deluxebucks.net Open in urlscan Pro
107.21.105.88 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://deluxebucks.net/
Effective URL:
https://deluxebucks.net/
Submission: On September 11 via api (September 11th 2022, 2:55:25 am UTC) from SG — Scanned from DE

Summary HTTP 81 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 17 domains to perform 81 HTTP transactions. The main IP is 107.21.105.88, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is deluxebucks.net.
TLS certificate: Issued by Amazon on February 23rd 2022. Valid for: a year.

This is the only time deluxebucks.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	107.21.105.88 107.21.105.88	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:a9f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.24.57.253 216.24.57.253	397273 (RENDER) (RENDER)
6	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
10	52.216.112.67 52.216.112.67	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.78.69 13.225.78.69	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 5	35.169.55.181 35.169.55.181	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:20e... 2600:9000:20eb:5200:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:26b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.176.109.196 35.176.109.196	16509 (AMAZON-02) (AMAZON-02)
1	54.229.40.247 54.229.40.247	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.51 13.224.189.51	16509 (AMAZON-02) (AMAZON-02)
8	34.204.220.32 34.204.220.32	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.189.80 13.224.189.80	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	54.73.164.173 54.73.164.173	16509 (AMAZON-02) (AMAZON-02)
1	13.225.84.125 13.225.84.125	16509 (AMAZON-02) (AMAZON-02)
1	52.6.103.40 52.6.103.40	14618 (AMAZON-AES) (AMAZON-AES)
81	24

17 107.21.105.88 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-105-88.compute-1.amazonaws.com

deluxebucks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.24.57.253 (United States)

ASN397273 (RENDER, US)

cdn.quilljs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.216.112.67 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ppe-userenroll-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-69.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.169.55.181 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-55-181.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:5200:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)

create.lidstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.176.109.196 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-109-196.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.40.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-40-247.eu-west-1.compute.amazonaws.com

pixel.convertize.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-51.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.204.220.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-220-32.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-80.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.164.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-164-173.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-125.fra2.r.cloudfront.net

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.103.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-103-40.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gstatic.com fonts.gstatic.com www.gstatic.com	639 KB
17	deluxebucks.net 1 redirects deluxebucks.net	92 KB
10	amazonaws.com ppe-userenroll-assets.s3.amazonaws.com	200 KB
8	leadid.com create.leadid.com — Cisco Umbrella Rank: 21650	5 KB
7	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 31191 cdn.trustedform.com — Cisco Umbrella Rank: 35916	41 KB
6	google.com www.google.com — Cisco Umbrella Rank: 19	90 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 871 script.hotjar.com — Cisco Umbrella Rank: 1152 vars.hotjar.com — Cisco Umbrella Rank: 1247 in.hotjar.com — Cisco Umbrella Rank: 2418	69 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2119	364 B
2	anura.io script.anura.io — Cisco Umbrella Rank: 58649	19 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	110 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120 ajax.googleapis.com — Cisco Umbrella Rank: 480	31 KB
1	trueleadid.com deviceid.trueleadid.com — Cisco Umbrella Rank: 22960	2 KB
1	cloudfront.net d2m2wsoho8qq12.cloudfront.net	2 KB
1	convertize.io pixel.convertize.io — Cisco Umbrella Rank: 140629	174 B
1	lidstatic.com create.lidstatic.com — Cisco Umbrella Rank: 35843	39 KB
1	quilljs.com cdn.quilljs.com — Cisco Umbrella Rank: 57726	4 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1565	12 KB
81	17

	Domain	Requested by
17	deluxebucks.net	1 redirects deluxebucks.net ajax.googleapis.com cdn.trustedform.com
10	ppe-userenroll-assets.s3.amazonaws.com	deluxebucks.net cdn.trustedform.com
9	www.gstatic.com	www.google.com www.gstatic.com
8	create.leadid.com	create.lidstatic.com deviceid.trueleadid.com
8	fonts.gstatic.com	fonts.googleapis.com www.google.com deluxebucks.net
6	www.google.com	deluxebucks.net www.gstatic.com www.google.com
5	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
2	region1.google-analytics.com	www.googletagmanager.com
2	script.anura.io	deluxebucks.net script.anura.io
2	cdn.trustedform.com	deluxebucks.net api.trustedform.com
2	www.googletagmanager.com	deluxebucks.net www.googletagmanager.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	create.lidstatic.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	pixel.convertize.io	www.googletagmanager.com
1	create.lidstatic.com	deluxebucks.net
1	static.hotjar.com	deluxebucks.net
1	ajax.googleapis.com	deluxebucks.net
1	cdn.quilljs.com	deluxebucks.net
1	use.fontawesome.com	deluxebucks.net
1	fonts.googleapis.com	deluxebucks.net
81	23

This site contains no links.

Subject Issuer	Validity	Valid
deluxebucks.net Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
cdn.quilljs.com Cloudflare Inc ECC CA-3	`2022-06-27` - `2023-06-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
lidstatic.com Cloudflare Inc ECC CA-3	`2022-03-30` - `2023-03-30`	a year	crt.sh
script.anura.io Amazon	`2022-07-12` - `2023-08-10`	a year	crt.sh
*.convertize.io Sectigo RSA Domain Validation Secure Server CA	`2022-03-10` - `2023-03-10`	a year	crt.sh
create.leadid.com Amazon	`2021-10-22` - `2022-11-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2022-01-07` - `2023-02-05`	a year	crt.sh
*.trustedform.com Amazon	`2021-10-12` - `2022-11-09`	a year	crt.sh
cdn.trustedform.com Amazon	`2022-04-14` - `2023-05-13`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://deluxebucks.net/
Frame ID: A4F48BCC16081DCC9BD77AE926F962D3
Requests: 60 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkrYoaAAAAAKnjpmO40_FJKDe5WR1I7zyCiRUY&co=aHR0cHM6Ly9kZWx1eGVidWNrcy5uZXQ6NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=xbf2b3iimmra
Frame ID: E4907F0DC9BE9C3FB545C5601D1470AC
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: BC277474C3CA8A01E47F148BA2EE6448
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A
Frame ID: B37E6836C12E50FBE0D382556FADD0FF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=g8G8cw32bNQPGUVoDvt680GA&k=6LfkrYoaAAAAAKnjpmO40_FJKDe5WR1I7zyCiRUY
Frame ID: E31A1F0D506F737938F22CA6897C9AE8
Requests: 11 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A
Frame ID: B1D2CE1984F536A540EA1C1BF3E3DE73
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DeluxeBucks - $25,000

