earnme.club Open in urlscan Pro
157.90.71.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tnlink.in/wMKxLTv
Effective URL:
https://earnme.club/zeb-monk-from-zebronics/
Submission: On November 27 via manual (November 27th 2022, 7:33:15 am UTC) from IN — Scanned from DE

Summary HTTP 842 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 97 IPs in 12 countries across 78 domains to perform 842 HTTP transactions. The main IP is 157.90.71.190, located in Germany and belongs to HETZNER-AS, DE. The main domain is earnme.club.
TLS certificate: Issued by R3 on October 25th 2022. Valid for: 3 months.

This is the only time earnme.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 16	157.90.71.190 157.90.71.190	24940 (HETZNER-AS) (HETZNER-AS)
2 14	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.121.60 13.32.121.60	16509 (AMAZON-02) (AMAZON-02)
31	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:b::210:f1d7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
48	143.204.89.72 143.204.89.72	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	192.241.157.60 192.241.157.60	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:3c00:11:1ed0:3900:21	16509 (AMAZON-02) (AMAZON-02)
1	104.79.89.16 104.79.89.16	16625 (AKAMAI-AS) (AKAMAI-AS)
45	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
14	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	185.89.208.11 185.89.208.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 7	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1 48	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
46	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.196.227.91 18.196.227.91	16509 (AMAZON-02) (AMAZON-02)
1 2	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
48	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:b::210:f1d2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.206.200.5 52.206.200.5	14618 (AMAZON-AES) (AMAZON-AES)
1 3	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
72	81.17.55.99 81.17.55.99	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
45	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
45	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	162.55.101.208 162.55.101.208	24940 (HETZNER-AS) (HETZNER-AS)
1	52.217.236.17 52.217.236.17	16509 (AMAZON-02) (AMAZON-02)
1	52.222.247.205 52.222.247.205	16509 (AMAZON-02) (AMAZON-02)
31	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
83	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:a19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1e0... 2400:52e0:1e00::1053:1	200325 (BUNNYCDN) (BUNNYCDN)
1	52.44.35.90 52.44.35.90	14618 (AMAZON-AES) (AMAZON-AES)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	185.172.90.251 185.172.90.251	49981 (WORLDSTREAM) (WORLDSTREAM)
1	3.66.127.67 3.66.127.67	16509 (AMAZON-02) (AMAZON-02)
17	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
4	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	35.173.91.17 35.173.91.17	14618 (AMAZON-AES) (AMAZON-AES)
1	54.195.100.225 54.195.100.225	16509 (AMAZON-02) (AMAZON-02)
2	35.163.64.21 35.163.64.21	16509 (AMAZON-02) (AMAZON-02)
2	52.19.187.82 52.19.187.82	16509 (AMAZON-02) (AMAZON-02)
3	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
20	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.34.9.17 52.34.9.17	16509 (AMAZON-02) (AMAZON-02)
1	18.189.199.42 18.189.199.42	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	138.199.37.232 138.199.37.232	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4 19	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4 4	3.69.57.55 3.69.57.55	16509 (AMAZON-02) (AMAZON-02)
2 2	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 4	35.158.8.6 35.158.8.6	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.24.69.139 52.24.69.139	16509 (AMAZON-02) (AMAZON-02)
5 10	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
5	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
2 3	23.203.81.208 23.203.81.208	16625 (AKAMAI-AS) (AKAMAI-AS)
2	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
1	18.133.50.153 18.133.50.153	16509 (AMAZON-02) (AMAZON-02)
1	46.4.250.26 46.4.250.26	24940 (HETZNER-AS) (HETZNER-AS)
1	65.9.66.110 65.9.66.110	16509 (AMAZON-02) (AMAZON-02)
1	18.172.226.34 18.172.226.34	16509 (AMAZON-02) (AMAZON-02)
3	162.55.236.224 162.55.236.224	24940 (HETZNER-AS) (HETZNER-AS)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	34.236.140.33 34.236.140.33	14618 (AMAZON-AES) (AMAZON-AES)
2	18.170.123.253 18.170.123.253	16509 (AMAZON-02) (AMAZON-02)
1	185.172.90.252 185.172.90.252	49981 (WORLDSTREAM) (WORLDSTREAM)
2 2	52.0.108.169 52.0.108.169	14618 (AMAZON-AES) (AMAZON-AES)
1	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
842	97

16 157.90.71.190 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.190.71.90.157.clients.your-server.de

tnlink.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
link.tnlink.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
earnme.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-60.fra60.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:b::210:f1d7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 143.204.89.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-72.fra50.r.cloudfront.net

flashnetic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper

cat.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.28.197 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3c00:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.89.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-16.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.89.9.252 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 37.252.171.22 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.227.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-227-91.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.234 (Schiphol, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

digikulture-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:b::210:f1d2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.200.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-200-5.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.75.89.75 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 81.17.55.99 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.55.101.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.208.101.55.162.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.236.17 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.247.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-247-205.fra60.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

excellence-prebid.sfo2.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

83 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1053:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

cdn.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.35.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-35-90.compute-1.amazonaws.com

track1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.90.251 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-plannning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.127.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-127-67.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.173.91.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-91-17.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.100.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-100-225.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.163.64.21 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-64-21.us-west-2.compute.amazonaws.com

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.187.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-187-82.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.34.9.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-9-17.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.189.199.42 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-199-42.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.199.37.232 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-232.bunnyinfra.net

streaming.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.69.57.55 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-57-55.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.158.8.6 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-8-6.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.24.69.139 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-69-139.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:1::13 (France) 5 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.203.81.208 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-81-208.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.133.50.153 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-50-153.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.250.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.26.250.4.46.clients.your-server.de

tm.simptrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-110.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.226.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-226-34.bcn50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.140.33 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-140-33.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.170.123.253 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-123-253.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.172.90.252 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net

u-ams03.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.108.169 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-108-169.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
123	googlesyndication.com df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 182 pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com	4 MB
72	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1523	24 KB
64	criteo.com 5 redirects bidder.criteo.com — Cisco Umbrella Rank: 814 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 9126 ads.eu.criteo.com — Cisco Umbrella Rank: 4506 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 5763 gum.criteo.com — Cisco Umbrella Rank: 434 mug.criteo.com — Cisco Umbrella Rank: 1897	95 KB
59	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 271 ad.doubleclick.net — Cisco Umbrella Rank: 197	768 KB
51	adnxs.com 3 redirects prebid.adnxs.com — Cisco Umbrella Rank: 2495 ib.adnxs.com — Cisco Umbrella Rank: 276 secure.adnxs.com — Cisco Umbrella Rank: 577	38 KB
48	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 607	19 KB
48	flashnetic.com flashnetic.com — Cisco Umbrella Rank: 39780	154 KB
45	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5233	8 KB
45	adform.net adx.adform.net — Cisco Umbrella Rank: 3009	18 KB
45	adpone.com hb.adpone.com — Cisco Umbrella Rank: 20659	5 MB
31	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 370	666 KB
24	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 16914 ad4m.at — Cisco Umbrella Rank: 5765 assets.ad4m.at — Cisco Umbrella Rank: 24714	691 KB
23	criteo.net static.criteo.net — Cisco Umbrella Rank: 590 pix.eu.criteo.net — Cisco Umbrella Rank: 4492 csm.eu.criteo.net — Cisco Umbrella Rank: 4579	343 KB
20	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 121	5 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	241 KB
14	yahoo.com c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1191	893 B
14	earnme.club earnme.club	180 KB
7	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 983	2 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	5 KB
6	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1318 id5-sync.com — Cisco Umbrella Rank: 554	36 KB
6	richaudience.com shb.richaudience.com — Cisco Umbrella Rank: 4073 sync.richaudience.com — Cisco Umbrella Rank: 2580	1 KB
6	google.de adservice.google.de — Cisco Umbrella Rank: 5200	1 KB
6	playstream.media tg1.playstream.media — Cisco Umbrella Rank: 34976 cdn.playstream.media — Cisco Umbrella Rank: 60945 streaming.playstream.media — Cisco Umbrella Rank: 42460	1 MB
5	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1438 id.crwdcntrl.net — Cisco Umbrella Rank: 1951 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1200	21 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	236 KB
5	bidswitch.net 3 redirects grid.bidswitch.net — Cisco Umbrella Rank: 1363 x.bidswitch.net — Cisco Umbrella Rank: 381	1 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 1118	3 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 63732 static-de.ad4mat.net — Cisco Umbrella Rank: 88290	8 KB
4	33across.com ssc.33across.com — Cisco Umbrella Rank: 3788 lexicon.33across.com — Cisco Umbrella Rank: 3151	999 B
4	openx.net digikulture-d.openx.net — Cisco Umbrella Rank: 37646 rtb.openx.net — Cisco Umbrella Rank: 1980 u.openx.net — Cisco Umbrella Rank: 978 us-u.openx.net — Cisco Umbrella Rank: 585	977 B
4	teads.tv 1 redirects a.teads.tv — Cisco Umbrella Rank: 1468 at.teads.tv — Cisco Umbrella Rank: 5031 sync.teads.tv — Cisco Umbrella Rank: 1439	4 KB
4	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 410 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 704	6 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 12452 api.webgains.io — Cisco Umbrella Rank: 39757	31 KB
3	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 10033	2 KB
3	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1370 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1757	1 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 5739 a.ad.gt — Cisco Umbrella Rank: 4711	4 KB
3	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7567 u-ams03.e-planning.net — Cisco Umbrella Rank: 54718	2 KB
3	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 11242 track1.avplayer.com — Cisco Umbrella Rank: 14653	131 KB
3	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 689 dsum.casalemedia.com — Cisco Umbrella Rank: 2031	2 KB
2	disqus.com 2 redirects ssp.disqus.com — Cisco Umbrella Rank: 2041	920 B
2	congstar.de banner.congstar.de — Cisco Umbrella Rank: 63865	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1168 s.tribalfusion.com — Cisco Umbrella Rank: 2651	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5967	645 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 472	959 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 871	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 1152	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 4274	207 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1083 r.turn.com — Cisco Umbrella Rank: 4504	869 B
2	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1193	495 B
2	cloudflare.com cloudflare.com — Cisco Umbrella Rank: 144 cdnjs.cloudflare.com — Cisco Umbrella Rank: 300	5 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1166	361 B
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 28026	88 KB
2	tnlink.in 2 redirects tnlink.in link.tnlink.in	406 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1319	500 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1021	586 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 926	191 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 40023	5 KB
1	simptrack.com tm.simptrack.com — Cisco Umbrella Rank: 82280	891 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 30797	2 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 454	265 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 876	537 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 961	426 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1886	583 B
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 3379	3 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 3158	904 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 3573	424 B
1	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1461	155 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 4857	11 KB
1	digitaloceanspaces.com excellence-prebid.sfo2.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 590892	229 KB
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 33801	448 B
1	aniview.com track1.aniview.com — Cisco Umbrella Rank: 2314	71 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1747	1 KB
1	cloudfront.net d3div1mtym39ic.cloudfront.net	44 KB
1	hbwrapper.com cat.hbwrapper.com — Cisco Umbrella Rank: 20949	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	75 KB
1	adapex.io cdn.adapex.io — Cisco Umbrella Rank: 32953	151 KB
0	rlcdn.com Failed api.rlcdn.com Failed
0	smilewanted.com Failed prebid.smilewanted.com Failed
842	78

