urlscan.io logo urlscan.io
SecurityTrails logo

zoombucks.com Open in urlscan Pro
172.67.72.57  Public Scan

Go To Rescan Add Verdict Report
URL: https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2...
Submission: On June 05 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 44 HTTP transactions. The main IP is 172.67.72.57, located in United States and belongs to CLOUDFLARENET, US. The main domain is zoombucks.com.
TLS certificate: Issued by GTS CA 1P5 on May 27th 2024. Valid for: 3 months.
This is the only time zoombucks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    172.67.72.57 (United States)

ASN13335 (CLOUDFLARENET, US)
zoombucks.com
api.zoombucks.com
www.zoombucks.com
cdn.zoombucks.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.66.192.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-102.muc50.r.cloudfront.net
widget.trustpilot.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.192.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-58.muc50.r.cloudfront.net
widget.trustpilot.com
2    104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)
onesignal.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c02::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
25 zoombucks.com
zoombucks.com
api.zoombucks.com
www.zoombucks.com
cdn.zoombucks.com
896 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
81 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
71 KB
2 onesignal.com
onesignal.com — Cisco Umbrella Rank: 1605
6 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
176 KB
2 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5902
7 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
2 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2406
252 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1009
7 KB
1 google.com
accounts.google.com — Cisco Umbrella Rank: 40
83 KB
44 11
Domain Requested by
15 zoombucks.com 1 redirects zoombucks.com
www.zoombucks.com
5 cdn.zoombucks.com
4 api.zoombucks.com zoombucks.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.gstatic.com www.zoombucks.com
2 www.facebook.com
2 connect.facebook.net zoombucks.com
connect.facebook.net
2 onesignal.com zoombucks.com
2 www.googletagmanager.com zoombucks.com
www.googletagmanager.com
2 widget.trustpilot.com zoombucks.com
widget.trustpilot.com
2 fonts.googleapis.com zoombucks.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.zoombucks.com zoombucks.com
1 static.cloudflareinsights.com www.googletagmanager.com
1 accounts.google.com zoombucks.com
44 15

This site contains links to these domains. Also see Links.

Domain
zoombucks.zendesk.com
www.facebook.com
twitter.com
grabpoints.com
gcloot.com
Subject Issuer Validity Valid
zoombucks.com
GTS CA 1P5		 2024-05-27 -
2024-08-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.trustpilot.com
Amazon RSA 2048 M03		 2024-01-03 -
2025-01-31		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
onesignal.com
E1		 2024-04-21 -
2024-07-20		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-14 -
2024-06-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Frame ID: 207F3CAEBA78FFA264067AB25A15C6E8
Requests: 39 HTTP requests in this frame

Frame: https://zoombucks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
Frame ID: D774743A60A55AD8F62C3895AA502729
Requests: 3 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5d9312b397c28400015e1c71
Frame ID: BE62BE823D4C6CB5648CE86E9ABA1788
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Earn Free Gift Cards and Cash Online - ZoomBucks

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

44
Requests

98 %
HTTPS

69 %
IPv6

11
Domains

15
Subdomains

14
IPs

4
Countries

1332 kB
Transfer

4482 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://zoombucks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://zoombucks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zoombucks.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9939278409acd80a30ed7ee54abb93ca58199043792f9060a2389c65a1f67419

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-apo-via
origin,page-rules
cf-cache-status
BYPASS
cf-ray
88ecbf1adf5b9256-FRA
content-encoding
br
content-type
text/html
date
Wed, 05 Jun 2024 02:31:27 GMT
last-modified
Tue, 28 May 2024 03:26:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ui%2Bl2c10CxRp9HQKLoaTzijmaW6n7VI9ieXYuVCIcVpAb%2FTzhD71BuAWH0ZToIyKfWox8sXcc3ZD6Oii2DVpHIfsWV8BjLXupwVsW0qSj%2FbWJJ7anJj6zMDckC%2Bde6g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		21 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&&display=swap
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Jun 2024 02:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 01:02:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jun 2024 02:31:27 GMT
css2
fonts.googleapis.com/ 		7 KB
962 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&&display=swap
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
620ec7947095b6f875ce7694812120d60ef68ae4d44a9762a4b370a42b8d06ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Jun 2024 02:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 01:14:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jun 2024 02:31:27 GMT
index-Zeds7N-2.css
zoombucks.com/assets/ 		50 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zoombucks.com/assets/index-Zeds7N-2.css
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
271e6524c237ea0cde413d24b2c6e8c3559c971faf9ddd339d151381f527cda2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Origin
https://zoombucks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 28 May 2024 03:26:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c8d0-6197b322b83d5-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OTu2J92AkJZPNQL%2FJKK%2BTPBxYrM01ZmXuHTNcdCC3J1BxdkIenm7AxcvoX8L%2BnfHA0XPkh1bcHaw2YNN8WHxNdW6f5v4fHqmUCgBg%2FV2ryIGUwCk%2BsInVvkClXaFB9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
accept-ranges
bytes
cf-ray
88ecbf1d282d9256-FRA
alt-svc
h3=":443"; ma=86400
content-length
27639
rocket-loader.min.js
zoombucks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zoombucks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 May 2024 15:04:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6650ac81-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xg5LFV631%2FMcMV8rnXh%2Bkiz9LC9zGST8G4spDTl4ijwERFzQmfNi3xo4Up6SfJ%2F9NGyRqCRNbZJuDegVJOiavNWz27jPJKmyA4aGsYZM5wnyooyS9wz8YDTPw06ZzEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
88ecbf1d38399256-FRA
expires
Fri, 07 Jun 2024 02:31:27 GMT
index-DF8BSCSI.js
zoombucks.com/assets/ 		3 MB
604 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zoombucks.com/assets/index-DF8BSCSI.js
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dd1a59a108aa45041858e0e418e829b5a983e2d814dff1d729c62937e8a32ba