Page URL History Show full URLs

http://deluxebucks.net/ HTTP 301
https://deluxebucks.net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

81
Requests

99 %
HTTPS

43 %
IPv6

17
Domains

23
Subdomains

24
IPs

4
Countries

1366 kB
Transfer

3171 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://deluxebucks.net/ HTTP 301
https://deluxebucks.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16628649171140.20433032099727955&invert_field_sensitivity=false HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16628649171140.20433032099727955&invert_field_sensitivity=false

81 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
deluxebucks.net/
Redirect Chain

http://deluxebucks.net/
https://deluxebucks.net/

59 KB
15 KB

1139ms
917ms

Document
text/html

107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://deluxebucks.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-105-88.compute-1.amazonaws.com

Software

nginx/1.23.1 / Express

Resource Hash

ef6c7c4384d8bbc8e9aa08be7e1be0cc16f8baf8a625c317a259e714032c4302

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 11 Sep 2022 02:55:16 GMT
etag: W/"eb57-wDeqgVxGliZXd7w8ZJL10tNTJGc"
server: nginx/1.23.1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: Express

Redirect headers

Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8
Date: Sun, 11 Sep 2022 02:55:15 GMT
Location: https://deluxebucks.net/
Server: nginx/1.23.1
Vary: Accept
X-Frame-Options: SAMEORIGIN
X-Powered-By: Express

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 69ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,900

Requested by

Host: deluxebucks.net
URL: https://deluxebucks.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1bc76a0d3d207ba54a70fde9ab56e8218b29ca339378b5be28ce04c1ba7dfe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Sep 2022 02:55:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 11 Sep 2022 02:55:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Sep 2022 02:55:16 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.2/css/ 53 KB
12 KB 512ms
450ms Stylesheet
text/css 2606:4700:3032::ac43:a9f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer: https://deluxebucks.net/
Origin: https://deluxebucks.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PPC8FSFBXZXF07GT
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 8LlqS+MWjWJ/mvPIp4nTMOMvAobXLP3Qc2RWmPl8Fruha2UxB9dxJA2wCCPKJmE+nOVB9JH6enY=
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
server: cloudflare
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AYmJ2aLoX5AjidjnI85uiYpyZe9Qo0wMq8UM8Ip8RSSopUeooax16e%2BRoiCYlq8KgBNgmmME7jnT1KAgTj1VseKiqVsmKO7TstoJLaHDrc%2FIihEh9gAgBxMmnZzNiDz%2FpPVSciVWdzMdQ5Pb8PSH%2B9j"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 748d1fa0ba218397-MXP

GET
H2 200 bootstrap.min.css
deluxebucks.net/themes/deluxe-bucks/assets/css/bootstrap/ 150 KB
23 KB 117ms
112ms Stylesheet
text/css 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deluxebucks.net/themes/deluxe-bucks/assets/css/bootstrap/bootstrap.min.css
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:16 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 17:00:45 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 default.css
deluxebucks.net/assets/css/ 6 KB
1 KB 111ms
107ms Stylesheet
text/css 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deluxebucks.net/assets/css/default.css
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: d0d98234577192702f3e5ce17fca3d7e5f5a8104da1af8095d235fbd6d49ce74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:16 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 17:00:43 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.css
deluxebucks.net/themes/deluxe-bucks/assets/css/ 69 KB
10 KB 221ms
218ms Stylesheet
text/css 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deluxebucks.net/themes/deluxe-bucks/assets/css/main.css
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: d3dcf6f62e32518d4e6aadf056ede6290211e44c3e147efaa918f35ae4b9337f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:16 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 17:04:46 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 quill.snow.css
cdn.quilljs.com/1.2.6/ 24 KB
4 KB 96ms
29ms Stylesheet
text/css 216.24.57.253
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quilljs.com/1.2.6/quill.snow.css

Requested by

Host: deluxebucks.net
URL: https://deluxebucks.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.253 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ff9b66e28f97f63b7838be7849c34c1d5617b850557618e6c03c260976a9565

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 22:22:28 UTC
server: cloudflare
age: 118
etag: W/"9f6624fdd91fb800234c1afe33f6ecbe"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 748d1fa0bbdb995d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
965 B 66ms
25ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: deluxebucks.net
URL: https://deluxebucks.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

111c7aab98cbbc9b2b6296bd4e111c87fa7248d075b0fc830308faa798fcb878

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 552
x-xss-protection: 1; mode=block
expires: Sun, 11 Sep 2022 02:55:16 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ 82 KB
29 KB 71ms
17ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: deluxebucks.net
URL: https://deluxebucks.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 06:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29440
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 06:16:52 GMT

GET
H2 200 remodal.min.js Show response
deluxebucks.net/assets/js/ 21 KB
5 KB 110ms
108ms Script
application/javascript 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deluxebucks.net/assets/js/remodal.min.js
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: c688137dc1533e2f7e6b23450e9fbc83357a69b2f4cc416c5d0e1984bf197c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:16 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 17:00:43 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lander.js Show response
deluxebucks.net/assets/js/ 59 KB
13 KB 221ms
220ms Script
application/javascript 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deluxebucks.net/assets/js/lander.js
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 461ee39c4b78abcfcb2b66a80a8b160f2c6c20f0418ae048c719944c6ae70c3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:16 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 17:00:43 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 path-form.css
deluxebucks.net/assets/css/ 191 B
395 B 216ms
215ms Stylesheet
text/css 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deluxebucks.net/assets/css/path-form.css
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 4ec363ca2ce5d9c918815bca74a1e25c79a9fae3c3885c97ce6680fc01f585c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:16 GMT
last-modified: Sat, 10 Sep 2022 17:00:43 GMT
server: nginx/1.23.1
content-type: text/css
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 191
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1615407074514
ppe-userenroll-assets.s3.amazonaws.com/ 25 KB
25 KB 372ms
135ms Image
application/octet-stream 52.216.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1615407074514
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.112.67 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 84ca63991a76e7de41f14e3f2662de9952cecd5eff0c207c70733f4248648c23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 02:55:18 GMT
x-amz-meta-fieldname: image
Last-Modified: Wed, 10 Mar 2021 20:11:15 GMT
Server: AmazonS3
x-amz-request-id: 1F8ATNR74QR1RRR5
ETag: "12e681511c3727c21d05c862a077a88d"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 25563
x-amz-id-2: +B/rZlKgSR+Wz6JzioO9pBW08HCqOgJO1vw59pTbCtAmjKo49mWzx+nEKLd4+/vM+U5IR3DPCLE=