	Domain	Requested by
83	tpc.googlesyndication.com	earnme.club df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com securepubads.g.doubleclick.net cdn.ampproject.org 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com tpc.googlesyndication.com 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com pagead2.googlesyndication.com
72	prg.smartadserver.com	hb.adpone.com
48	fastlane.rubiconproject.com	cdn.adapex.io hb.adpone.com
48	ib.adnxs.com	1 redirects cdn.adapex.io hb.adpone.com excellence-prebid.sfo2.cdn.digitaloceanspaces.com
48	flashnetic.com	earnme.club flashnetic.com
46	bidder.criteo.com	cdn.adapex.io hb.adpone.com
45	prebid-eu.creativecdn.com	hb.adpone.com
45	adx.adform.net	hb.adpone.com
45	hb.adpone.com	flashnetic.com
31	pagead2.googlesyndication.com	earnme.club securepubads.g.doubleclick.net 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com www.googletagservices.com
31	cdn.ampproject.org	securepubads.g.doubleclick.net
31	securepubads.g.doubleclick.net	earnme.club securepubads.g.doubleclick.net flashnetic.com www.googletagservices.com 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
19	cm.g.doubleclick.net	4 redirects earnme.club e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
17	static.criteo.net	cdn.adapex.io ads.eu.criteo.com securepubads.g.doubleclick.net hb.adpone.com static.criteo.net
14	c2shb.pubgw.yahoo.com	cdn.adapex.io excellence-prebid.sfo2.cdn.digitaloceanspaces.com
14	www.google.com	2 redirects earnme.club 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com tpc.googlesyndication.com 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
14	earnme.club	www.google.com earnme.club
11	fonts.gstatic.com	fonts.googleapis.com
10	gum.criteo.com	5 redirects static.criteo.net
8	assets.ad4m.at	as.ad4m.at
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	earnme.club 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com as.ad4m.at ad4m.at
7	onetag-sys.com	3 redirects cdn.adapex.io 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com earnme.club
7	fonts.googleapis.com	earnme.club securepubads.g.doubleclick.net 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com cdnjs.cloudflare.com
6	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	mug.criteo.com	earnme.club
5	googleads.g.doubleclick.net	earnme.club pagead2.googlesyndication.com 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
5	www.googletagservices.com	securepubads.g.doubleclick.net df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com earnme.club 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
4	ad.doubleclick.net	4 redirects
4	x.bidswitch.net	3 redirects earnme.club
4	pm.w55c.net	4 redirects
4	www.gstatic.com	4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
4	streaming.playstream.media	player.avplayer.com
4	pix.eu.criteo.net	ads.eu.criteo.com
4	id5-sync.com	cdn.adapex.io cdn.id5-sync.com
3	sync.richaudience.com	earnme.club hb.adpone.com
3	www.awin1.com	2 redirects as.ad4m.at
3	shb.richaudience.com	hb.adpone.com
3	ssc.33across.com	cdn.adapex.io
3	df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	ssp.disqus.com	2 redirects
2	api.webgains.io	analytics.webgains.io
2	dsum.casalemedia.com	2 redirects
2	banner.congstar.de	as.ad4m.at
2	secure.adnxs.com	2 redirects
2	sync.teads.tv	1 redirects earnme.club
2	static-de.ad4mat.net	as.ad4m.at
2	d5p.de17a.com	2 redirects
2	eb2.3lift.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	um.simpli.fi	2 redirects
2	dclk-match.dotomi.com	e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	prod-rtb.ad4mat.net	earnme.club
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com cdn.adapex.io
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	id.hadron.ad.gt	cdn.hadronid.net
2	pbjs.e-planning.net	1 redirects earnme.club
2	4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.id5-sync.com	earnme.club securepubads.g.doubleclick.net
2	tags.crwdcntrl.net	earnme.club securepubads.g.doubleclick.net
2	player.avplayer.com	tg1.playstream.media player.avplayer.com
2	prebid.a-mo.net	1 redirects cdn.adapex.io
2	region1.google-analytics.com	www.googletagmanager.com
2	htlbid.com	earnme.club
1	sync.go.sonobi.com
1	u-ams03.e-planning.net
1	us-u.openx.net	earnme.club
1	u.openx.net	earnme.club
1	sync.srv.stackadapt.com	1 redirects
1	pixel-sync.sitescout.com	earnme.club
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	tm.simptrack.com	as.ad4m.at
1	track.webgains.com	as.ad4m.at
1	rtb.openx.net	4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
1	match.adsrvr.org	4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	earnme.club
1	a.tribalfusion.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	a.ad.gt	cdn.hadronid.net
1	dsp.adfarm1.adition.com	1 redirects
1	r.turn.com	earnme.club
1	ad.turn.com	1 redirects
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	id.crwdcntrl.net	cdn.adapex.io
1	idx.liadm.com	cdn.adapex.io
1	lexicon.33across.com	cdn.adapex.io
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	btlr.sharethrough.com	excellence-prebid.sfo2.cdn.digitaloceanspaces.com
1	ads.eu.criteo.com	df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com
1	rtb.fr.eu.criteo.com	earnme.club
1	track1.avplayer.com	earnme.club
1	cdn.playstream.media	earnme.club
1	cdn.hadronid.net	earnme.club
1	excellence-prebid.sfo2.cdn.digitaloceanspaces.com	securepubads.g.doubleclick.net
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	ams-pageview-public.s3.amazonaws.com	earnme.club
1	at.teads.tv	a.teads.tv
1	track1.aniview.com	earnme.club
1	prebid.media.net	cdn.adapex.io
1	digikulture-d.openx.net	cdn.adapex.io
1	grid.bidswitch.net	cdn.adapex.io
1	htlb.casalemedia.com	cdn.adapex.io
1	prebid.adnxs.com	cdn.adapex.io
1	a.teads.tv	cdn.adapex.io
1	d3div1mtym39ic.cloudfront.net	earnme.club
1	cloudflare.com	cdn.adapex.io
1	cat.hbwrapper.com	cdn.adapex.io
1	tg1.playstream.media	earnme.club
1	www.googletagmanager.com	earnme.club
1	cdn.adapex.io	earnme.club
1	link.tnlink.in	1 redirects
1	tnlink.in	1 redirects
0	api.rlcdn.com Failed	cdn.adapex.io
0	prebid.smilewanted.com Failed	cdn.adapex.io
842	124

This site contains links to these domains. Also see Links.

Domain
wordpress.org
i
earn
rasik
usanewstoday.club
mhthemes.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.earnme.club.tnlink.in R3	`2022-10-25` - `2023-01-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
htlbid.com Amazon	`2022-10-21` - `2023-11-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
wl.aniview.com R3	`2022-11-07` - `2023-02-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
flashnetic.com Amazon	`2022-07-10` - `2023-08-08`	a year	crt.sh
cat.hbwrapper.com R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2022-05-26` - `2023-06-26`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.a-mo.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-11-11` - `2023-02-09`	3 months	crt.sh
outstreamedia.com R3	`2022-09-25` - `2022-12-24`	3 months	crt.sh
*.aniview.com Amazon	`2022-01-05` - `2023-02-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.sfo2.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-05-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.hadronid.net GTS CA 1P5	`2022-10-16` - `2023-01-14`	3 months	crt.sh
cdn.playstream.media R3	`2022-11-17` - `2023-02-15`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-10-24` - `2023-01-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.liadm.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
id.hadron.ad.gt Amazon RSA 2048 M02	`2022-10-31` - `2023-11-29`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-10-15` - `2023-01-13`	3 months	crt.sh
id.sharedid.org Amazon	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
streaming.playstream.media R3	`2022-11-17` - `2023-02-15`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
simptrack.com R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 93 frames:

Primary Page: https://earnme.club/zeb-monk-from-zebronics/
Frame ID: C37A0C50EFB37616474F01CC33D5732D
Requests: 127 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0652051752059AC34AB4634BC0F9A443
Requests: 21 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=mispvoj&e=1460279865863
Frame ID: 784E49D93C521F92537A68EC299DA1BE
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=euft&e=1460279865863
Frame ID: 0173DADEB5404B1544433DF109914F98
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=eitdcbnpj&e=1460279865863
Frame ID: 8059A7E096234F044CE10512288A245A
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=gfupmardh&e=1460279865863
Frame ID: 51D06937EF0B63B161AA4ED03A9407CC
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=umkpyzto&e=1460279865863
Frame ID: EDBA04ADC9D7D3CB752720E3451AF132
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=yvmobpg&e=1460279865863
Frame ID: A11D3DED1C45D6F700C59B3CBE7B59E8
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=jlmbcqcae&e=1460279865863
Frame ID: F7EC7F743BDBFDE9CA9E46B0EF27B42F
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=olxuugxyt&e=1460279865863
Frame ID: 14D53CA874FE5DBEF5C0CFF4458B1282
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rbfrzq&e=1460279865863
Frame ID: 88CC6C05451480E0953C9B5B54722D6F
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=uamvbk&e=1460279865863
Frame ID: 79F89F0A1979319CB8EA39C5672F0421
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=teboadv&e=1460279865863
Frame ID: 89A6132C5880F6B34EE6179D17EC3A44
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hefhhf&e=1460279865863
Frame ID: 9EECE34151214725DCF416BA9FFDC949
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=taetjqo&e=1460279865863
Frame ID: 74E2CE73837F4BE31C92474AED4A93B4
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rqaqclnzm&e=1460279865863
Frame ID: ED0D703E793F1E48D0B1D098E1B51130
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: ED715E8C0153DCA8F0E478128E02CC5B
Requests: 22 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ryljvnj&e=1986237864053
Frame ID: EE741B28C8AAA097C94863526E4D05C5
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=radezpde&e=1986237864053
Frame ID: A8FAC2B0E35D7D21FB34043CFB3376DE
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=foomytso&e=1986237864053
Frame ID: 32F45CD42B65E5132FFC6F02C84A589F
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=yaqcwtind&e=1986237864053
Frame ID: 0E16693CD852103243342AE775DEA71F
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ytiinxbj&e=1986237864053
Frame ID: 2CFE2B0E510041ADD0E4CC1E75F8EE25
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=souguy&e=1986237864053
Frame ID: 9400371EF0D8E3765D88F43F6DAB8DD6
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hslvm&e=1986237864053
Frame ID: C7EC0DBBCAAB4278B854955E74262A50
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=lavzw&e=1986237864053
Frame ID: 4813D55CDCB16333D16120EF73AFEA88
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=uhdckcwa&e=1986237864053
Frame ID: 006D08EF670DED45DCA80BEA6113224B
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rzuyrf&e=1986237864053
Frame ID: 8BB661EB5767AC66497ECC4086F5AB53
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=iwktsfw&e=1986237864053
Frame ID: 81E9096AF15D3E7EC6261AFDE6420785
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=dyuzvhv&e=1986237864053
Frame ID: 6BD67D67E4F2FE87FA9428379E743EB8
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=xqrovb&e=1986237864053
Frame ID: 3A11DE523687C19AF2801284E8EF26AA
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=qkkrlhd&e=1986237864053
Frame ID: 3C642BF66A08E588BEA0ECC1CB8DCD2F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 115DA561962DCCD45EA379A6AEC3583B
Requests: 21 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hpigheei&e=1934835366129
Frame ID: F404207247B3C26499E807268F814DAD
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=kxjzfu&e=1934835366129
Frame ID: 66F155EB77B03EF2DCFD5773221A1E10
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=bvffyi&e=1934835366129
Frame ID: EA9FD5E0DE73F11304CD66CF3E6A405D
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=zfissgsp&e=1934835366129
Frame ID: 1B294E54C99A65C88283FA75EA8FE29D
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ljddsx&e=1934835366129
Frame ID: B9E2BED2A2A436064088820DEB32B8B3
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=oqpfvjjzva&e=1934835366129
Frame ID: 7EB0B2959CB1B256A88BADCF23653A9E
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=abridaeipk&e=1934835366129
Frame ID: 32CDFC12CFCC24099F5B05F7F59D9B18
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=dgxrevtfw&e=1934835366129
Frame ID: F7AD779D28E87FAE44AE15A350159AE1
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=irmdfpde&e=1934835366129
Frame ID: 2A3E110F852A681B0C3BD8E00E4897A9
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=gchxbfzt&e=1934835366129
Frame ID: FB7EAEB80CF8C0332CA5A860528102D9
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=biumtjde&e=1934835366129
Frame ID: EC19DED7FEB15C7A4F08040BFFD12BE2
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=vraexgm&e=1934835366129
Frame ID: D5B1C7B1E134CDE1AD3513613B365576
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=cfowevjd&e=1934835366129
Frame ID: F48D3869D2B63CB9F2951A65022BC6D1
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=wonoeapj&e=1934835366129
Frame ID: 75072CD97054E75B96B7D9F82EC15C08
Requests: 8 HTTP requests in this frame

Frame: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3B6338750A336831A6CFC952C78B0D7F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: A3B2059A65B2F9F2B5A7F958497B19E8
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuadYzLH4aLs6dz4wb2_6h1rJZlXVlomcUMi29EOolkKY1QPxyye6uhmwMLqSWxUZpIIwtMPDkkBDHj6cnCC7W0ObE0fOaGKltU2N3lDvUe0hCXbvK6x9pD-VnRsu15iQ2jJi7OkpG66SYOsGTknBNRRfBsBgMwP4ppeHzGvF_pGSK3tWXBSgmMwq78prYtpLAZX6ybiZzBq9xNTKr2PTLOimCw0V6aC3O4reJ8NdHIJn0hEaFyUs5Dm67azEcLnURqFzswcCGTs2Iyzwzb8aHhnKsNB_urilft1EGRm2mHjLBMHmchipWDkT9kQknj&sai=AMfl-YRjDmyv5FlTh0BXO9hwp9CfX21rsn9Mzl0EkTeWj6aYc1UzE5GDPDhLQ1pHH4aX-fjNQkm1wgf9Jv9zUpf7gJm_Sw9KU5q7k8BO4Zbg33ahOUBdkMjiMjiTAo5146mg3iq2Iax3PvUeRy9Yx4shySo&sig=Cg0ArKJSzOVWzXS5hdWOEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2A23E71386AC2DA17CB2151C05EDB9F4
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 5DAE1A2EBB32FE2D60FC5B5D1284FCAE
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 4C64851626D821C33CA5EE59D31D8882
Requests: 20 HTTP requests in this frame

Frame: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 51466DD8FEBE09AD3133D98A9DEFFFF3
Requests: 9 HTTP requests in this frame

Frame: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C42F6938F57CB5135BB1CE5221AD0289
Requests: 1 HTTP requests in this frame

Frame: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 82F4E581D09D56F831BA54FD2A0CA61C
Requests: 1 HTTP requests in this frame

Frame: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C927EFEC4802DF354B7E88611ECE444F
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4MSsAAAz28H_ZBFAAhO73sZxhmrig4tY9ZrNA&u=%7CGB7oQwkcIdGLZl2XFg%2Fpph%2FDF9RmFWWcLNMSaJ4wQ3w%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv5nzGVva1W-wwP78Hnv4U0FEjkPxBSOnKYmtzX1IX_BisUVyr0vuEH6uRNJLn-TcZ5NyF1KMuJ-REZ7g3-BzQ2xlbvCAYAX8udkvRuqRDjXVlu0Q2wF0jGJbSc_gcdkJt_DN1_DvsypCSp8QUAj35w8Bt4YWa9-uqd54-nDY-8SqYVnNz2goSPpK7aiCXOXS6VbMfwDd-FV9eIo_ZLRSrbkpqq8CFkwvjyh5thJUFYD60WmI4_syC0QN1JL7Y4TE-Y2a69RHeB1Ck0haX9-p-VfX72WHxWzZBDjq_YHWrkznERqG0N4wHqWnWxDEraXNlxL1-uZPJ4Kqx-3Z466nJzhcoGVAfmazzVQ6TYaf38IT667l6CjsVe28NcEyYQ31meUfbO_Yc48zQSVGzTVpO85UeJUucWxZMH7TCc_eWcHPjGTiUlI0QL64J0dw2z9retnp2OZM8CpwG_VEMG4VGyEYaErsnT3mlUlN3WgAlftJsB5abcJMYDtCnrGca52LwuBQykNRd86Bsr1hntuyFh4YNNmPe9zGMGxEVC0-jFBh8OCwgj877sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1k6vsBKDY--eA8Wg9u8P752hiAvJntKxXPXqoYaIAcCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi05OTU5NzMwNzU0MDM4MDI2yAEJqQL9XeJ6n3CxPuACAKgDAaoE5gFP0A5tZHUDe3TFaLCTmNYYBp5kSUF4YbnabmQFjFXAvzZzRqMBeLIebzQMvm4Xm11bBXZtVG3NEElZNlAme1qw9RLAYPyJgled3_SxuuPF4aDLfYCqw_A9FIUB1C_gAxH7OolgDKAZihyYmDecYtcLW5ofED_K5QkZNdGIb2lf9hQ36v2k8s6VH6yDwRvN7XdJS9xtjcCVZOMOgjT0SJGUaGQcwodEldK2-nhfGu_xk_zoTFhMEs8AsCZNxZbS3omd3BubN2N6q8Fs6R1OcsTQWsoHaL86ba6I4XMuCC5A_H7rXrakp-AEAYAG4K-07oTu7OYQoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3q9yh38Bsbc5RMjoB-rvuqddNsjQ%26client%3Dca-pub-9959730754038026%26adurl%3D
Frame ID: F337B9D8263D64D3FF92B26C809B6DB0
Requests: 20 HTTP requests in this frame

Frame: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8E31838F1E2795C6558FC39DCB236600
Requests: 1 HTTP requests in this frame

Frame: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FC88CAFB7B9ECA9A2EB234FF2EAE301A
Requests: 1 HTTP requests in this frame

Frame: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: EBAD32C2BBF3399DD39CFC99528EB8BA
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIAHjsRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhwJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRgmZXs5GjfM3Z7kcBhclbvZQWdmeXaIU1QziL1DEZj_5YoemqjwDuAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yMTI4NzU3MTY3ODEyNjYzGNztag&sigh=0s9CGy0fUDo&uach_m=[UACH]&cid=CAQSPADq26N9kf6Nmbkr0jn76b2cPuoBRvEcCJkZ5CLe6ANvp74VK2MlpBi2Q9tBbRkFPLzCpE-TqLa0QwumZBgBIBM
Frame ID: F074C7AEC7B965AADD6E8656035127DD
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j9f2erqdaptwnjpfgqtvrt9455vzbhe75z9qx61naj1k8kh8ghzbgw8r1bwjjvfk5b36yehy7tq46yxk62ygpevgab5vx0332gy3zy8pfebe1jayxjq3a58vjw3hqm9hjnj39yszgbrz3v84ptftzymgzgcptw29k14738swpvadb2dbh9q398rywa7svpvp849ph4xv35d83n0e9zasw3r23q48j7j582wjb6n47jyh2w264xcabq2b80r803sgz50g15qafc49qzjmd2tht7azne0s8xk0xdaa7592d1207rtj0a1ggsjw88crzhkhnfr116vj9jy39msf70fr1qaqapq8s2msv3csaz3dc3nsnp6r343z96rwqtv52mn1wkt6pxgtdp659btfm6zjc9xn7r7wdddt611ce447nzh68g429j15kwhwm54fjmyjdmnmwdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%26client%3Dca-pub-2128757167812663%26adurl%3D
Frame ID: F0BFC5B38DF65840AE7C648740E29F18
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 76EDF4CF2AB92234DA5D3E0C7C328226
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 2F936658C9E8FC7F41F3704CE4ED07EF
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: F5BFAB0F6172A39481D50543349D9BBF
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 8968ECDF9DCBD1CB918A8D6E9E1E8E25
Requests: 17 HTTP requests in this frame

