf476e56a00ada31abe15e020ba383614c25a7553645
3ebc15e34a55127bc584505d0473d61895f390245331adc80ad39737aba039cf
48986588ac9dcfbd636bfc3e61c3819fe865482d347cc16d16fd7151c20e47ed
4c316d8c903540b9368aec67a0ced1cee04e64e34a7aadc25ee3d1d34a0523a6
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
623fa7d01ea162847a049ad52cd10672524b7e5eb42ee0648fc714d04677fa9c
633c479bfe7c94a62769f65b5f09a10b0c7695a66af0cffe39cd1d8159c24d16
68a6e4acf5a4a98003251b7b1aaf745e89c0c8d1ddb25c06d7c0e745223e6a6b
6e4645526bc90c1bf23ce760ef2aa74deb2ea72846c3d587bcca96f87cb665e0
7caf6b5ddda737594c6db1ff3f9fb1d3603ab063b167480a59c35801f56a5ebb
7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574
8046fa6790b92ddd2021890be6ee39323918bf3b32bdfe944dcea984ea361fb1
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
820a6afc8e16fed1d011f6bb97958a303a0a4ffdc2a0aa8524c418124baca897
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c5f03ede4174579471c26e148ddbfbfa288769405add63572b5f65b34b7c0e9
9d5ae9aa19580be0920c8986eed935aad41fe301a8b9bdfd4dbb8ca7f770ef38
9d661a41012e76f1e4516e67d936485f55af13c8a05fea837aa4d4efdf612736
a3202c5584350517cab7f1de0d43d54db0979c449df18fe70241e8c35de80919
a8b2f8f6a8bf1e0c08589f0a90feeb6a56faaf7bae3979cbfa8edb22ecdf734a
b143c7d20fbf7be386e696a25c41d5614c0cbf9f4b2a0da4ee90e64b4832561b
c2212b6698d16b98cf57fd239f68de003b96e4b5f1a5f10d896d1dc515cfd9b3
d08191823eaeeacf724c684d09477a181f03288fd650bdf5fa57cbf1d446a956
de5b63d2816148b6c167f662b7267cf227f6cc19099acca72834c5857b56a1b1
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ec83f9cccd120b3497a09d26618b516b2bd2c8e0e930919c0eda5516991901f6
f350dae62c1aa2b4c25f3c78100b1239358816a1511f4ade7d627348ff8859a7
f68532604ba7561a346cbf951c0216463f5edf0ed7e02cc0bb4bcd19ab265c81
f840ddeadb6b926009630b36066ecf339e569154496944853b8f8c83517b3eea
fa3ab04647a6c2a95d98be0553c5ff28b3e647f18d501c059c7889ee8271cf28
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

timebucks.com Open in urlscan Pro 151.139.128.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

27 %IPv6

13 Domains

16 Subdomains

12 IPs

5 Countries

2286 kBTransfer

2780 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

timebucks.com Open in urlscan Pro
151.139.128.10 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

27 %
IPv6

13
Domains

16
Subdomains

12
IPs

5
Countries

2286 kB
Transfer

2780 kB
Size

5
Cookies

49 HTTP transactions
0 data transactions