GET
H2 200 big-arrow.svg
deluxebucks.net/themes/deluxe-bucks/assets/img/ 810 B
1019 B 109ms
108ms Image
image/svg+xml 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deluxebucks.net/themes/deluxe-bucks/assets/img/big-arrow.svg
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 78a7b3d4d1b6356b853d99d6208f86287fe73190d069d47710fb67489ad6b9d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
last-modified: Sat, 10 Sep 2022 17:00:45 GMT
server: nginx/1.23.1
content-type: image/svg+xml
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 810
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1617299624222
ppe-userenroll-assets.s3.amazonaws.com/ 7 KB
8 KB 354ms
142ms Image
application/octet-stream 52.216.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1617299624222
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.112.67 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e5b4e090acdea72599695f2feb978d02a5d8229ed00d39defea75ae0d9b786d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 02:55:18 GMT
x-amz-meta-fieldname: image
Last-Modified: Thu, 01 Apr 2021 17:53:45 GMT
Server: AmazonS3
x-amz-request-id: 1F8DK4Z7BRKSPBH1
ETag: "e38a6f03fdd765cc4eaf6ca341536b3d"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 7386
x-amz-id-2: uEomGRI+ro+be6wnhwwScc5L7lep8PP/HlF7ZKgq2+t8RWAIhavfp161bN49+ss2kZte3jUc9VQ=

GET
H/1.1 200
OK 1617299628165
ppe-userenroll-assets.s3.amazonaws.com/ 6 KB
6 KB 354ms
142ms Image
application/octet-stream 52.216.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1617299628165
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.112.67 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1e5eb581373b06b004c0509095f3670a92681216d641e1a29937677cf56eb3ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 02:55:18 GMT
x-amz-meta-fieldname: image
Last-Modified: Thu, 01 Apr 2021 17:53:49 GMT
Server: AmazonS3
x-amz-request-id: 1F8B87J4K6XXG3X3
ETag: "fb93d42ec882754ba07313cdab209ede"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 6246
x-amz-id-2: VzvNCL8O77O6SrSxvAe2Z997x6sevh8pyBSSicJ3Gqj1Y4IsLmLLw4zw0I5+m0br4yOX9iTlw7k=

GET
H/1.1 200
OK 1617299631263
ppe-userenroll-assets.s3.amazonaws.com/ 7 KB
8 KB 354ms
140ms Image
application/octet-stream 52.216.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1617299631263
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.112.67 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 383a86f9b4db3005427126ddc072f3815739a626232c6c9e6e467e6635ee3abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 02:55:18 GMT
x-amz-meta-fieldname: image
Last-Modified: Thu, 01 Apr 2021 17:53:52 GMT
Server: AmazonS3
x-amz-request-id: 1F8F175B52FFY7TA
ETag: "9a6904979560d02266d1187296054809"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 7459
x-amz-id-2: Drehy3gzB/1rebcL3PJn006yEoJmyMWDeFScX8UEVT4v3VTy3Q42Ha+dQMa+M5KLYnjhMyJdMDY=

GET
H/1.1 200
OK 1617298777378
ppe-userenroll-assets.s3.amazonaws.com/ 53 KB
53 KB 363ms
148ms Image
application/octet-stream 52.216.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1617298777378
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.112.67 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 11c9c433bf9ae568049fc9297f0f22b54021edd65cd0bb0ae41a027ecdf3cf69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 02:55:18 GMT
x-amz-meta-fieldname: image
Last-Modified: Thu, 01 Apr 2021 17:39:38 GMT
Server: AmazonS3
x-amz-request-id: 1F83E28MNX4T9V9A
ETag: "707ae1f4b654940c742dc00301f5e8f2"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 53877
x-amz-id-2: IsZ5KNVqsHk+UNjF4ye3ZbLRFYhTzSfHbb6lyJuqi9tF1ma5IOrkFyOq+yrta+gbQM8SzQ0lFu4=

GET
H2 200 logotype.svg
deluxebucks.net/themes/deluxe-bucks/assets/img/ 11 KB
4 KB 109ms
107ms Image
image/svg+xml 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deluxebucks.net/themes/deluxe-bucks/assets/img/logotype.svg
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 31753f92b8057affdb8fc97958212552eb3dfee9c6c5eda72d20dbe734328dca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 17:00:45 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
37 KB 84ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T4GZSSB

Requested by

Host: deluxebucks.net
URL: https://deluxebucks.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

835ba65ffe860475e08432141910f462db71f83270a403c7d9c8de3a4510f7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37730
x-xss-protection: 0
last-modified: Sun, 11 Sep 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Sep 2022 02:55:17 GMT

GET
H2 200 hotjar-2358220.js Show response
static.hotjar.com/c/ 4 KB
2 KB 116ms
47ms Script
application/javascript 13.225.78.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2358220.js?sv=6

Requested by

Host: deluxebucks.net
URL: https://deluxebucks.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-69.fra2.r.cloudfront.net

Software

Resource Hash

cf092c67f537ece1c996799cec0edd8f67c2d7993b0edd88e3126cbb70ed8ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache-hit: 1
date: Sun, 11 Sep 2022 02:55:17 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-amz-cf-id: iVdwho1WY08wnFcaDWogHzOD6pTvy45FUwdWX3MSU3EvsSzAXSSSLQ==
etag: W/bee9d1079770b9c18f56eac8e9301270