Frame: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 329F8EDF7FA044017B0D8B4444434B3B
Requests: 33 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k9n38px01ftngjkx4ptbpf9vtjvx6xmdgamrh40364nzbgp6bhg61j85skx4e1kb6a4fqegk84gp2hz4dgs6pcrasepazeqjyhvanmbp82p44v3yamkhyx8qj5904de911x3e22fgathdxnb7bc2pmmtz2g4hzy7dswsz9atkc0w0gdngqr6rg3q4c580s9z1p7v0hhyftv6jkw0y2zdpp1d64qpjjddvb27gq09vt6dyrhm6mbqd2w3qfkr73gmz1n6rvptq82zy9p2r0dzrzn612xnhxqafex248wcj4feevez8dc7wj053phh2nr4rw08p3epqnecqp2987eswgj31cpm99g8za5pmxpfg5cywnf6arn6bvfbaskaqc6q74mk1vf4f3fjz3nazgch0043g3v6byrw9dych9grjnjjs4c0vayvqtgz32vfzvry8wmjtwfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%26client%3Dca-pub-2128757167812663%26adurl%3D
Frame ID: FE7CF7AE0FB8FB63E3649C7FFD39E9B2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4F785E7CB4FA6E6BACE2F3573A3B75CA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D7D25BA0F283557896F1A44F8F129BF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D4AE0C3813515C1926AC55478E22BF47
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD8D44BC697E48DD0C0C04DF163200DB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B580FD4C748057EFB8A3E28DA22A133
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BE4253260193E6603262C265653DABAC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66C334336A36CA43D8B17BA5F8B0ACEB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 55C6440BC3F0239FA066378BCB024550
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 81E304522754C818623375B076B1C3AB
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: CEC00DDB8CBA780D1573133B65E1609E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 5C502558F2D172D8EC6946354001E7CF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AA5ED7FDC23FB1E202D42D726DD892D7
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=earnme.club
Frame ID: 87FCD10D808A06410D4A4FD871FB1311
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9548364294205117&output=html&h=250&slotname=7769709079&adk=3124451273&adf=3407277735&pi=t.ma~as.7769709079&w=300&lmt=1669534387&format=300x250&url=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669534387231&bpp=3&bdt=2347&idt=197&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dc4d91b4e38db5124%3AT%3D1669534384%3AS%3DALNI_MbrWNyJQtwTT-27Lkoku6i9gM_Nog&gpic=UID%3D00000b88e7f767da%3AT%3D1669534384%3ART%3D1669534384%3AS%3DALNI_MbnLiieW6XrJHTlK2WdDYIw7Chlmw&correlator=8736520944508&frm=23&ife=4&pv=2&ga_vid=1365863235.1669534384&ga_sid=1669534387&ga_hid=1974010394&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=474&ady=1077&biw=1600&bih=1200&isw=300&ish=250&ifk=4271657734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C44777948&oid=2&pvsid=3616434489605761&tmod=723880777&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j4shh3xyuhu5&fsb=1&dtd=211
Frame ID: ED8D91425EB4C9258A0859E79B764F75
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ADADC6DA33528B1B4366386B7A8187BB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35B9D0AAEE21D199EA047A0579BFF14D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 62961DD3C6CC82A6EF7278C03EB98B59
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196439&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB&c=300&d=50&e=&g=4e58f6bbcf5335c582c709c994fce8b7%2F5381838147590140451&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqvvcfn2sqbxz10rk7mph4wwntasetvw4b2bm8e4jxnepdwvg50z5r0e7fc3nrn4smf9hh7csmf467x6y8gr1220cx7b411v2kzkxy4x8vvfef2pc0qf2wktm5sak8xbdkra92rqgkwk3h5yqtsgcw4j46epg6tykxsw6b7vb2zwch1h3dkz61pcbfd0vaqgpc36t1ewh91ympwpfd6p934sxbgywrhjmmtn5sgz1frv3967ar1jfvpnstm8cgj2qy210h3td3zqy1f2zk92g2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Frame ID: 70D1D2B4540EA4FB243BE3AE97006FC6
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Frame ID: 36BF9557222BB646A4893CEA720624B1
Requests: 14 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: D26BC1A336F548764D39D2FFDD441F2C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: C655056B539D1AA6C11FB50AFE944574
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 029A68E3C05653F2F50F5A7FC75CF408
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: F87C80178335C7AE54B39D9CA4B91843
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 9BB5C7F13A57FA9BB778FCC7B5C74667
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 82C1F4AED7A33028A233CA2E8952E9EB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D4B2B233A9B74207D4B3760C1708D3E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zeb-Monk From Zebronics – Tech One

Page URL History Show full URLs

https://tnlink.in/wMKxLTv HTTP 301
https://link.tnlink.in/wMKxLTv HTTP 302
http://earnme.club/safe2.php?link=wMKxLTv Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://earnme.club/zeb-monk-from-zebronics/&v... Page URL
https://earnme.club/zeb-monk-from-zebronics/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

842
Requests

95 %
HTTPS

37 %
IPv6

78
Domains

124
Subdomains

97
IPs

12
Countries

15049 kB
Transfer

36517 kB
Size

50
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

URL: http://i%20have%20no%20websites%20bro/
Title: Sarbash

Search URL Search Domain Scan URL

URL: http://earn%20me.%20com/
Title: Saminda

Search URL Search Domain Scan URL

URL: http://rasik%20reo/
Title: Rasik

Search URL Search Domain Scan URL

URL: https://usanewstoday.club/safe2.php?link=wMKxLTv
Title: Continue

Search URL Search Domain Scan URL

URL: https://mhthemes.com/themes/mh-magazine/?utm_source=customer&utm_medium=link&utm_campaign=MH+Magazine+Lite
Title: MH Themes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tnlink.in/wMKxLTv HTTP 301
https://link.tnlink.in/wMKxLTv HTTP 302
http://earnme.club/safe2.php?link=wMKxLTv Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://earnme.club/zeb-monk-from-zebronics/&ved=2ahUKEwinyYX0v5X2AhW2yYsBHcAmD-I4MhAWegQIBhAB&usg=AOvVaw08SAAnq4xdjhxRWvkkAAYY Page URL
https://earnme.club/zeb-monk-from-zebronics/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://tnlink.in/wMKxLTv HTTP 301
https://link.tnlink.in/wMKxLTv HTTP 302
http://earnme.club/safe2.php?link=wMKxLTv

Request Chain 33

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 560

https://pbjs.e-planning.net/pbjs/1/27fa6/1/earnme.club/ROS?rnd=0.18375537283400445&e=300x250_0%3A300x250&ur=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F HTTP 302
https://pbjs.e-planning.net/hb/1/27fa6/1/earnme.club/ROS?ct=1&r=pbjs&rnd=0.18375537283400445&e=300x250_0%3A300x250&ur=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F

Request Chain 565

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 568

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 698

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFGrX5bkcoIMd9xJnPxD_XA&google_cver=1&google_push=ASkJ3FY6XH_KuWW9ff_0FIqjOQxEO3HMsDZFQiGcSdWqV55TeLkFKJrHDtdbje_3yHkSuSWjjU1B8NwlP0p54Qc04o4ara9WjHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQ2NzAzOTIzOTIyNzEyODMzNg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFGrX5bkcoIMd9xJnPxD_XA&google_cver=1

Request Chain 700

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cver=1&google_push=ASkJ3FZ3RmwFLon4Rn08q5zAjw3UN2JNSEVoFvG1qCKyn-UzGDbsvR96yQSv76qSNoiJz_hJXE1xGusnQZ9S4IeZs0jW0mWe_2M HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cver=1&google_push=ASkJ3FZ3RmwFLon4Rn08q5zAjw3UN2JNSEVoFvG1qCKyn-UzGDbsvR96yQSv76qSNoiJz_hJXE1xGusnQZ9S4IeZs0jW0mWe_2M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ckV2NFZ1Z0gxT1pjOVo1&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cver=1&google_push=ASkJ3FZ3RmwFLon4Rn08q5zAjw3UN2JNSEVoFvG1qCKyn-UzGDbsvR96yQSv76qSNoiJz_hJXE1xGusnQZ9S4IeZs0jW0mWe_2M

Request Chain 701

https://um.simpli.fi/gp_match?google_gid=CAESELnjI8nfftKWc7f4N5AUnqQ&google_cver=1&google_push=ASkJ3FbB1WugvRRN10C-XP8v2buBIEYLpW0d_msmcJc6hB3hoCGRVAY8n967DkdoKyO0v9FyZY0iqAXkHz6zRRxgXMuvL6nrVrS2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E767C135E0B04B19AD72331496476452&google_push=ASkJ3FbB1WugvRRN10C-XP8v2buBIEYLpW0d_msmcJc6hB3hoCGRVAY8n967DkdoKyO0v9FyZY0iqAXkHz6zRRxgXMuvL6nrVrS2

Request Chain 702

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFUMGmr3OSpcRLiiXp1mBd0&google_cver=1&google_push=ASkJ3FZlIchDTYpHQJWArIZ88PC1rdhCRjvK7b01nnvjGbh0_YUhWF-Z7u53_QhUe1zRbxY3GyHS2Umk9mGLG6SvvTMvYoY7LCQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MDU5NTU5MTcxNzcxNDA2OA%3D%3D&google_push=ASkJ3FZlIchDTYpHQJWArIZ88PC1rdhCRjvK7b01nnvjGbh0_YUhWF-Z7u53_QhUe1zRbxY3GyHS2Umk9mGLG6SvvTMvYoY7LCQ

Request Chain 703

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK_bKdXQvqt-fQFh3VK7PwY&google_cver=1&google_push=ASkJ3FY6C4K3yL8Akh7kyTVRcCUupIq6IZZ7nLl4i8aIZ2CYVpgcEnk96IrE809NIq13Nj2PD3VIc7kJXEX6aVGS0cdcI6vcIScV HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK_bKdXQvqt-fQFh3VK7PwY&google_cver=1&google_push=ASkJ3FY6C4K3yL8Akh7kyTVRcCUupIq6IZZ7nLl4i8aIZ2CYVpgcEnk96IrE809NIq13Nj2PD3VIc7kJXEX6aVGS0cdcI6vcIScV&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EK9Ml4B7Q8yH36ER0ki6AQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FY6C4K3yL8Akh7kyTVRcCUupIq6IZZ7nLl4i8aIZ2CYVpgcEnk96IrE809NIq13Nj2PD3VIc7kJXEX6aVGS0cdcI6vcIScV

Request Chain 704

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJMVFFYU8kRrCxNIW9snm8c&google_cver=1&google_push=ASkJ3Fb-XfAGaON_ygEeAJNy2v-6Ct3n4DlBDCqDxCSdVoJdN9MrkBckmwsu_HJyQuVaW9_X1_PP-U-lbGYfq_ZIF7Uvz4OPzR5p HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3Fb-XfAGaON_ygEeAJNy2v-6Ct3n4DlBDCqDxCSdVoJdN9MrkBckmwsu_HJyQuVaW9_X1_PP-U-lbGYfq_ZIF7Uvz4OPzR5p&google_gid=CAESEJMVFFYU8kRrCxNIW9snm8c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQwMTQyMTY2MDExNzcxNDAwOTM3OQ%3D%3D&google_push=ASkJ3Fb-XfAGaON_ygEeAJNy2v-6Ct3n4DlBDCqDxCSdVoJdN9MrkBckmwsu_HJyQuVaW9_X1_PP-U-lbGYfq_ZIF7Uvz4OPzR5p