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Origin
https://zoombucks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 28 May 2024 03:26:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2969c4-6197b3269f43b-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YY5r2W3Dz2%2Bnbn%2BnZbB8VEt9sABfdkKYlIkh3dDE8h8MzUQqpjUZb24%2BlSTDVLCnDIcNQB%2FExdPKhqR%2Fh2a5vFMTZZjPtQ2GKYrI5UNOvAOafoe4dzmpM2tUuYZOw4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
accept-ranges
bytes
cf-ray
88ecbf2199a29256-FRA
alt-svc
h3=":443"; ma=86400
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-102.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 01:37:57 GMT
content-encoding
gzip
via
1.1 6ef87569c26a159f552948d3c30a2be0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P1
age
3212
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6759
x-xss-protection
1; mode=block
last-modified
Thu, 26 Oct 2023 12:27:20 GMT
server
AmazonS3
etag
"15864ce88fa79a3e954417d0c3396798"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
yansumegTV2fqj48OC5Ec1XrB_tPd1p69uhYx5JKvW7luYOSfH2TIA==
main.js
zoombucks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/ Frame D774
Redirect Chain
  • https://zoombucks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://zoombucks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zoombucks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
Protocol
H3
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd5614f429a9dfb4e497e119718b3993cfd32d2b246a0de707fdd78d886a6f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 05 Jun 2024 02:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MT1rMblX%2BXaWaFDHzrJbPYzztvN9yb2gSHotLDxST%2FUV3ocscfQd8BMDu%2Fa8AFD0EWYsdFRtsUHiZP4BAZkNLDi0jAKES1kGfLZ%2BASaG4KRrghfKYiPopk76RNAxsKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
88ecbf21d9c59256-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 05 Jun 2024 02:31:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w8fxghU4cqbmh2eOBy0bn7L81TQ61wVYzew%2Fdkwmdci8WAZGO3M1af7WpIEcp98rOawp2BkGitgtFGJtfeVwgrD53Ph45cRgxs%2FIFgBHX4q0gq5VhbmBZj%2BvaM1ITlg%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
88ecbf2199a39256-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
zoombucks.com/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zoombucks.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0049181f8482158c6c2f09b7ea10cd1bce450ac82c4a3310ef5c75b39473716