GET
H2 200 polygon.svg
deluxebucks.net/themes/deluxe-bucks/assets/img/ 156 B
365 B 108ms
107ms Image
image/svg+xml 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deluxebucks.net/themes/deluxe-bucks/assets/img/polygon.svg
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/themes/deluxe-bucks/assets/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 84c4c7a941c3d6ceeb8747ccada64f3e2cc271ccf781f40930c3944df2d476a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/themes/deluxe-bucks/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
last-modified: Sat, 10 Sep 2022 17:00:45 GMT
server: nginx/1.23.1
content-type: image/svg+xml
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 156
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 polygon-stroke.svg
deluxebucks.net/themes/deluxe-bucks/assets/img/ 389 B
598 B 107ms
106ms Image
image/svg+xml 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deluxebucks.net/themes/deluxe-bucks/assets/img/polygon-stroke.svg
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/themes/deluxe-bucks/assets/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 9cdbe05f5a87d8e1d0a3dc0f3215dffea7261c33069f11b9c42fbf4b7c62456a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/themes/deluxe-bucks/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
last-modified: Sat, 10 Sep 2022 17:00:45 GMT
server: nginx/1.23.1
content-type: image/svg+xml
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 389
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Multicolore.otf
deluxebucks.net/themes/deluxe-bucks/assets/fonts/ 21 KB
9 KB 108ms
107ms Font
application/octet-stream 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deluxebucks.net/themes/deluxe-bucks/assets/fonts/Multicolore.otf
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/themes/deluxe-bucks/assets/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 5a8d7a57a6c9fb513c9d0bc31b5a5b7d56e030d5bf05902a0936424ebee08f1f

Request headers

Referer: https://deluxebucks.net/themes/deluxe-bucks/assets/css/main.css
Origin: https://deluxebucks.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 17:00:45 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: text/plain
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 76ms
34ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deluxebucks.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 468932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 16:39:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 63ms
21ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deluxebucks.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 03:39:12 GMT
x-content-type-options: nosniff
age: 256565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 03:39:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 59ms
17ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://deluxebucks.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 134868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 13:27:29 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ 390 KB
156 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://deluxebucks.net/
Origin: https://deluxebucks.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 14:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158665
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 14:34:51 GMT

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16628649171140.20433032099727955&invert_field_sensitivity=false
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16628649171140.20433032099727955&invert_field_sensitivity=false

8 KB
4 KB

201ms
134ms

Script
application/javascript

2600:9000:20eb:5200:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16628649171140.20433032099727955&invert_field_sensitivity=false
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: H2
Server: 2600:9000:20eb:5200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 607020848525f662633b5a3d9c7826462e6dab9b39967e0ee572c91a83f7f9b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:18 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"97d91c9803cec4e7981c0f415c2c1923"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-version-id: 9tpprjSXF1V1i663qaS1L8y.yb5CQ2dA
x-amz-cf-id: uVmrmOPSBB5NIJnkA5tKDIvoWFw9iNAGTuG_9x9VxqleShJruBWjNQ==

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16628649171140.20433032099727955&invert_field_sensitivity=false
date: Sun, 11 Sep 2022 02:55:17 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js Show response
create.lidstatic.com/campaign/ 123 KB
39 KB 85ms
30ms Script
text/javascript 2606:4700:10::6816:26b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2
Requested by: Host: deluxebucks.net
URL: https://deluxebucks.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88c005e8d08c6760c2cbbf77899d86bf6967d328a6e733b807cbccf73453c54a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 12 Nov 2021 01:22:24 GMT
server: cloudflare
age: 174
etag: W/"cb532b954b1c0bdd8f25f1ffc75a56be"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
x-amz-version-id: vWYFVBaTDG1jLQMntW2oNYlUM20yL4Wi
cf-ray: 748d1fa46ffd021d-ZRH
x-amz-request-id: 2S8K9CXBPK8QM3DH
x-amz-id-2: UC0IflmCnAX7QpSrGWM4NHDbIkmYurIaRIKWvNg6HpoXuLcVmAom9QveVuKvV8b1OQFV5JcUN60=

GET
H2 200 request.js Show response
script.anura.io/ 50 KB
18 KB 171ms
90ms Script
application/javascript 35.176.109.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=1960202113&source=122-1000&campaign=&exid=2f9109d7-ffd3-4f25-9584-2ccab226de7f&variable=ezresponse&callback=anuraCallback&811250841946

Requested by

Host: deluxebucks.net
URL: https://deluxebucks.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.109.196 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-109-196.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4d617c9ad84b67d6f8cb366d2c3598bd0d35a158b02138a33546db4906254356

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H2 200 submit Show response
deluxebucks.net/api/session/ 7 KB
2 KB 338ms
338ms XHR
application/json 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://deluxebucks.net/api/session/submit

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-105-88.compute-1.amazonaws.com

Software

nginx/1.23.1 / Express

Resource Hash

8c2e3c9b50859e50ea099830c7edd19ea58be6468131ef5d0c7563ac450ffa70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://deluxebucks.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: gzip
etag: W/"1d31-CQu7Pf3DANbXzlx1hCuiHZOjiSc"
server: nginx/1.23.1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 8025.js Show response
pixel.convertize.io/ 0
174 B 139ms
40ms Script
application/javascript 54.229.40.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.convertize.io/8025.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4GZSSB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.40.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-40-247.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
last-modified: Mon, 13 Sep 2021 15:31:20 GMT
server: nginx
content-type: application/javascript
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
accept-ranges: bytes
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
73 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6RD16E4GBQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4GZSSB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd8ec13abd590c0b23fd08969dbc5458d4e812c8b00c9a9ac44baa56ab8764db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74298
x-xss-protection: 0
expires: Sun, 11 Sep 2022 02:55:17 GMT

GET
H2 200 modules.448392d04fd1e15c100a.js Show response
script.hotjar.com/ 251 KB
65 KB 64ms
18ms Script
application/javascript 13.224.189.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.448392d04fd1e15c100a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2358220.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-51.fra2.r.cloudfront.net

Software

Resource Hash

f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 10:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 316630
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 65486
access-control-allow-origin: *
last-modified: Wed, 07 Sep 2022 10:57:54 GMT
etag: "dda0289b22368ab84a40f8dab68ddb9e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: w3FK7qjg_Oel5IWo60A9q-nmLWBoVDKbeL5QDxd-XMmlgBhFpSkcOQ==

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.9/ 36 B
657 B 385ms
153ms XHR
text/plain 34.204.220.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=4682d65d-13b2-4b55-b876-8674fcee1b5f&_=4587582

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.220.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-220-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

efcd0d09c38ef9a99c79404c3b058f5dbb3c6cc3d9d389fa2b43aeac52223c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E490 42 KB
22 KB 72ms
39ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkrYoaAAAAAKnjpmO40_FJKDe5WR1I7zyCiRUY&co=aHR0cHM6Ly9kZWx1eGVidWNrcy5uZXQ6NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=xbf2b3iimmra