Request Chain 710

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cver=1&google_push=ASkJ3FY_3uu4IWS4ILfc5ba-__UZzGMvXyeguvUESg09fy0YNWIXcVlbptfoSt2Qv9e5Yl_5XJjOx-ZHocg3WtMpFNvBRey7O4k HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cver=1&google_push=ASkJ3FY_3uu4IWS4ILfc5ba-__UZzGMvXyeguvUESg09fy0YNWIXcVlbptfoSt2Qv9e5Yl_5XJjOx-ZHocg3WtMpFNvBRey7O4k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ckV2NFZ1Z0gxT1pjOVo1&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cver=1&google_push=ASkJ3FY_3uu4IWS4ILfc5ba-__UZzGMvXyeguvUESg09fy0YNWIXcVlbptfoSt2Qv9e5Yl_5XJjOx-ZHocg3WtMpFNvBRey7O4k

Request Chain 711

https://um.simpli.fi/gp_match?google_gid=CAESELnjI8nfftKWc7f4N5AUnqQ&google_cver=1&google_push=ASkJ3FYin8zEyrCudgYDxJFr2DY8Ox5TB-vMdj_lIaOjVK8Ydxf04HeIrw_zfdvyqnneuuz4CpIeCxU_JEeDbIxauVwl97dy2PQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A8B9CE3FC0474748B23BE40EAC23EABA&google_push=ASkJ3FYin8zEyrCudgYDxJFr2DY8Ox5TB-vMdj_lIaOjVK8Ydxf04HeIrw_zfdvyqnneuuz4CpIeCxU_JEeDbIxauVwl97dy2PQ

Request Chain 712

https://d5p.de17a.com/cookies/google?google_gid=CAESEFyGqeWFhfkfWL5FIdZG4qk&google_cver=1&google_push=ASkJ3FYSRSDpBHZNWPiejc82wUViNMiuZ-xZPaAPI7nGc2tNEg9wOHH-bI3CEnn1iYIl7g2rtXWElkd9wJdGifF8eL5RxwWfe4U HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFyGqeWFhfkfWL5FIdZG4qk&google_cver=1&google_push=ASkJ3FYSRSDpBHZNWPiejc82wUViNMiuZ-xZPaAPI7nGc2tNEg9wOHH-bI3CEnn1iYIl7g2rtXWElkd9wJdGifF8eL5RxwWfe4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FYSRSDpBHZNWPiejc82wUViNMiuZ-xZPaAPI7nGc2tNEg9wOHH-bI3CEnn1iYIl7g2rtXWElkd9wJdGifF8eL5RxwWfe4U

Request Chain 713

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEA9A66Y0pbVRuubJ7EFzhkk&google_cver=1&google_push=ASkJ3FbUoQDf7VQFqehkbnGqK7qDyidJidOsRC7wJIHQ5S7j65wckpAs2p8JzaZGSfggCt8lOWERWLpPwiuph8C9NtEyUPqMP0g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FbUoQDf7VQFqehkbnGqK7qDyidJidOsRC7wJIHQ5S7j65wckpAs2p8JzaZGSfggCt8lOWERWLpPwiuph8C9NtEyUPqMP0g

Request Chain 714

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEA9A66Y0pbVRuubJ7EFzhkk&google_cver=1&google_push=ASkJ3FYjsjoSEdjHuZ5FIoLqnJDTeUynb6P4eBCLiZgsKIvbWtoKkVtmE_lHYRYFQizDtAhKALyJuprqJxABkuy8_mz8V4kf4Ps7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYjsjoSEdjHuZ5FIoLqnJDTeUynb6P4eBCLiZgsKIvbWtoKkVtmE_lHYRYFQizDtAhKALyJuprqJxABkuy8_mz8V4kf4Ps7 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 715

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIfrHGmT3YZL8iCNsoZxzOI&google_cver=1&google_push=ASkJ3FbpKasxvL5k_MaEKqTV1qORrp07jHXvFzijG3OP-0slFDaFgw1o-m4dBuKShV0V_lNyvWetlLxl2xFYrlBRAkPLoPdT0V9H HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=&%%GOOGLE_PUSH_PAIR%%

Request Chain 786

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOFDYB1YH4dKNO965MDQDZ0&google_cver=1&google_push=ASkJ3Fa7e51j99pnhgpXb9ggIWKJ70YsHnogAVhCpkokzjYxfy7W9nTC8MJnKPttte8YZDRmEOJ-YLBUwZEwQEM_r_qPakryo0ycBw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa7e51j99pnhgpXb9ggIWKJ70YsHnogAVhCpkokzjYxfy7W9nTC8MJnKPttte8YZDRmEOJ-YLBUwZEwQEM_r_qPakryo0ycBw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOFDYB1YH4dKNO965MDQDZ0&google_cver=1&google_push=ASkJ3Fa7e51j99pnhgpXb9ggIWKJ70YsHnogAVhCpkokzjYxfy7W9nTC8MJnKPttte8YZDRmEOJ-YLBUwZEwQEM_r_qPakryo0ycBw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa7e51j99pnhgpXb9ggIWKJ70YsHnogAVhCpkokzjYxfy7W9nTC8MJnKPttte8YZDRmEOJ-YLBUwZEwQEM_r_qPakryo0ycBw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 787

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGpn7E2o969U2iL1e-nqZvY&google_cver=1&google_push=ASkJ3Fa8FqXzR6aknZIo0KaM1IkBvqSkij4ARVFkpjpZu8L0JhhO-irRL7nO7Xv_aSep8qEZQjedqBju6wyW0lmioFwO7v0FaXXy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGpn7E2o969U2iL1e-nqZvY&google_push=ASkJ3Fa8FqXzR6aknZIo0KaM1IkBvqSkij4ARVFkpjpZu8L0JhhO-irRL7nO7Xv_aSep8qEZQjedqBju6wyW0lmioFwO7v0FaXXy

Request Chain 790

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEA9A66Y0pbVRuubJ7EFzhkk&google_cver=1&google_push=ASkJ3FZ0iUj8R9Aw8pMgeNA5stfpkFt2Xs1DebYDQZH1pyvT1_1FETISTnl_kcyOaFnCFeFFiEdshkjuyqes7BYJ-7jnhwk02vzG0q0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZ0iUj8R9Aw8pMgeNA5stfpkFt2Xs1DebYDQZH1pyvT1_1FETISTnl_kcyOaFnCFeFFiEdshkjuyqes7BYJ-7jnhwk02vzG0q0 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 791

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGFY2A3b9fG6DFZGbh_PQxI&google_cver=1&google_push=ASkJ3FZdtSaUARm-M1IzmGmerlwdHnuyebxWzxeQq6j7fnZZ_5nX8QtBzuOYJnuRu_yp2r_S4H2LS5e8L8X1c1QAOmN7eRr7QGREQ7E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FZdtSaUARm-M1IzmGmerlwdHnuyebxWzxeQq6j7fnZZ_5nX8QtBzuOYJnuRu_yp2r_S4H2LS5e8L8X1c1QAOmN7eRr7QGREQ7E HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 792

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOMxSB5hBykIiBabZyn7h6w&google_cver=1&google_push=ASkJ3FbjaOnQx3ZfgfJcxRw71dN_nwzXO38pzNQ2-Uuu3ZEee_5vEY_rdloBbybKZ9BKumhpSLO7Ei9kgCA6xGTiJUnRkNEDzWSFEWk HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEOMxSB5hBykIiBabZyn7h6w%26google_cver%3D1%26google_push%3DASkJ3FbjaOnQx3ZfgfJcxRw71dN_nwzXO38pzNQ2-Uuu3ZEee_5vEY_rdloBbybKZ9BKumhpSLO7Ei9kgCA6xGTiJUnRkNEDzWSFEWk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODIzODY4MjU2NDU5NjM5NTU1Mg%3D%3D&google_gid=CAESEOMxSB5hBykIiBabZyn7h6w&google_cver=1&google_push=ASkJ3FbjaOnQx3ZfgfJcxRw71dN_nwzXO38pzNQ2-Uuu3ZEee_5vEY_rdloBbybKZ9BKumhpSLO7Ei9kgCA6xGTiJUnRkNEDzWSFEWk

Request Chain 807

https://gum.criteo.com/sid/json?origin=publishertagids&domain=earnme.club&sn=ChromeSyncframe&so=0&topUrl=earnme.club&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=0fln9XxHRFJuSzJUSmJkbVFicFNXUmxmQ0dMY1FxZUpPeXVTcEZYMndsWkRyVFY3dmY4TmlTWGtMMzN6ak9hczdsczBVZmp4Q3pScHBYUkU5eXpsaG5tZkJyUGhiUzFqZFlDK2U0c3BJNTAyUVRUbGxLTnpYZjlyTVRPcnUyMjZGMUFZOEN3V3NleDE3N09yamRyR0czVFRyRkI1cStTeGxEN1ZOb25hZXlEbHpFR1ROK0pCSTUwcnZjRGRtU3c0a1pRUXZuSXl1TzJiZU5vV2JCbmFKOUl2d3AxRFIvRDRBclc1UDQ1VVlYOEQ1cnZhR1RQRVY2ZWNFWXMwZUJIaWlNSFN0aVk1RTBQSk5kb0hYbFk1NmV2b0plUT09fA&cppv=2

Request Chain 812

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJaekaHszfsCFW7nuwgdhK0AEA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669534388_bd0bb5e0-6e25-11ed-9d10-2262c713b6c4

Request Chain 821

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CK2hkaHszfsCFemS_Qcd6sAJOQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669534388_bd197180-6e25-11ed-bfbc-22342ff4a6f7

Request Chain 838

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=773924&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=773924&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=0

Request Chain 839

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=LjfXwdIcTa1P4QsNLw7fXVD_B2c&user_group=1&ssp=themediagrid