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 28 May 2024 03:26:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3aee-6197b31d322cd"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHYAOFDmZgk4R4oRaiOxMjnlorzY1n8BkO6QeBgzVssyrbO0oEWSF6pWVpL82Ckmie5kY7kgGr849KvT4cEpo8jcXM%2BMPPpqaPLP%2B706%2B3y5FjQRg8M0BM0qTtykmKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cf-ray
88ecbf2199a59256-FRA
alt-svc
h3=":443"; ma=86400
88ecbf1adf5b9256
zoombucks.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D774 		0
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zoombucks.com/cdn-cgi/challenge-platform/h/g/jsd/r/88ecbf1adf5b9256
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jun 2024 02:31:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bODLka4%2BZ5XoQ1q4G01SmIGtsH8X8xl0Fa0WYJFAbRImRNKHIZFQlhrCHuq%2FAGl%2BQT8mMIKZoWt6LrwoaYUUDLAb5AJDkckHNsbBJNpdkOldJ17iwoopag2M3462y94%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
88ecbf2269f49256-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
gtm.js
www.googletagmanager.com/ 		208 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGGC37Z&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1c77e291605104bd7ac89a3755fb13c89c6b7c267d14fbbd4670cc0c2523333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75284
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Jun 2024 02:31:29 GMT
index.html
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame BE62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=5d9312b397c28400015e1c71
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-58.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://zoombucks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
84229
cache-control
max-age=86400
content-encoding
gzip
content-length
2030
content-type
text/html
date
Tue, 04 Jun 2024 03:07:41 GMT
etag
"0bed8f219278d79878d48af3082f466e"
last-modified
Mon, 08 May 2023 11:47:08 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
x-amz-cf-id
qJG5J8wxPeYMACOLV85v-KlGYArafpHVED_z7t1olCCVK8Ai34gplw==
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
notifications
onesignal.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/notifications?app_id=22f5cf6d-d954-45cd-899c-be2211463eec
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://zoombucks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, SDK-Version, Content-Type, Accept, Authorization
access-control-allow-methods
POST,PUT,DELETE,GET,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
DYNAMIC
cf-ray
88ecbf295e532675-TXL
date
Wed, 05 Jun 2024 02:31:29 GMT
expires
86400
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
feeds
api.zoombucks.com/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.zoombucks.com/public/feeds?countryFilterType=ALL&page=1&pageSize=60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-device-os-id,x-device-time-zone
Access-Control-Request-Method
GET
Origin
https://zoombucks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, x-device-os-id, x-device-time-zone
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://zoombucks.com
access-control-expose-headers
X-GP-Access-Token
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88ecbf299dc61c6d-FRA
content-length
0
date
Wed, 05 Jun 2024 02:31:29 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2FgqXL0FuAszoor3kBOcVzF%2FcdVkeOwJxAjE0GJFB2S%2Bw6gP8w68uvnqIqxAk2QcxR7Vo2Wyf%2BTRVHtnty9VDwj0AhYofwXbrQOJrSGWamIZQy4S%2F4muGi7odqD6mk0UWdAz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://zoombucks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:13:54 GMT
x-content-type-options
nosniff
age
44255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:13:54 GMT
client
accounts.google.com/gsi/ 		218 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/assets/index-DF8BSCSI.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
050d7bee6e462624b98dc07ed9bc787f5274a2a0557c15a96866460061405231
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Nqry_IGINdNEwfcnG8SDnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:29 GMT
content-security-policy
script-src 'report-sample' 'nonce-Nqry_IGINdNEwfcnG8SDnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 05 Jun 2024 02:31:29 GMT
howItWorks1-dyC9OXPq.png
zoombucks.com/assets/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zoombucks.com/assets/howItWorks1-dyC9OXPq.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93ccc885dbbce5ca213b35a74bfd535bb64aad2380415729478a97e80dc437

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:29 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 28 May 2024 03:26:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"bf3e-6197b32c11cc2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1CeTH5DQhZ1ILDUV6BPwAqEAcgVeAlwRrvJVsIPNoTEleoacvDObJGEY0AVkAeSLBuTyb31JAfPe1a9Awi%2BfWV4JZFlACdkdQxpiTgnFc1bsEkpbQz5RjyL8hNwQ0Yg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
88ecbf293d559256-FRA
alt-svc
h3=":443"; ma=86400
content-length
48958
howItWorks2-jUarpzjM.png
zoombucks.com/assets/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zoombucks.com/assets/howItWorks2-jUarpzjM.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c308bab6aa0885211c988b99198dcaa059797e58cb8398b60498384a30a4aa02

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:29 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 28 May 2024 03:26:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"127a1-6197b31e4784f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cir49y%2BCh1CVN6v79N%2BB8AJ%2BA2%2BOf5gzej8L6g6PWmgj%2BTpqVP9nMYyNssB%2BJ%2BzIJ1CIKFDRIY9FB%2FNMmQLZJdNj33tYh0q78dXZN8G2lsQ%2Bzd8o3mHapIgI%2F%2Brzm%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
88ecbf293d569256-FRA
alt-svc
h3=":443"; ma=86400
content-length
75681
howItWorks3-aUcTfRd5.png
zoombucks.com/assets/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zoombucks.com/assets/howItWorks3-aUcTfRd5.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f89c3595f01610b51cea78c3d924bc9eadd0620c840fc9f5da393cc00ce0805

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:29 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 28 May 2024 03:26:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f052-6197b321cddd4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBiV%2BpEx58Mb5fQfLC0ga6VKv33YhI%2B8RTOiUZHu82I2UOY9NlRCCn9WmDNcC3xfo5gRVDT8IqtOaTz1oZUAoKhXy9Wi9u8Vyvg2q%2BriIeUx6pzX67vakpBJGZB%2FFMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
88ecbf293d589256-FRA
alt-svc
h3=":443"; ma=86400
content-length
61522
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58d0b9c75fc38810196b428f7e5bcef1eb5522051d091b56c7cae0471d152171

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef420e2d2fcc4f1e7338066c781bb7db9c112b43cd9119eb8e632570d7657955