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8aff7d9c0f5b6dba340ed44cdaa7eccc7e2e4e641364228428f0fe9e976b48ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Dol5mpaKXBq6XJZO3kqobw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deluxebucks.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22646
content-security-policy: script-src 'report-sample' 'nonce-Dol5mpaKXBq6XJZO3kqobw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 02:55:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame BC27 2 KB
1 KB 61ms
16ms Document
text/html 13.224.189.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2358220.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-80.fra2.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://deluxebucks.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 322690
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-id: PNLGuSbRuQ3i35jDBATOR3MKDMX94ah6MYpWk_KcgiysCNJRijx8oQ==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 75ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6RD16E4GBQ&gtm=2oe970&_p=1883915577&cid=1632921785.1662864917&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662864917&sct=1&seg=0&dl=https%3A%2F%2Fdeluxebucks.net%2F&dt=DeluxeBucks%20-%20%2425%2C000&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6RD16E4GBQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 02:55:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://deluxebucks.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame E490 52 KB
24 KB 51ms
17ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkrYoaAAAAAKnjpmO40_FJKDe5WR1I7zyCiRUY&co=aHR0cHM6Ly9kZWx1eGVidWNrcy5uZXQ6NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=xbf2b3iimmra

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 19:19:46 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame E490 390 KB
155 KB 59ms
24ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 14:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158665
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 14:34:51 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2358220/ 148 B
322 B 136ms
41ms XHR
application/json 54.73.164.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2358220/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.448392d04fd1e15c100a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.164.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-164-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a7a706ea35bec3b8e407aa0d6c26219d8be48a646e4a2e6098193b83e2cbd347

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E490 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 198908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 15 Sep 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E490 15 KB
15 KB 57ms
23ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 380916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Sep 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E490 15 KB
15 KB 51ms
17ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 448438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 22:21:19 GMT

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame B37E 3 KB
2 KB 63ms
17ms Document
text/html 13.225.84.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.225.84.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-84-125.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://deluxebucks.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 844
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 11 Sep 2022 02:41:13 GMT
ETag: W/"6298d697-dbb"
Last-Modified: Thu, 02 Jun 2022 15:26:15 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Xsd4aj9frYMM06ohwq77S75IU-KMZvRlFyUd6AV_61ARqb4Y6-AbPg==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Hit from cloudfront

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.9/ 0
621 B 110ms
109ms XHR
text/plain 34.204.220.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=4682d65d-13b2-4b55-b876-8674fcee1b5f&token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&_=4587583

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.220.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-220-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
620 B 205ms
204ms XHR
text/plain 34.204.220.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=4682d65d-13b2-4b55-b876-8674fcee1b5f&token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&_=4587584

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.220.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-220-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E490 102 B
134 B 25ms
24ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=g8G8cw32bNQPGUVoDvt680GA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ee23a368d4d73e542e0eb7edc3ae2f5fddc59b439cc0fb7a4cf6ff90cbc5fbd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfkrYoaAAAAAKnjpmO40_FJKDe5WR1I7zyCiRUY&co=aHR0cHM6Ly9kZWx1eGVidWNrcy5uZXQ6NDQz&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=xbf2b3iimmra
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 11 Sep 2022 02:55:17 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame E31A 7 KB
1 KB 34ms
33ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=g8G8cw32bNQPGUVoDvt680GA&k=6LfkrYoaAAAAAKnjpmO40_FJKDe5WR1I7zyCiRUY

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c2f672892f0727ec0418083c569b1b8152cfd8583efec6b141ef7ae43bf644cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OuOfSnWnpwstxxVmTSA1Nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deluxebucks.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-OuOfSnWnpwstxxVmTSA1Nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Sep 2022 02:55:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame B1D2 4 KB
2 KB 336ms
106ms Document
text/html 52.6.103.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.103.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-103-40.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400 public
content-encoding: gzip
content-type: text/html
date: Sun, 11 Sep 2022 02:55:18 GMT
etag: W/"62a74f42-1049"
expires: Mon, 12 Sep 2022 02:55:18 GMT
last-modified: Mon, 13 Jun 2022 14:52:50 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server: nginx

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame E31A 52 KB
24 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=g8G8cw32bNQPGUVoDvt680GA&k=6LfkrYoaAAAAAKnjpmO40_FJKDe5WR1I7zyCiRUY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 19:19:46 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame E31A 390 KB
155 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=g8G8cw32bNQPGUVoDvt680GA&k=6LfkrYoaAAAAAKnjpmO40_FJKDe5WR1I7zyCiRUY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 14:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158665
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 14:34:51 GMT

POST
H2 200 response.json Show response
script.anura.io/ 73 B
424 B 361ms
294ms XHR
application/json 35.176.109.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=1960202113&source=122-1000&campaign=&exid=2f9109d7-ffd3-4f25-9584-2ccab226de7f&variable=ezresponse&callback=anuraCallback&811250841946

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.109.196 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-176-109-196.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d2fda4a764c91dc5e3053b1694fa0acb11cb42bc8254d54aee65d8305a6229e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 02:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame E31A 38 KB
23 KB 57ms
57ms XHR
application/json 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfkrYoaAAAAAKnjpmO40_FJKDe5WR1I7zyCiRUY

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

175d9ca15639b95ba487b88fd980d54f7cde8f0a4f922f1a777163f41de7c676

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=g8G8cw32bNQPGUVoDvt680GA&k=6LfkrYoaAAAAAKnjpmO40_FJKDe5WR1I7zyCiRUY
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 11 Sep 2022 02:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23107
x-xss-protection: 1; mode=block
expires: Sun, 11 Sep 2022 02:55:17 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame E31A 600 B
624 B 16ms
15ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 09:45:36 GMT
x-content-type-options: nosniff
age: 320982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 14 Sep 2022 09:45:36 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame E31A 530 B
554 B 17ms
16ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 21:24:07 GMT
x-content-type-options: nosniff
age: 451871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 12 Sep 2022 21:24:07 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame E31A 665 B
689 B 18ms
17ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 18:58:22 GMT
x-content-type-options: nosniff
age: 287816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 14 Sep 2022 18:58:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E31A 15 KB
15 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: deluxebucks.net
URL: https://deluxebucks.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 380917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Sep 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E31A 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: deluxebucks.net
URL: https://deluxebucks.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 21:19:14 GMT
x-content-type-options: nosniff
age: 452164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 05 Sep 2023 21:19:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E31A 15 KB
15 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: deluxebucks.net
URL: https://deluxebucks.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 448439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 22:21:19 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame E31A 43 KB
43 KB 26ms
26ms Image
image/jpeg 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06ANYolqvxS0DUEAr8sz95lbC1ssq6GDaJEk79H_0O4wweWwTmzqxWrjoUStywQ5m2evOsSZytcAtUvsnIs_2-hmk9-hOnOTN2G28TpGTVgHR4g8H7NiYzan8UL6uzaIWOcQ6SkTUMTCMSECFA-PthtpdlRg-kMhTNj5sH2_UIqJWb8aP5SH3DW7U-eik9DNM2MoUl28znmdL-WDT780DhKJQc4mC9pCDolA&k=6LfkrYoaAAAAAKnjpmO40_FJKDe5WR1I7zyCiRUY