Request Chain 853

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Tdn-qF9UaWdSd1RMdDc2Z05JbnNUN3Zzbk1iUFJjYXEwMHoyazhPY3duV2RPdkFrVER4Y3BxeFhvNWtka29wT1lZVVpkM3ZtTmI2R2s1ME50JTJCYzE0WjhOcVZaRUZXVDk0YjVpWmdrYjgxVFBrMENCeHJ2b09BSUN4ekppQnhDM095TEs1d1Q4Tk1vSE5YOG9PRTBKVk93cnNWUSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ZTSXQ3x2UTJ1eXJ6em9LUlh1ajU3TElvTFVnakcwM2xCcGttMU5zaUZmZTFiS0NvcHdKd1JEZUUxalBndWFnYU9uN0FLcDQ4R1NiUUJ4QmplV1NaY0QwMmx0QURWTHNoWmk1Rmx4ZUo3NnRQbWtYMlY1NCtrNnd2VDhoeE1hMlRCbmd4Z0ljRUgxdGtHN0l5UDVPcUJUOStZRTNRV1BHYUg5NEt1MTFha3JTd2ErQlA0YkVlMlVIY1NVbTRQZGd6RnZVRzMyY240b3A0aDZKdlJ6T3QyYUVQV3FSTWxxMHc4WGdhN2M1ZXdFNStweTZwaE42T0R4UStTQ0htT2hFSEwvNEZKTlJobXV4TGpOb2tRQXFmM2toZ1FqcWlCRVk5a3kyYVVaek41bTE0N3NqUT18&cppv=2

Request Chain 854

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Tdn-qF9UaWdSd1RMdDc2Z05JbnNUN3Zzbk1iUFJjYXEwMHoyazhPY3duV2RPdkFrVER4Y3BxeFhvNWtka29wT1lZVVpkM3ZtTmI2R2s1ME50JTJCYzE0WjhOcVZaRUZXVDk0YjVpWmdrYjgxVFBrMENCeHJ2b09BSUN4ekppQnhDM095TEs1d1Q4Tk1vSE5YOG9PRTBKVk93cnNWUSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=cz9FsXxYNEJINmpGaTN5RVcxTXFnMm1DN3hBWE5HcEx4NmRwYTdJeFVBK1RadjI5bUw2VEZ3M1dpcGNCMDVMMExhZ1l3K3Z4V1EraW02NEV4SkcvWjVWL3ZPQ0dpR1FZUjVjbXltaTNNZGltRk9zQzVpT1VJVFBWTDFOMUJxNGpyTWc4eGhCU21YZzEyeGp2NEZVbFdzaXhNNndkeGRuSVRMcWNlRVp1cU9yRFFKbVF0RmM2OGtFL3pXejVBWWgwY1ZNOFlRT0tUakpqWWNOOWRZMnU5UWx3djcvRXQzTzl5VVdMZy9zU0M2SlJWeVN3bXpaNVNhanVLdDNVM0NtRzRRZlM3L2p6NUpoS1BtL1FYSzJRQ09GNVBHNzFPcDQ2WlFpUDIzU3Z6VTE3bndOWT18&cppv=2

Request Chain 855

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Tdn-qF9UaWdSd1RMdDc2Z05JbnNUN3Zzbk1iUFJjYXEwMHoyazhPY3duV2RPdkFrVER4Y3BxeFhvNWtka29wT1lZVVpkM3ZtTmI2R2s1ME50JTJCYzE0WjhOcVZaRUZXVDk0YjVpWmdrYjgxVFBrMENCeHJ2b09BSUN4ekppQnhDM095TEs1d1Q4Tk1vSE5YOG9PRTBKVk93cnNWUSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ZqwprnxoeGZrWXZiY1BJL09TRUZKYzhUTisySUFPQmt5Y3JvQS9JQjhCRXpJZVR6aGQ0WVBBWUlvK1o2aFpVRk0wS0RZdWVwZ0xGM3h1clVwOTRZNjR1UlgyR040K1dESzhoTCtJUk1yVjF1L3p4VmNHTmZvUmJxUlNXZUNYdVMwVmROWUFKQmVaMUlVK1ZJNlI1Q1BiN0x1QkNNeGhwelRXUDZVZnFwdE1HOENodnRHSjgrN3dQS08wZzAwaFBxRHovYzBKYWduV1MrSEVWZGowZHBHVmN1aXdyZlBBclpJUXlZVGh3bjA2VFBHZVU4TXRnSjZmRk8yaTNtYmpsZVBFK3NSeVArSVVHTVJtbm1tb3NHNk9ZQmRERit2QVJkR0Z0MjhLRVlPSHZzNU5LTT18&cppv=2

Request Chain 856

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Tdn-qF9UaWdSd1RMdDc2Z05JbnNUN3Zzbk1iUFJjYXEwMHoyazhPY3duV2RPdkFrVER4Y3BxeFhvNWtka29wT1lZVVpkM3ZtTmI2R2s1ME50JTJCYzE0WjhOcVZaRUZXVDk0YjVpWmdrYjgxVFBrMENCeHJ2b09BSUN4ekppQnhDM095TEs1d1Q4Tk1vSE5YOG9PRTBKVk93cnNWUSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=UPzInXxRMFBkdVNuVW8zSUxacWJ2OVlSNlBTUlhlQzlwb0QxZ3h5V2lGZ0k5TXdDMW02bkN1QTdhV2JnYVBQeWJ4RVJqTWluNlhjcTl4NEZQNjM3c29CNFJnTndBejNZbUdMN0duZm0zUVJoVmdIRXhLNWF3V1ovYVFwTEloN2RsdkY0ejNud28zTDFVcmJVcVY4bUV2Unk3S1VzVk5rcUZVYlpWaFYydTFSR1VVSGI2ZW1YRXZaS1QrSC9aSVhkR1FZNzA1ZUFIcTFobk9iNUw0REtZTVNyMDcyUEJmTGNBWWVQVno3N2RBbmpkbktyK1ZBZDFrZm9zVmpETE16ckxXSkhHZjBhall3SkwvUlQvaDR0eDRUNDhFV1NtazcvamdZY0I0ekpkWXpEWlFXUT18&cppv=2

Request Chain 862

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Ddefe08069b97482e%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=defe08069b97482e&uid=8238682564596395552

Request Chain 863

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Ddefe08069b97482e%26uid%3D%24UID&partner=eplanning HTTP 302
https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wMzM5MDFlNy05OTNmLTMzNDctODk4Mi01YWM3ODVjMzJmMjkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZGVmZTA4MDY5Yjk3NDgyZSZ1aWQ9dWEtMDMzOTAxZTctOTkzZi0zMzQ3LTg5ODItNWFjNzg1YzMyZjI5MgIGEjgB%26buyeruid%3D HTTP 302
https://ssp.disqus.com/match?bidder=6&r=Cid1YS0wMzM5MDFlNy05OTNmLTMzNDctODk4Mi01YWM3ODVjMzJmMjkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZGVmZTA4MDY5Yjk3NDgyZSZ1aWQ9dWEtMDMzOTAxZTctOTkzZi0zMzQ3LTg5ODItNWFjNzg1YzMyZjI5MgIGEjgB&buyeruid=1db6cff7-beee-43d4-9f7d-16c8d73020ba&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wMzM5MDFlNy05OTNmLTMzNDctODk4Mi01YWM3ODVjMzJmMjkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZGVmZTA4MDY5Yjk3NDgyZSZ1aWQ9dWEtMDMzOTAxZTctOTkzZi0zMzQ3LTg5ODItNWFjNzg1YzMyZjI5MgIGEjgC

842 HTTP transactions
24 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

safe2.php
earnme.club/
Redirect Chain

https://tnlink.in/wMKxLTv
https://link.tnlink.in/wMKxLTv
http://earnme.club/safe2.php?link=wMKxLTv

667 B
704 B

100ms
40ms

Document
text/html

157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://earnme.club/safe2.php?link=wMKxLTv
Protocol: HTTP/1.1
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 439
Content-Type: text/html; charset=UTF-8
Date: Sun, 27 Nov 2022 07:33:02 GMT
Vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 683
content-type: text/html
date: Sun, 27 Nov 2022 07:33:02 GMT
location: http://earnme.club/safe2.php?link=wMKxLTv

GET
H2 200 url
www.google.com/ 960 B
1 KB 147ms
65ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&source=web&rct=j&url=https://earnme.club/zeb-monk-from-zebronics/&ved=2ahUKEwinyYX0v5X2AhW2yYsBHcAmD-I4MhAWegQIBhAB&usg=AOvVaw08SAAnq4xdjhxRWvkkAAYY

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 485
content-type: text/html; charset=UTF-8
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
date: Sun, 27 Nov 2022 07:33:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request / Show response
earnme.club/zeb-monk-from-zebronics/ 63 KB
17 KB 166ms
85ms Document
text/html 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/zeb-monk-from-zebronics/
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://earnme.club/zeb-monk-from-zebronics/&ved=2ahUKEwinyYX0v5X2AhW2yYsBHcAmD-I4MhAWegQIBhAB&usg=AOvVaw08SAAnq4xdjhxRWvkkAAYY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: c5f03612599dd719e77207b571205c351b395c4621a457d337cab93101373d81

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 27 Nov 2022 07:33:03 GMT
link: <https://earnme.club/wp-json/>; rel="https://api.w.org/" <https://earnme.club/wp-json/wp/v2/posts/44>; rel="alternate"; type="application/json" <https://earnme.club/?p=44>; rel=shortlink
vary: Accept-Encoding
x-pingback: https://earnme.club/xmlrpc.php

GET
H2 200 wp-emoji-release.min.js Show response
earnme.club/wp-includes/js/ 18 KB
5 KB 39ms
39ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zeb-monk-from-zebronics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 02:57:41 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4619
expires: Sun, 04 Dec 2022 07:33:03 GMT

GET
H2 200 style.min.css
earnme.club/wp-includes/css/dist/block-library/ 93 KB
11 KB 39ms
38ms Stylesheet
text/css 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zeb-monk-from-zebronics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
last-modified: Wed, 16 Nov 2022 02:57:41 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11616
expires: Sun, 04 Dec 2022 07:33:03 GMT

GET
H2 200 classic-themes.min.css
earnme.club/wp-includes/css/ 217 B
176 B 39ms
38ms Stylesheet
text/css 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zeb-monk-from-zebronics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 02:57:41 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 144
expires: Sun, 04 Dec 2022 07:33:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 129ms
47ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

961d69dd0e8a2f52ae99473f60e510978dd3c6cda2365e665977afc10c975492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 07:31:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Nov 2022 07:33:03 GMT

GET
H2 200 style.css
earnme.club/wp-content/themes/mh-magazine-lite/ 45 KB
9 KB 39ms
38ms Stylesheet
text/css 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zeb-monk-from-zebronics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
last-modified: Sun, 26 Jun 2022 02:57:58 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8842
expires: Sun, 04 Dec 2022 07:33:03 GMT