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
de.json
zoombucks.com/localization/ 		65 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zoombucks.com/localization/de.json
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/assets/index-DF8BSCSI.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c83fa2521c14853fafc1d6504fdda5718335b85e22c27e439e22df96f58adc6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:29 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 08 May 2024 06:42:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"104c4-617eb9a84039b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILdtU0KrTZynNq%2Fcm6tiLiNvl%2F3hFdbfn9IjCNM7%2FjtmdJeeDW1Tbn0MJx1CxYczh4GrHY%2BQkiYSaK4DEUNhmOv2yR0GMgYbc7lAYFIt0cgEZw2WsdfSG5fsnA0mLD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-apo-via
origin,page-rules
cf-ray
88ecbf294d5a9256-FRA
alt-svc
h3=":443"; ma=86400
notifications
onesignal.com/api/v1/ 		85 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/notifications?app_id=22f5cf6d-d954-45cd-899c-be2211463eec
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/assets/index-DF8BSCSI.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64fed18e3b73b8c52a98d62c11e543df1fbc5449ec485fc7ef759b31078a4bb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Basic MWIwYTQ0NDktZDVhNy00NWRiLWE2M2QtYWM0YTM0YjIzYjI1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
d5bc8a7c-1fa7-492b-afce-ba66d21ed3cd
x-runtime
0.830212
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"64fed18e3b73b8c52a98d62c11e543df"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
88ecbf29cee92675-TXL
access-control-allow-headers
SDK-Version
feeds
api.zoombucks.com/public/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.zoombucks.com/public/feeds?countryFilterType=ALL&page=1&pageSize=60
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/assets/index-DF8BSCSI.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7ff75e18355bc848d92884b740258943e53e877ed057f710aad53725ef64780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/vnd-v4.0+json
Referer
https://zoombucks.com/
x-device-os-id
5c5eec80-9916-40ad-956b-17567bff0d00
x-device-time-zone
Europe/Berlin
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://zoombucks.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R4%2Bn32gnIBC%2BoAvuehL%2B9MnX5Wll0YGnD%2BMJPiKM012olkgfRLoiOLxYMqM9%2FaR7IrcA%2BZR%2BU%2FdnOyRSnId4gPNxgk3qNo9DJ7DUPQqyv7Wv34wCy93Pk%2BKKvfin5z46p2a4"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-GP-Access-Token
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cf-apo-via
origin,host
cf-ray
88ecbf2c8f281c6d-FRA
expires
0
country.php
zoombucks.com/ 		2 B
448 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zoombucks.com/country.php
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/assets/index-DF8BSCSI.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f031b70a2653be44af3a20aa33ad0f35d8a256046c108cfcaa3480988b4b383b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:29 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2FGLE8c%2F5axGzYgn6Chy6P51NEZCO53YwLf0A5dM5E27ONrbwD7d5MsnbLdCgr4yGv5MBS5iwHtrdcAOmiByETUxcx3Xo6cQl2yIVqxLsVRIfFhY5xwGG%2BzY1fIBzSQ%3D"}],"group":"cf-nel","max_age":604800}
cf-apo-via
origin,page-rules
cf-ray
88ecbf294d5c9256-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
88ecbf1adf5b9256
zoombucks.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D774 		0
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zoombucks.com/cdn-cgi/challenge-platform/h/g/jsd/r/88ecbf1adf5b9256
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jun 2024 02:31:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FCe9UpSGAR5V7MDO1FhrUpRo2IRsmWGrZPcpy1hsiKAjjKsVotS%2BOnP7oOSsw%2BRve4rhZFakk%2Bz%2Bb542FiyqOh7ue3qbu9FLKotdW18%2FzX36rekBxycmE6jq0e4HPs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
88ecbf298d749256-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
js
www.googletagmanager.com/gtag/ 		311 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-70KF0Z56LX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGGC37Z&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
394104ce981529b182f7ccb98cc2e595a7c19cc9f3bd36d34746e000be0c1323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104765
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 05 Jun 2024 02:31:29 GMT
beacon.min.js
static.cloudflareinsights.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGGC37Z&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642aff235fab8d0f59d68d579d67cb9657fcae53e7cf555fb025a20ed78a6e3b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:29 GMT
content-encoding
gzip
last-modified
Mon, 03 Jun 2024 22:09:07 GMT
server
cloudflare
etag
W/"2024.6.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88ecbf2a6e812685-TXL
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 05 Jun 2024 02:31:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1368, tbw=2778, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
iaQxW1YfYt5gKw5qTeNSqAfbqFNAtO+GbH/6Fq3MQ5tyHK8n08Os8lBPGSvmF8/w3cocFr1rt5wI8FSpp77K2A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
notifications.js
www.zoombucks.com/notifications/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zoombucks.com/notifications/notifications.js