Requested by

Host: deluxebucks.net
URL: https://deluxebucks.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

67baaf24bce7bfdc0001c99033ffc475b60ab9b87404ced21a2d008c322b64ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=g8G8cw32bNQPGUVoDvt680GA&k=6LfkrYoaAAAAAKnjpmO40_FJKDe5WR1I7zyCiRUY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:18 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43626
x-xss-protection: 1; mode=block
expires: Sun, 11 Sep 2022 02:55:18 GMT

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.9/ Frame B1D2 0
625 B 322ms
109ms Script
text/javascript 34.204.220.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&methods=48&token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&uuid=d354e0eac88f46bd805ec1d604f1967f

Requested by

Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=CBBC58D7-CA44-C52F-1907-DC09FB320ED4&lac=934E3705-AE01-D5F3-9E2B-B9A54E634C7A

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.220.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-220-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:18 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 submit Show response
deluxebucks.net/api/session/ 7 KB
3 KB 910ms
909ms XHR
application/json 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://deluxebucks.net/api/session/submit

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-105-88.compute-1.amazonaws.com

Software

nginx/1.23.1 / Express

Resource Hash

752bbde69d0a9c1621cb6aad3a9769f269a22a7403e85b18fd5554fa8dea0795

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://deluxebucks.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 11 Sep 2022 02:55:19 GMT
content-encoding: gzip
etag: W/"1d84-35WomWhpqPr/gEXXCgBKwF4vhOI"
server: nginx/1.23.1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8

POST
H2 201 certs Show response
api.trustedform.com/ 475 B
686 B 325ms
109ms XHR
application/json 35.169.55.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16628649171140.20433032099727955&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.55.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-55-181.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 6d44bf5d78e1be853955549d52888b8d0bc266ff1fb67c8d1adcd83933f691b8

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Sep 2022 02:55:18 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 475

GET
H2 200 trustedform-1.8.27.js Show response
cdn.trustedform.com/ 99 KB
37 KB 24ms
23ms Script
application/javascript 2600:9000:20eb:5200:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16628649171140.20433032099727955&invert_field_sensitivity=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67a63477cbc6cfaa632e9b56ba4c8a247f34504534b58705906f36a1627c2458

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: 6olc5v40B1RpRJGb5GYISB93fSUp4tqK
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
server: AmazonS3
age: 10
etag: W/"2f557edcc84fd346c897a4d565e57ac0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
date: Sun, 11 Sep 2022 02:55:18 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: EiVBluWzuvPY9Ulr5YCh-78XLThK4VRTmk30Y2lCd4gJ1beIeOkq0A==

POST
H2 204 snapshot Show response
api.trustedform.com/certs/457c4d98920077d274c82a7d0a612d5434e95448/ 0
159 B 217ms
217ms XHR
text/plain 35.169.55.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/457c4d98920077d274c82a7d0a612d5434e95448/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.55.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-55-181.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 11 Sep 2022 02:55:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
H/1.1 200
OK 1615407074514
ppe-userenroll-assets.s3.amazonaws.com/ 25 KB
25 KB 117ms
117ms Image
application/octet-stream 52.216.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1615407074514
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.112.67 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 84ca63991a76e7de41f14e3f2662de9952cecd5eff0c207c70733f4248648c23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 02:55:19 GMT
x-amz-meta-fieldname: image
Last-Modified: Wed, 10 Mar 2021 20:11:15 GMT
Server: AmazonS3
x-amz-request-id: AHF5J6MPTS6DNFNN
ETag: "12e681511c3727c21d05c862a077a88d"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 25563
x-amz-id-2: irbbub8yb9+DkwN49gASCNNbkQZElioyJZw1Ig8cwEC7xcpvI1qz7CBrhxRQHPPOcNiszFgVPC0=

GET
H2 200 big-arrow.svg
deluxebucks.net/themes/deluxe-bucks/assets/img/ 810 B
1019 B 107ms
107ms Image
image/svg+xml 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deluxebucks.net/themes/deluxe-bucks/assets/img/big-arrow.svg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 78a7b3d4d1b6356b853d99d6208f86287fe73190d069d47710fb67489ad6b9d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:18 GMT
last-modified: Sat, 10 Sep 2022 17:00:45 GMT
server: nginx/1.23.1
content-type: image/svg+xml
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 810
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1617299624222
ppe-userenroll-assets.s3.amazonaws.com/ 7 KB
8 KB 118ms
118ms Image
application/octet-stream 52.216.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1617299624222
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.112.67 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e5b4e090acdea72599695f2feb978d02a5d8229ed00d39defea75ae0d9b786d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 02:55:19 GMT
x-amz-meta-fieldname: image
Last-Modified: Thu, 01 Apr 2021 17:53:45 GMT
Server: AmazonS3
x-amz-request-id: AHFB97FZKZHR3BSK
ETag: "e38a6f03fdd765cc4eaf6ca341536b3d"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 7386
x-amz-id-2: ZNOh8WQAQvTSbgl1SB3Pu9i4V/E6PyXHKEhtu//FBBEJrLi+yofeO4YwpN8KB6FHbVAjGOuWpwg=

GET
H/1.1 200
OK 1617299628165
ppe-userenroll-assets.s3.amazonaws.com/ 6 KB
6 KB 120ms
120ms Image
application/octet-stream 52.216.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1617299628165
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.112.67 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1e5eb581373b06b004c0509095f3670a92681216d641e1a29937677cf56eb3ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 02:55:19 GMT
x-amz-meta-fieldname: image
Last-Modified: Thu, 01 Apr 2021 17:53:49 GMT
Server: AmazonS3
x-amz-request-id: AHF7R28H2ST01DTN
ETag: "fb93d42ec882754ba07313cdab209ede"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 6246
x-amz-id-2: aQi37CPlV6nQMX9DOLtl2qBng7jmA/xpLd8S5JmpCQHe0b6y40PuuhraznBHXBCPMZIpabEApBQ=