GET
H2 200 font-awesome.min.css
earnme.club/wp-content/themes/mh-magazine-lite/includes/ 30 KB
7 KB 40ms
39ms Stylesheet
text/css 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zeb-monk-from-zebronics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
last-modified: Sun, 26 Jun 2022 02:57:58 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6658
expires: Sun, 04 Dec 2022 07:33:03 GMT

GET
H2 200 jquery.min.js Show response
earnme.club/wp-includes/js/jquery/ 88 KB
30 KB 76ms
75ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zeb-monk-from-zebronics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 02:57:41 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30324
expires: Sun, 04 Dec 2022 07:33:03 GMT

GET
H2 200 jquery-migrate.min.js Show response
earnme.club/wp-includes/js/jquery/ 11 KB
4 KB 77ms
76ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zeb-monk-from-zebronics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 02:57:41 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3995
expires: Sun, 04 Dec 2022 07:33:03 GMT

GET
H2 200 scripts.js Show response
earnme.club/wp-content/themes/mh-magazine-lite/js/ 40 KB
12 KB 77ms
76ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 89013866b8ebfdf82160764b685d3348dbc619e7342d161756f8153252ac3ae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zeb-monk-from-zebronics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
last-modified: Sun, 26 Jun 2022 02:57:58 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12569
expires: Sun, 04 Dec 2022 07:33:03 GMT

GET
H2 200 aaw.emc.js Show response
cdn.adapex.io/hb/ 521 KB
151 KB 163ms
73ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adapex.io/hb/aaw.emc.js
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34f33f34e78fa950653c120fab2d337ff48d56ebe196c7572d8738ad69285903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84882
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Nov 2022 07:55:48 GMT
server: cloudflare
etag: W/"637c8084-823c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhaue0GHwRP6Jn5dWJyrhaaymXh5hheRArfeUrDJQhp%2BxykDTaErBbVeW%2BA20EM%2FUL%2F9LRpyvsOAGxSwzdxCTMxAM%2B%2FhouxrIre55SYOqtSZJ3%2FAcOQzyBWNnTbYGkROIpwiw9p7RFn%2F1AgF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 77092c684c00bb53-FRA
expires: Sun, 27 Nov 2022 07:56:46 GMT

GET
H2 200 adsstarbid.css
htlbid.com/v3/earnme.club/ 0
343 B 152ms
40ms Stylesheet
text/css 13.32.121.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/earnme.club/adsstarbid.css
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-60.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
last-modified: Tue, 25 Oct 2022 01:26:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 491
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=600
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 9T9ZxUtXr8fp4qvPQLcKZV_7JSoRDFeBU_tCylvqubqUbBDsSvddxw==

GET
H2 200 adsstarbid.js Show response
htlbid.com/v3/earnme.club/ 309 KB
88 KB 44ms
43ms Script
application/javascript 13.32.121.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/earnme.club/adsstarbid.js
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-60.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 673cdb3abcd7e9ea010e3d93ebcc60f161f17094dbae17bf5810241dce7c0183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:24:53 GMT
content-encoding: br
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
last-modified: Tue, 25 Oct 2022 01:26:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 490
etag: W/"f454de64cb607eb517e1254885c18ec9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: JDXIVXkRzsbg1aFzfUKNzH98DvEfknh0gQ3tq30X_xom9OAz88TcVQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 147ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1404 / 753 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 07:33:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
75 KB 136ms
51ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea19d08a020adb3eb7ce2fd8643604a6c012685543d5260289ab254462f7a7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75953
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Nov 2022 07:33:03 GMT

GET
H2 200 download-2021-01-04T184454.396-1-1-1.jpg
earnme.club/wp-content/uploads/2021/01/ 6 KB
7 KB 40ms
40ms Image
image/jpeg 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://earnme.club/wp-content/uploads/2021/01/download-2021-01-04T184454.396-1-1-1.jpg
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: d381aad39c58759bfcc6d1621209fab9f0405cfda55ed3feebac66ebe8fecd2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zeb-monk-from-zebronics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Sun, 27 Nov 2022 07:33:03 GMT
cache-control: public, max-age=604800
last-modified: Sun, 26 Jun 2022 03:03:15 GMT
accept-ranges: bytes
content-length: 6640
expires: Sun, 04 Dec 2022 07:33:03 GMT

GET
H/1.1 200
OK spt Show response
tg1.playstream.media/api/adserver/ 27 KB
7 KB 318ms
41ms Script
text/javascript 2a02:26f0:480:b::210:f1d7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b::210:f1d7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ff1cbafc0bdcbd047e63cf4002ebb7a4773fd8970048d5c9ca99d574780260f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 07:33:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 6986
Expires: Sun, 27 Nov 2022 07:38:03 GMT

GET
H2 200 comment-reply.min.js Show response
earnme.club/wp-includes/js/ 3 KB
1 KB 40ms
39ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/comment-reply.min.js?ver=6.1.1
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zeb-monk-from-zebronics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 02:57:41 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 04 Dec 2022 07:33:03 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 120ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 477759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 18:50:24 GMT

GET
H2 200 t.js Show response
flashnetic.com/ 54 KB
15 KB 140ms
41ms Script
application/javascript 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: _w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding: gzip
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
date: Sat, 26 Nov 2022 16:26:48 GMT
last-modified: Fri, 11 Nov 2022 10:14:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 54376
etag: W/"57c945f3c1feba973398debac47b1341"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: mCcTHbGTULzc56yUhukydMEhl_kwW-rBOiJsyvp193783DWxs7J8VQ==

GET
H2 200 t.js Show response
flashnetic.com/ 54 KB
15 KB 146ms
48ms Script
application/javascript 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: _w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding: gzip
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
date: Sat, 26 Nov 2022 16:26:48 GMT
last-modified: Fri, 11 Nov 2022 10:14:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 54376
etag: W/"57c945f3c1feba973398debac47b1341"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3Lp28X6k6DPu03f5aNgE9MqEza8_qVxYvngue95R3WJkvJHYtxN90Q==

GET
H2 200 fontawesome-webfont.woff2
earnme.club/wp-content/themes/mh-magazine-lite/fonts/ 75 KB
75 KB 39ms
39ms Font
font/woff2 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: earnme.club
URL: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: font/woff2
date: Sun, 27 Nov 2022 07:33:03 GMT
cache-control: public, max-age=604800
last-modified: Sun, 26 Jun 2022 02:57:58 GMT
accept-ranges: bytes
content-length: 77160
expires: Sun, 04 Dec 2022 07:33:03 GMT

GET
H2 200 t.js Show response
flashnetic.com/ 54 KB
15 KB 165ms
75ms Script
application/javascript 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: _w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding: gzip
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
date: Sat, 26 Nov 2022 16:26:48 GMT
last-modified: Fri, 11 Nov 2022 10:14:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 54376
etag: W/"57c945f3c1feba973398debac47b1341"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: uGaE9LMjiNovqhMij-7W_r3vEsp6M_X5RaA4vCEc9PJqMEZqFTQJkQ==

GET
H2 200 images-23-1-1-1-80x60.jpg
earnme.club/wp-content/uploads/2021/01/ 2 KB
2 KB 39ms
39ms Image
image/jpeg 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://earnme.club/wp-content/uploads/2021/01/images-23-1-1-1-80x60.jpg
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 16af8924f7860436731659fdeeb4b9cbab4bb000891e6b7651aab9060551c7cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zeb-monk-from-zebronics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/jpeg
date: Sun, 27 Nov 2022 07:33:03 GMT
cache-control: public, max-age=604800
last-modified: Sun, 26 Jun 2022 03:03:15 GMT
accept-ranges: bytes
content-length: 2165
expires: Sun, 04 Dec 2022 07:33:03 GMT

GET
H2 200 ao0y4krv21gsuol1v4o82.json Show response
flashnetic.com/c/ 2 KB
2 KB 113ms
37ms Fetch
application/octet-stream 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/c/ao0y4krv21gsuol1v4o82.json
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad032d1cf528ab452328c93f4e286e5034be1a9e5c74da91d2828d6a50caa6c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: Acn7r8ZMd7YG6M0YfdycNmVJVXl9rg7Z
date: Sat, 26 Nov 2022 16:33:30 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 53974
x-cache: Hit from cloudfront
content-length: 1549
last-modified: Thu, 10 Nov 2022 12:56:57 GMT
server: AmazonS3
etag: "1165eba4e9339ec6a75e2840289faa43"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: 3_d3nwjjpCWfPZhkonlHcQ0wF6Q1w3ax4VJN3rqWoFx95gg5cYQxmQ==

GET
H2 200 tvdi2ru09cf0ymc0mwei9.json Show response
flashnetic.com/c/ 2 KB
2 KB 108ms
38ms Fetch
application/octet-stream 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/c/tvdi2ru09cf0ymc0mwei9.json
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5bb863c6910d0c861eeeaa51d06324486b9d280f11a11ccfd77c305283fa912

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: qsp7d0tsTDbCsoRHwVoQTtR594IYsbh7
date: Sat, 26 Nov 2022 16:33:30 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 53974
x-cache: Hit from cloudfront
content-length: 1553
last-modified: Thu, 10 Nov 2022 13:02:28 GMT
server: AmazonS3
etag: "33d98cba57a28b885c123495ff78571c"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: 3q8iyDS8YYMS9v8vbcznH5djUMT17b05qutWd95w52r_ahkgoYblkw==

GET
H2 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Nov 2023 04:54:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 553 B
211 B 127ms
46ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a8b835b6f11b6387ea2a484337682db4b9c7b6a4fa7fe904b8319ffe219ecce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186
x-xss-protection: 0
expires: Sun, 27 Nov 2022 07:33:03 GMT

GET
H2 200 uv85s8wiydoa62b7a5wma.json Show response
flashnetic.com/c/ 2 KB
2 KB 66ms
38ms Fetch
application/octet-stream 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/c/uv85s8wiydoa62b7a5wma.json
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a0fda7bca53807a574a641ba6e1c70b4b335bb745d6bf73c239b3701f167cf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: vLfcoHrJbiywLviWxCWpJFlKfUSPjPJN
date: Sat, 26 Nov 2022 16:33:30 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 53974
x-cache: Hit from cloudfront
content-length: 1553
last-modified: Thu, 10 Nov 2022 13:02:29 GMT
server: AmazonS3
etag: "69dae478ddf7e8986fcdaf90bc486766"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: b0aB0XISaqI8ssMKoctXVtWlQsqjMM9muTx7N5g79feu8RFlxL6XdQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 129ms
45ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y&gtm=2oeb90&_p=1823378323&cid=1365863235.1669534384&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669534383&sct=1&seg=0&dl=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Zeb-Monk%20From%20Zebronics%20%E2%80%93%20Tech%20One&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
cat.hbwrapper.com/ 15 B
256 B 351ms
111ms XHR
text/html 192.241.157.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.hbwrapper.com/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://earnme.club
Date: Sun, 27 Nov 2022 07:33:03 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: close
Content-Length: 15
Content-Type: text/html; charset=UTF-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 307 B
449 B 166ms
79ms XHR
text/plain 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67222206459cdeb286aa7e26886bcd9b3e8fd6e4b655f21585f0f7a2029619a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 77092c69d8eb92b9-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
44 KB