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28e2a3948ffa5b2052d0801c8728261d4be33c87fa8e0b2509e7ff7273f2e05a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 24 May 2024 04:19:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"206e-6192b78c43c36-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DOjYHao2i%2Fn1fDfI1XCMdF8U31pysflUyQp4ebokhm2PkAAWNpsy7EwMe5G1DwnbnIK%2FBtA88Bo7RNKJUJqE3LTZ4Xb0kuy4U5Tl3wJctYslfK9lwQ1fZKxG%2F%2BsKY2b6ABXF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
accept-ranges
bytes
cf-ray
88ecbf2a4db59256-FRA
alt-svc
h3=":443"; ma=86400
content-length
2596
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-70KF0Z56LX&gtm=45je4630v9101693382z8813106463za200zb813106463&_p=1717554689356&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1272196689.1717554690&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717554689&sct=1&seg=0&dl=https%3A%2F%2Fzoombucks.com%2F%3Futm_source%3Dadgate_2000_8_3%26utm_medium%3Doffer_wall%26utm_campaign%3D60691%26utm_term%3D31bf6ad52a4bf19fb2db0ff7bc96bf17a&dt=Earn%20Free%20Gift%20Cards%20and%20Cash%20Online%20-%20ZoomBucks&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2643
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-70KF0Z56LX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 02:31:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zoombucks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2770022993288581
connect.facebook.net/signals/config/ 		57 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2770022993288581?v=2.9.157&r=stable&domain=zoombucks.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
11b8a2bb74054c060a78da1d554d395139942ac44688d65e1416d9b8716ffc33
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 05 Jun 2024 02:31:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=62, mss=1368, tbw=63488, tp=-1, tpl=-1, uplat=106, ullat=0
pragma
public
x-fb-debug
Bnbr5lf/PsYnivy5kMyqXdyLO9MvNq1R3D2AH1Ea/Afvqv4ePGbKfjfL167rYFoug1WqDF0dQ4idruadU47SMA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2770022993288581&ev=PageView&dl=https%3A%2F%2Fzoombucks.com%2F%3Futm_source%3Dadgate_2000_8_3%26utm_medium%3Doffer_wall%26utm_campaign%3D60691%26utm_term%3D31bf6ad52a4bf19fb2db0ff7bc96bf17a&rl=&if=false&ts=1717554689935&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717554689934.47574593239696787&ler=empty&cdl=API_unavailable&it=1717554689789&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1368, tbw=2804, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 05 Jun 2024 02:31:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2770022993288581&ev=PageView&dl=https%3A%2F%2Fzoombucks.com%2F%3Futm_source%3Dadgate_2000_8_3%26utm_medium%3Doffer_wall%26utm_campaign%3D60691%26utm_term%3D31bf6ad52a4bf19fb2db0ff7bc96bf17a&rl=&if=false&ts=1717554689935&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717554689934.47574593239696787&ler=empty&cdl=API_unavailable&it=1717554689789&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x2e8d54c06eece70f","source_keys":["1","2"]},{"key_piece":"0xc9a2a2353f08cf68","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 05 Jun 2024 02:31:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=12, mss=1368, tbw=3122, tp=-1, tpl=-1, uplat=185, ullat=0
pragma
no-cache
x-fb-debug
0rqSOL+R0y+ekoER3b3q5wdxY1uBnQS8N9PF4AJqbJXVkSXTg03qndG/4PyRN8BHApWDVRTKVP54kFJkbuV5wg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
external-providers
api.zoombucks.com/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.zoombucks.com/public/external-providers?country=SE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-device-os-id,x-device-time-zone
Access-Control-Request-Method
GET
Origin
https://zoombucks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, x-device-os-id, x-device-time-zone
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://zoombucks.com
access-control-expose-headers
X-GP-Access-Token
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88ecbf2c6f1b1c6d-FRA
content-length
0
date
Wed, 05 Jun 2024 02:31:30 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbH5gsZGEC3NhGMTEf7kYtBHQR33GuKD4QOkpgO5Aq6hELTjGLkOR9oI8ru8W%2B5jV3l5XpVw7OLQxGVQOJ3%2FyyGAJq6hPWJGYrMwk%2FKOwECI4fvuh0Dpcf%2FHsNc8NP5S7ApR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
external-providers
api.zoombucks.com/public/ 		10 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.zoombucks.com/public/external-providers?country=SE
Requested by
Host: zoombucks.com
URL: https://zoombucks.com/assets/index-DF8BSCSI.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea7376d9a678ca98997b4b1ff924846a1b69b2bd00276b3185450a3fbeaa60e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/vnd-v4.0+json
Referer
https://zoombucks.com/
x-device-os-id
5c5eec80-9916-40ad-956b-17567bff0d00
x-device-time-zone
Europe/Berlin
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 05 Jun 2024 00:42:57 GMT
server
cloudflare
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://zoombucks.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fE4kh5XTgeOkuIKTEAex9NuQcP2qAshB5adV0loq1hJ%2BwdrcFqgBakuoLIc12%2FvMPv%2BS%2Fk6p%2Bck5Tbfr7au7k6CllBuvfAV4QYDd48JYGfDrzvCpDqZSzEST8S7Lhyc8no9m"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-GP-Access-Token