GET
H/1.1 200
OK 1617299631263
ppe-userenroll-assets.s3.amazonaws.com/ 7 KB
8 KB 119ms
119ms Image
application/octet-stream 52.216.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1617299631263
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.112.67 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 383a86f9b4db3005427126ddc072f3815739a626232c6c9e6e467e6635ee3abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 02:55:19 GMT
x-amz-meta-fieldname: image
Last-Modified: Thu, 01 Apr 2021 17:53:52 GMT
Server: AmazonS3
x-amz-request-id: AHFESKHK3K46P64R
ETag: "9a6904979560d02266d1187296054809"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 7459
x-amz-id-2: nFQCqs+W5jk5Ojz1F+GfoQKMt4eBU4fxbDIHOpcm4Qxb2MS4IkjLJK0iwcqEVHa05mp4S9HYbkA=

GET
H/1.1 200
OK 1617298777378
ppe-userenroll-assets.s3.amazonaws.com/ 53 KB
53 KB 121ms
121ms Image
application/octet-stream 52.216.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppe-userenroll-assets.s3.amazonaws.com/1617298777378
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.112.67 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 11c9c433bf9ae568049fc9297f0f22b54021edd65cd0bb0ae41a027ecdf3cf69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 02:55:19 GMT
x-amz-meta-fieldname: image
Last-Modified: Thu, 01 Apr 2021 17:39:38 GMT
Server: AmazonS3
x-amz-request-id: AHF7VKC1T70D47TF
ETag: "707ae1f4b654940c742dc00301f5e8f2"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 53877
x-amz-id-2: hMMJsaKddxGCgck5o6sVy3OwBnkm9nY7rPw/APbsEq9IFcP3ALjzibuIytIQABwARog3zgsW9SU=

GET
H2 200 logotype.svg
deluxebucks.net/themes/deluxe-bucks/assets/img/ 11 KB
4 KB 108ms
107ms Image
image/svg+xml 107.21.105.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deluxebucks.net/themes/deluxe-bucks/assets/img/logotype.svg
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.105.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-105-88.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 31753f92b8057affdb8fc97958212552eb3dfee9c6c5eda72d20dbe734328dca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 02:55:18 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 17:00:45 GMT
server: nginx/1.23.1
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/457c4d98920077d274c82a7d0a612d5434e95448/ 0
159 B 208ms
207ms XHR
text/plain 35.169.55.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/457c4d98920077d274c82a7d0a612d5434e95448/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.55.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-55-181.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 11 Sep 2022 02:55:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

GET
DATA 200
OK truncated
/ 10 KB
10 KB Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
621 B 532ms
213ms XHR
text/plain 34.204.220.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=4&pid=4682d65d-13b2-4b55-b876-8674fcee1b5f&token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&_=4587585

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.220.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-220-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 11 Sep 2022 02:55:19 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.9/ 0
621 B 254ms
254ms XHR
text/plain 34.204.220.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/InitFormData?msn=5&pid=4682d65d-13b2-4b55-b876-8674fcee1b5f&token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&_=4587586

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.220.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-220-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 11 Sep 2022 02:55:19 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
621 B 447ms
220ms XHR
text/plain 34.204.220.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=6&pid=4682d65d-13b2-4b55-b876-8674fcee1b5f&token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&_=4587587

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.220.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-220-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 11 Sep 2022 02:55:19 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 events
api.trustedform.com/certs/457c4d98920077d274c82a7d0a612d5434e95448/ 0
159 B 108ms
107ms Ping
text/plain 35.169.55.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/457c4d98920077d274c82a7d0a612d5434e95448/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.55.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-55-181.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 11 Sep 2022 02:55:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: Cowboy
access-control-expose-headers

POST
H2 200 Snap Show response
create.leadid.com/2.11.9/ 0
620 B 130ms
129ms XHR
text/plain 34.204.220.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://create.leadid.com/2.11.9/Snap?msn=7&pid=4682d65d-13b2-4b55-b876-8674fcee1b5f&token=021470EB-C320-54F7-C0EC-E7C38CB11DD9&_=4587588