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cf-apo-via
origin,host
cf-ray
88ecbf2d5fbc1c6d-FRA
expires
0
notification.css
zoombucks.com/notifications/ 		140 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zoombucks.com/notifications/notification.css
Requested by
Host: www.zoombucks.com
URL: https://www.zoombucks.com/notifications/notifications.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8f79a88c2cc10713f850a7870c28a1a45eaf8bd4f9436c3cf101ea1b0c5fda6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/?utm_source=adgate_2000_8_3&utm_medium=offer_wall&utm_campaign=60691&utm_term=31bf6ad52a4bf19fb2db0ff7bc96bf17a
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 07 May 2024 22:17:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"22f6d-617e48bd8f34d-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dcuDCvkwhoYNqPhR1OTCfhUkTwY7wsp2wAltC5Y3KYoI8Hk8krwTWkt87SCQotNQV3sUVfg7f%2FexBkC%2FYGRI3E4eKG2zhFAqD5ElaUBJpIwj8k46EoPronUy4ZoOt5A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
accept-ranges
bytes
cf-ray
88ecbf2c9e6d9256-FRA
alt-svc
h3=":443"; ma=86400
content-length
15223
firebase-app-compat.js
www.gstatic.com/firebasejs/9.14.0/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.14.0/firebase-app-compat.js
Requested by
Host: www.zoombucks.com
URL: https://www.zoombucks.com/notifications/notifications.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5fb8b16bdde8ce10a5a4752712afa6297caf8f1931c6084c978e9353324ed3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9248
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 20:59:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Jun 2025 14:19:59 GMT
firebase-messaging-compat.js
www.gstatic.com/firebasejs/9.14.0/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.14.0/firebase-messaging-compat.js
Requested by
Host: www.zoombucks.com
URL: https://www.zoombucks.com/notifications/notifications.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f23ce1a7d60010ff1aeef2303eb563a5b5987897ed906ff55180620fddd9d97d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9930
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 21:00:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Jun 2025 14:19:47 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://zoombucks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:12:22 GMT
x-content-type-options
nosniff
age
44348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:12:22 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://zoombucks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:39:01 GMT
x-content-type-options
nosniff
age
42749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:39:01 GMT
458ea4abaf0c96902075a0fdb3a1df33.jpg
cdn.zoombucks.com/zb/prod/eop_images/4/5/8/e/a/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zoombucks.com/zb/prod/eop_images/4/5/8/e/a/458ea4abaf0c96902075a0fdb3a1df33.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee156a482f99edf8521f13f58fd311afd1554be21caa7b7d6b915be716edc5f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
686971
cf-polished
origFmt=png, origSize=17049
content-disposition
inline; filename="458ea4abaf0c96902075a0fdb3a1df33.webp"
alt-svc
h3=":443"; ma=86400
content-length
9466
cf-bgj
imgq:100,h2pri
last-modified
Thu, 15 Feb 2024 05:27:23 GMT
server
cloudflare
etag
"2931bd1ff-4299-61164e1cd64c0"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KuEc%2BdSIbMaXm2c%2Fib34VbHQgXQvjhsNUKVPUj3TEfa7BrLyWY28bmrA2Msj4XObH%2FBmMJiL8gtSXJifaoroYUIX8CF0x%2FBrvCV%2FMqIuIF4Y%2BVorlWl9rGStobgMpMtvl%2Fzj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=10674293
x-cdn-diag
fra1-11014-1-2936-h-0-0---;11028-1-518083----0-0-1
accept-ranges
bytes
cf-ray
88ecbf304f849256-FRA
expires
Tue, 30 Jul 2024 06:28:58 GMT
9047367cdda2420cbc304ce0982f025d.jpg
cdn.zoombucks.com/zb/prod/eop_images/9/0/4/7/3/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zoombucks.com/zb/prod/eop_images/9/0/4/7/3/9047367cdda2420cbc304ce0982f025d.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb3cd2d2c81155c3f745e3217c197bb2615db0356e3b5a86dd50b01325c6edda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
687448
cf-polished
origFmt=png, origSize=9229
content-disposition
inline; filename="9047367cdda2420cbc304ce0982f025d.webp"
alt-svc
h3=":443"; ma=86400
content-length
3448
cf-bgj
imgq:100,h2pri
last-modified
Thu, 15 Feb 2024 05:22:45 GMT
server
cloudflare
etag
"2931bd1f3-240d-61164d13b7340"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PajJjHWhD4wLADknRj3WrxRAzE9EMPuj%2BmE65BPj2vlX8Vhxm3gikajxEU32Z7k%2B8zzbfOJ8W0wUpDTvaQgrU42DSmpCivAawy2E9MQ0SSfIEFkYUohatwSEbZvACMT0vgbK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=10606821
x-cdn-diag
fra1-11028-3-452592-h-0-0---;11015-1-32315----0-0-1
accept-ranges
bytes
cf-ray
88ecbf304f839256-FRA
expires
Wed, 28 Aug 2024 22:29:39 GMT
d5beaa9b94a73c9e924c813805127a82.jpg
cdn.zoombucks.com/zb/prod/eop_images/d/5/b/e/a/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zoombucks.com/zb/prod/eop_images/d/5/b/e/a/d5beaa9b94a73c9e924c813805127a82.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
467569ca4d55c9a8c8f1789909d43b65fe8a3c46ffbb9c54ec82ecc1ea50e874

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
687448
cf-polished
origFmt=png, origSize=15592
content-disposition
inline; filename="d5beaa9b94a73c9e924c813805127a82.webp"
alt-svc
h3=":443"; ma=86400
content-length
8348
cf-bgj
imgq:100,h2pri
last-modified
Thu, 15 Feb 2024 05:23:40 GMT
server
cloudflare
etag
"2931bd1f8-3ce8-61164d482af00"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NFyX1JU%2FJq%2BDvNW8n98tt1SxXmrYi%2FQuVoOvBxJ7XmfrX0%2FdgP4Sia44RaoRMsMGHyn6nPPFEHftbiPTUqjpA6FxL7jdjpQ96uT%2B1V4BCjiZ9%2Fhe5Q43CfYl5sU5vK2wXJDv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=10653471
x-cdn-diag
fra1-11014-1-2924-h-0-0---;11015-1-32315----0-0-1
accept-ranges
bytes
cf-ray
88ecbf304f809256-FRA
expires
Tue, 27 Aug 2024 01:15:49 GMT
41ef4c7b38b22c8db6b268d9745c771b.jpg
cdn.zoombucks.com/zb/prod/eop_images/4/1/e/f/4/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zoombucks.com/zb/prod/eop_images/4/1/e/f/4/41ef4c7b38b22c8db6b268d9745c771b.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed1a041bd400f4a401c560bfcaa0093ee45ed988e9e11c510a60e0312fc6f98c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
531544
cf-polished
origFmt=png, origSize=4452
content-disposition
inline; filename="41ef4c7b38b22c8db6b268d9745c771b.webp"
alt-svc
h3=":443"; ma=86400
content-length
1220
cf-bgj
imgq:100,h2pri
last-modified
Thu, 15 Feb 2024 05:17:32 GMT
server
cloudflare
etag
"295605936-1164-61164be937300"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rju3XF2GrwVTKM9kknowTbDfR7cCRqWuJOtCzGPQSTRxgSMzADAfP%2FZTX9mBpQNx1YXoxee9QgQ361rcwhOUzLFC0gARrDLkcwCmztfvm2MPEP9gaqfK2fw4U4mzexLL1v8m"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=10516353
x-cdn-diag
fra1-11014-1-2924-h-0-0---;11015-1-32315----0-0-1
accept-ranges
bytes
cf-ray
88ecbf304f829256-FRA
expires
Tue, 27 Aug 2024 21:17:58 GMT
refer-a-friend-3-new.png
cdn.zoombucks.com/zb/prod/misc/ 		574 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zoombucks.com/zb/prod/misc/refer-a-friend-3-new.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d738a2c58b30c5ab0ec6552d1ab143313a41b1a94da131b92cb5cf967a81d3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://zoombucks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 02:31:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
677886
cf-polished
origFmt=png, origSize=1718
content-disposition
inline; filename="refer-a-friend-3-new.webp"
alt-svc
h3=":443"; ma=86400
content-length
574
cf-bgj
imgq:100,h2pri
last-modified
Tue, 20 Feb 2024 07:45:32 GMT
server
cloudflare
etag
"2919f36eb-6b6-611cb65125f00"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhUqWGotYMhuVXtuTIvkBQ%2BHMet8FqoC3B0FuIGJIUGnMYVSjRMgwo8X8ju8scWYFkQY9yX6jvE9XjKTviC4WP0dUCysHjUZCOqIoC8tOlHen0C5ptBJDg8V%2FJgzqtA4KeSB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=10746819
x-cdn-diag
fra1-11014-1-2927-m-0-0-200-0.008--;11015-1-32315----0-0-8
accept-ranges
bytes
cf-ray
88ecbf304f819256-FRA
expires
Sun, 28 Jul 2024 04:47:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| __cfQR boolean| __cfRLUnblockHandlers object| Trustpilot object| dataLayer string| globalCountryAbbreviation object| globalUserId object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| default_gsi object| _F_toggles object| google object| __cfBeacon function| onYouTubeIframeAPIReady object| gaGlobal function| loadCSS function| loadFirebase function| initializeFirebase function| setupForegroundMessaging function| displayCustomNotification function| setupMessaging function| handleIncomingMessage function| createNotificationDialog function| getAndSendToken function| sendTokenToServer function| registerServiceWorker object| firebase