Requested by

Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/cbbc58d7-ca44-c52f-1907-dc09fb320ed4.js?snippet_version=2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.220.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-220-32.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://deluxebucks.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 11 Sep 2022 02:55:19 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 55ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6RD16E4GBQ&gtm=2oe970&_p=1883915577&cid=1632921785.1662864917&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1662864917&sct=1&seg=0&dl=https%3A%2F%2Fdeluxebucks.net%2F&dt=DeluxeBucks%20-%20%2425%2C000&en=scroll&epn.percent_scrolled=90&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6RD16E4GBQ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deluxebucks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 02:55:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://deluxebucks.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 10:13:36	Name: _GRECAPTCHA Value: 09ALjpSlqOtFtbCdR4B3WcH5NAgjZXs1PaDasLmUxt0fpgsCobxzB2lKpvRkZoXNih50j1YUNyNJcDp_qu09qYLa4
deluxebucks.net/	1970-01-20 14:40:00	Name: _psession Value: d4995348-b011-4e78-9551-f92ea1e17af3
.deluxebucks.net/	1970-01-20 15:30:24	Name: _ga_6RD16E4GBQ Value: GS1.1.1662864917.1.0.1662864917.0.0.0
.deluxebucks.net/	1970-01-20 15:30:24	Name: _ga Value: GA1.1.1632921785.1662864917
.deluxebucks.net/	1970-01-20 14:40:00	Name: _hjSessionUser_2358220 Value: eyJpZCI6Ijc2OTlkNDRlLTJjYjQtNTg0Yy04ZWI2LTViNDAwMDMwMmNmZCIsImNyZWF0ZWQiOjE2NjI4NjQ5MTczMzIsImV4aXN0aW5nIjpmYWxzZX0=
.deluxebucks.net/	1970-01-20 05:54:26	Name: _hjFirstSeen Value: 1
deluxebucks.net/	1970-01-20 05:54:25	Name: _hjIncludedInSessionSample Value: 0
.deluxebucks.net/	1970-01-20 05:54:26	Name: _hjSession_2358220 Value: eyJpZCI6IjQ3MjZmN2I5LWI4MjMtNGM5YS1iMzQ4LWI3NTUzZmIwZDEwMSIsImNyZWF0ZWQiOjE2NjI4NjQ5MTc0OTAsImluU2FtcGxlIjpmYWxzZX0=
deluxebucks.net/	1970-01-20 05:54:25	Name: _hjIncludedInPageviewSample Value: 1
.deluxebucks.net/	1970-01-20 05:54:26	Name: _hjAbsoluteSessionInProgress Value: 0
deluxebucks.net/	1970-01-20 05:54:25	Name: leadid_token-934E3705-AE01-D5F3-9E2B-B9A54E634C7A-CBBC58D7-CA44-C52F-1907-DC09FB320ED4 Value: 021470EB-C320-54F7-C0EC-E7C38CB11DD9
.deviceid.trueleadid.com/	1970-01-20 15:30:24	Name: uuid Value: d354e0eac88f46bd805ec1d604f1967f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.trustedform.com
cdn.quilljs.com
cdn.trustedform.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deluxebucks.net
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
pixel.convertize.io
ppe-userenroll-assets.s3.amazonaws.com
region1.google-analytics.com
script.anura.io
script.hotjar.com
static.hotjar.com
use.fontawesome.com
vars.hotjar.com
www.google.com
www.googletagmanager.com
www.gstatic.com
107.21.105.88
13.224.189.51
13.224.189.80
13.225.78.69
13.225.84.125
2001:4860:4802:32::36
216.24.57.253
2600:9000:20eb:5200:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2606:4700:3032::ac43:a9f7
2a00:1450:4001:803::2003
2a00:1450:4001:806::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
34.204.220.32
35.169.55.181
35.176.109.196
52.216.112.67
52.6.103.40
54.229.40.247
54.73.164.173
111c7aab98cbbc9b2b6296bd4e111c87fa7248d075b0fc830308faa798fcb878
11c9c433bf9ae568049fc9297f0f22b54021edd65cd0bb0ae41a027ecdf3cf69
175d9ca15639b95ba487b88fd980d54f7cde8f0a4f922f1a777163f41de7c676
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e5eb581373b06b004c0509095f3670a92681216d641e1a29937677cf56eb3ed
31753f92b8057affdb8fc97958212552eb3dfee9c6c5eda72d20dbe734328dca
383a86f9b4db3005427126ddc072f3815739a626232c6c9e6e467e6635ee3abe
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ff9b66e28f97f63b7838be7849c34c1d5617b850557618e6c03c260976a9565
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
461ee39c4b78abcfcb2b66a80a8b160f2c6c20f0418ae048c719944c6ae70c3f
4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f
4d617c9ad84b67d6f8cb366d2c3598bd0d35a158b02138a33546db4906254356
4ec363ca2ce5d9c918815bca74a1e25c79a9fae3c3885c97ce6680fc01f585c4
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a8d7a57a6c9fb513c9d0bc31b5a5b7d56e030d5bf05902a0936424ebee08f1f
5ee23a368d4d73e542e0eb7edc3ae2f5fddc59b439cc0fb7a4cf6ff90cbc5fbd
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
607020848525f662633b5a3d9c7826462e6dab9b39967e0ee572c91a83f7f9b1
67a63477cbc6cfaa632e9b56ba4c8a247f34504534b58705906f36a1627c2458
67baaf24bce7bfdc0001c99033ffc475b60ab9b87404ced21a2d008c322b64ed
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6d44bf5d78e1be853955549d52888b8d0bc266ff1fb67c8d1adcd83933f691b8
752bbde69d0a9c1621cb6aad3a9769f269a22a7403e85b18fd5554fa8dea0795
78a7b3d4d1b6356b853d99d6208f86287fe73190d069d47710fb67489ad6b9d8
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
835ba65ffe860475e08432141910f462db71f83270a403c7d9c8de3a4510f7a3
84c4c7a941c3d6ceeb8747ccada64f3e2cc271ccf781f40930c3944df2d476a6
84ca63991a76e7de41f14e3f2662de9952cecd5eff0c207c70733f4248648c23
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
88c005e8d08c6760c2cbbf77899d86bf6967d328a6e733b807cbccf73453c54a
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8aff7d9c0f5b6dba340ed44cdaa7eccc7e2e4e641364228428f0fe9e976b48ee
8c2e3c9b50859e50ea099830c7edd19ea58be6468131ef5d0c7563ac450ffa70
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9cdbe05f5a87d8e1d0a3dc0f3215dffea7261c33069f11b9c42fbf4b7c62456a
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a7a706ea35bec3b8e407aa0d6c26219d8be48a646e4a2e6098193b83e2cbd347
c2f672892f0727ec0418083c569b1b8152cfd8583efec6b141ef7ae43bf644cf
c688137dc1533e2f7e6b23450e9fbc83357a69b2f4cc416c5d0e1984bf197c87
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cf092c67f537ece1c996799cec0edd8f67c2d7993b0edd88e3126cbb70ed8ef1
d0d98234577192702f3e5ce17fca3d7e5f5a8104da1af8095d235fbd6d49ce74
d2fda4a764c91dc5e3053b1694fa0acb11cb42bc8254d54aee65d8305a6229e4
d3dcf6f62e32518d4e6aadf056ede6290211e44c3e147efaa918f35ae4b9337f
e1bc76a0d3d207ba54a70fde9ab56e8218b29ca339378b5be28ce04c1ba7dfe6
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b4e090acdea72599695f2feb978d02a5d8229ed00d39defea75ae0d9b786d3
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
ef6c7c4384d8bbc8e9aa08be7e1be0cc16f8baf8a625c317a259e714032c4302
efcd0d09c38ef9a99c79404c3b058f5dbb3c6cc3d9d389fa2b43aeac52223c45
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd8ec13abd590c0b23fd08969dbc5458d4e812c8b00c9a9ac44baa56ab8764db

deluxebucks.net Open in urlscan Pro 107.21.105.88 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

99 %HTTPS

43 %IPv6

17 Domains

23 Subdomains

24 IPs

4 Countries

1366 kBTransfer

3171 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

deluxebucks.net Open in urlscan Pro
107.21.105.88 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

99 %
HTTPS

43 %
IPv6

17
Domains

23
Subdomains

24
IPs

4
Countries

1366 kB
Transfer

3171 kB
Size

12
Cookies

81 HTTP transactions
1 data transactions