8 Cookies

Domain/Path Name / Value
zoombucks.com/ Name: RNLBSERVERID
Value: ded4911
.zoombucks.com/ Name: _gp_track_origin
Value: https%3A%2F%2Fzoombucks.com%2F%3Futm_source%3Dadgate_2000_8_3%26utm_medium%3Doffer_wall%26utm_campaign%3D60691%26utm_term%3D31bf6ad52a4bf19fb2db0ff7bc96bf17a
.zoombucks.com/ Name: _gp_encoded_query
Value: utm_source%3Dadgate_2000_8_3%26utm_medium%3Doffer_wall%26utm_campaign%3D60691%26utm_term%3D31bf6ad52a4bf19fb2db0ff7bc96bf17a
.zoombucks.com/ Name: cf_clearance
Value: Xym2Li0nF_YW9.Vupmqw5dZO.iPeISd4pMimLMFKgyg-1717554689-1.0.1.1-Lao_OB.fqnUZYUhopcCBJVFkqLFNYkvf54QEiGHYSJUCAwwwdycs0C7qhiPQaUafpfa7Pxfzf8qo2zh2XYsPNg
.zoombucks.com/ Name: _ga
Value: GA1.1.1272196689.1717554690
.zoombucks.com/ Name: _ga_70KF0Z56LX
Value: GS1.1.1717554689.1.1.1717554689.0.0.0
.zoombucks.com/ Name: _fbp
Value: fb.1.1717554689934.47574593239696787
www.zoombucks.com/ Name: RNLBSERVERID
Value: ded4911

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.zoombucks.com
cdn.zoombucks.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
onesignal.com
region1.google-analytics.com
static.cloudflareinsights.com
widget.trustpilot.com
www.facebook.com
www.googletagmanager.com
www.gstatic.com
www.zoombucks.com
zoombucks.com
104.17.111.223
172.67.72.57
18.66.192.102
18.66.192.58
2001:4860:4802:34::36
2606:4700::6810:5049
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c02::54
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
050d7bee6e462624b98dc07ed9bc787f5274a2a0557c15a96866460061405231
11b8a2bb74054c060a78da1d554d395139942ac44688d65e1416d9b8716ffc33
271e6524c237ea0cde413d24b2c6e8c3559c971faf9ddd339d151381f527cda2
28e2a3948ffa5b2052d0801c8728261d4be33c87fa8e0b2509e7ff7273f2e05a
394104ce981529b182f7ccb98cc2e595a7c19cc9f3bd36d34746e000be0c1323
3fd5614f429a9dfb4e497e119718b3993cfd32d2b246a0de707fdd78d886a6f3
467569ca4d55c9a8c8f1789909d43b65fe8a3c46ffbb9c54ec82ecc1ea50e874
58d0b9c75fc38810196b428f7e5bcef1eb5522051d091b56c7cae0471d152171
5c93ccc885dbbce5ca213b35a74bfd535bb64aad2380415729478a97e80dc437
620ec7947095b6f875ce7694812120d60ef68ae4d44a9762a4b370a42b8d06ad
642aff235fab8d0f59d68d579d67cb9657fcae53e7cf555fb025a20ed78a6e3b
64fed18e3b73b8c52a98d62c11e543df1fbc5449ec485fc7ef759b31078a4bb1
6dd1a59a108aa45041858e0e418e829b5a983e2d814dff1d729c62937e8a32ba
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8c83fa2521c14853fafc1d6504fdda5718335b85e22c27e439e22df96f58adc6
8f89c3595f01610b51cea78c3d924bc9eadd0620c840fc9f5da393cc00ce0805
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9939278409acd80a30ed7ee54abb93ca58199043792f9060a2389c65a1f67419
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b0049181f8482158c6c2f09b7ea10cd1bce450ac82c4a3310ef5c75b39473716
b2d738a2c58b30c5ab0ec6552d1ab143313a41b1a94da131b92cb5cf967a81d3
c1c77e291605104bd7ac89a3755fb13c89c6b7c267d14fbbd4670cc0c2523333
c308bab6aa0885211c988b99198dcaa059797e58cb8398b60498384a30a4aa02
c7ff75e18355bc848d92884b740258943e53e877ed057f710aad53725ef64780
cb3cd2d2c81155c3f745e3217c197bb2615db0356e3b5a86dd50b01325c6edda
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7376d9a678ca98997b4b1ff924846a1b69b2bd00276b3185450a3fbeaa60e8
ed1a041bd400f4a401c560bfcaa0093ee45ed988e9e11c510a60e0312fc6f98c
eee156a482f99edf8521f13f58fd311afd1554be21caa7b7d6b915be716edc5f
ef420e2d2fcc4f1e7338066c781bb7db9c112b43cd9119eb8e632570d7657955
f031b70a2653be44af3a20aa33ad0f35d8a256046c108cfcaa3480988b4b383b
f23ce1a7d60010ff1aeef2303eb563a5b5987897ed906ff55180620fddd9d97d
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5fb8b16bdde8ce10a5a4752712afa6297caf8f1931c6084c978e9353324ed3a
f8f79a88c2cc10713f850a7870c28a1a45eaf8bd4f9436c3cf101ea1b0c5fda6