151ms
42ms

Script
application/javascript

2600:9000:2057:3c00:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Server: 2600:9000:2057:3c00:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 06:53:50 GMT
content-encoding: gzip
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 2355
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: dAbjhDp_SI-7pFLVJm2tSLi5Ql0o1RK5MZitTaoE_0ytacAnxsk1WA==

Redirect headers

date: Sat, 26 Nov 2022 22:41:18 GMT
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 31905
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: X4G4Na4K9m1ewB7_lZqUGikxviaj2VjGvV0qS9AsZKu5HhhvvqaF0g==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 224ms
39ms Script
text/javascript 104.79.89.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: 208SWX7SNSN45EC5
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: /nBLvOv7Z23emFY779X7nkNc+THWW7zNW/axlKUAZdPoB3qLoRH0aT+JiwNB0rw+Lh/WWtKblKk=

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0652 78 KB
27 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1404 / 699 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 07:33:03 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 0652 424 KB
122 KB 186ms
56ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4253
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0vJKqUR7Dh8vFpkpq9Wa79es7x9T%2BKTYxLMWko%2Fx%2FK7zXvW3Ufgg44x7M%2FiQMJBIHq9dImfmmPOJsmnYuBG4tkcUoSj00Yb9QkMR1iPDc4C6XH6WTvLnDauomwzyQZwwHfTCAN1c00qT%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6a7c379112-FRA

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 784E 10 KB
2 KB 39ms
37ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=mispvoj&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: 7JgilLWGa1Z07Qnnm1-NhBvUkTqDWOXzpDzSNHmzxdAOZ2FXyxO6Zw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 0173 10 KB
2 KB 38ms
38ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=euft&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: NWvwf5rOY7UPcZAYEpgh6wQ8RmD8KSmjMWeVzb-lojD9uGqz9c93rA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 8059 10 KB
2 KB 37ms
37ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=eitdcbnpj&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: J813KCZYl_PU-hsRummF7CBkN2hFPU8pFG6fkLSOp_dbG6Kw4IXPqQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 51D0 10 KB
2 KB 37ms
37ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=gfupmardh&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: OUzG2jIGddZteWKvtTTiA5c6-IyUE1OyD-7QfYwfQdfcvTkbzwoZUQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame EDBA 10 KB
2 KB 37ms
37ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=umkpyzto&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: opeLY4JQnh1cBDzgJJKjSezhRxPUDaau8TzGJRsdKBgBDNaVEGv5VQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame A11D 10 KB
2 KB 38ms
37ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=yvmobpg&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: DnVCaRZGia080_cA85OPQQKsLN4LTAyGTHjlBrpKSfURO8ONVXZOeQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame F7EC 10 KB
2 KB 38ms
37ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=jlmbcqcae&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: tNFLJhx1r7IYGOBlFnh29IqIJatRBN_nyGsFYQR2r1lGzHVTMYnK6g==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 14D5 10 KB
2 KB 38ms
37ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=olxuugxyt&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: 7-oKGh0uXDvoNb2Sh5IvgoVytW8dfLUwWB2HjNQ3azfa8pkt5OQJOg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 88CC 10 KB
2 KB 50ms
36ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=rbfrzq&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: 8MSQhu5DkB0TX30b_FnHDqpl12MHCf5jn54cbaGrPt1xom9XwrR5jQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 79F8 10 KB
2 KB 50ms
37ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=uamvbk&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: 0WqU9en8lFoLXj73HqowSc6epfupB6BZabP_kYQ5GF9eE5r5j7wrcg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 89A6 10 KB
2 KB 60ms
49ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=teboadv&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: pHjwFNHhvIQWe-XRvJdgh-B1jiQArOfwRBkpvUIkfO_otcD4B5JmRQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 9EEC 10 KB
2 KB 58ms
50ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=hefhhf&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: oQ3sHYTtauPGhPdAFtS9SRfUFwRf6F4MviOdUiCQHFOcRPYx1NTtpg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 74E2 10 KB
2 KB 58ms
50ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=taetjqo&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: -qCHxviH4VaNei49nrSY4Xl5bMuUHQCkJw0vlcA2Ks3aJebcwvQ9Bw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame ED0D 10 KB
2 KB 57ms
52ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=rqaqclnzm&e=1460279865863
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=2678861669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: UnCl80hSG5jwQeuJnVvGC3TZg0-0N6fe1182zENmB9_W3ZPDAXE9cw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame ED71 78 KB
27 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1404 / 556 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 07:33:03 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame ED71 424 KB
122 KB 196ms
96ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4253
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMBKBbaSV1%2FNS1UJAy8jROP8XKatSX108sNHAcshn%2B%2FAWhNSyM1JNf%2FzaqgS3xMvOyoezIvssLmJTGz1qrUxFFZHJo96Elnc4z6tCgSKmjg%2BcnDEBOAmAmKpEyHBGJdP0EQPMn8LPjz%2F2dg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6a7c389112-FRA

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame EE74 10 KB
2 KB 49ms
49ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=ryljvnj&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: r9GFN-lZNJoV973DoQf4ZKR1llzLEOsD3BDH0cn7wToIZJv9oIgISQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame A8FA 10 KB
2 KB 49ms
48ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=radezpde&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: cZ_3l9YZKQSq4xkjXHkvSSk2bAWzHi4bIVACqst4RnZiZJ6EQv49qg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 32F4 10 KB
2 KB 49ms
49ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=foomytso&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: wlzOhmPffHGrfrTvAqRMgTTwHWk0qXnbgtxQGHVlQxiRWilnc14tbg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 0E16 10 KB
2 KB 49ms
49ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=yaqcwtind&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: 8OOEZGX-1pwOmD42oKdO-6ZYFxX_iUmA62l00r0Ldx0RBY5fP3LTSw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 2CFE 10 KB
2 KB 51ms
51ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=ytiinxbj&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: M6BQ1gNHGiTud57QvllPakOx-ki1Ste-NuTsiKwP_nsyqxXkXGt-Fw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 9400 10 KB
2 KB 50ms
48ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=souguy&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: Hkv52n2mi0R8UckBeG0fHlVlQ-1FBc0M0aT1bvC90fGJFS50umY5qQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame C7EC 10 KB
2 KB 49ms
41ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=hslvm&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: XXXnnX1oa9iy2ro_T_E31B0lSnJaY95NPY8JvwwjYtDGfy3T3PP8EA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 4813 10 KB
2 KB 49ms
36ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=lavzw&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: nHbzgXSPAblTPA4fYiLvzuYsM1tnM4tLp32A42zlDXIEaL01WChEww==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 006D 10 KB
2 KB 48ms
37ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=uhdckcwa&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: ZQaoLCGbvquOxbCqmUyg5rmN3WYJAMtBhsg7GfNXweFy2QHk_5s_tw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 8BB6 10 KB
2 KB 47ms
37ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=rzuyrf&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: pv_CQxHJgb80VVx0OL4u_cYsL80ih1lpxZYr7suJMsEiiuGPCrHvSA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 81E9 10 KB
2 KB 45ms
38ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=iwktsfw&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: Z8hkzsGpVJTFj4ke69Gog3YnqWcN1d57mpzOD-mSs5vjnK4S3g08TA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 6BD6 10 KB
2 KB 43ms
39ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=dyuzvhv&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: lUgN0tOHvuBVf4JKwCxJpY0uJRUrd6a-_wK6IlgnfDCVOcguYx1dLA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 3A11 10 KB
2 KB 42ms
40ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=xqrovb&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: zFAJ_TwmpJ_2gK5K0XLbPM-0IKLiBxwDxNx9lLR598jBa1hd0OQm5A==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 3C64 10 KB
2 KB 42ms
41ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=qkkrlhd&e=1986237864053
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=8726271669534383313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: bt_hBs6YeoHqAxWrde6HExy_1X3qI60UXSc1mEv2bIZPPVvA4-_4xg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 115D 78 KB
27 KB 67ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1404 / 452 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 07:33:03 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 115D 424 KB
122 KB 166ms
95ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4253
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aM5ADtvpyUMwS3kAAGaw263AzIlTtfgxo1SfVDCrf4MJk8VMu9PF0bgu2xOryCq49lQC65l%2BPiESf9kQQjuCZHEiDyNZNC4mug8e36%2Bnl1dNAhsn6Qj4%2BQ2Ey1ZT8dHg%2FcRKvqd5G8cT9gw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6a7c3a9112-FRA

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame F404 10 KB
2 KB 69ms
37ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=hpigheei&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: 2UI-XXLpPK06qKjUi6dILSmfx7uBcRRP2sab57GEUeY1CLHKev6xFA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 66F1 10 KB
2 KB 69ms
37ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=kxjzfu&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: 0jJhaQerkW-L78kNQcyDWxygaFn0qPa3A1WyMgU2FY2ZSsxSUPon0A==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame EA9F 10 KB
2 KB 67ms
38ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=bvffyi&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: Ub0NK7dzUWyItJmj7RMWTBtiG5D2o2Ty35SWzi8XgnK6vC-4EjKqew==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 1B29 10 KB
2 KB 64ms
38ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=zfissgsp&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: WxbQkEcTwG15Bo3JvllDCExIVHFtLXqcQ3I73Z7zEKRzPtOsMTGSnA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame B9E2 10 KB
2 KB 64ms
39ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=ljddsx&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: B9roYt12iGkKMVhdLHF7i_6oBCffPqVvEzAM3fDSX51HJ9R4IwyNCQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 7EB0 10 KB
2 KB 64ms
40ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=oqpfvjjzva&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: J1pg8vepCqTvb50_qJKSgQxBOlgDi1-sjb4of3agJdNswjm6lvnfBA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 32CD 10 KB
2 KB 63ms
40ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=abridaeipk&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: 5FuRrcgEwzBt59CssdyMYyt6EeVXNGyUoY6UT4S2zuM5XttYTtrDhQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame F7AD 10 KB
2 KB 63ms
41ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=dgxrevtfw&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: qF1vWc7Emz8PGysbe2ZuX2bNMthbCAoEr0DfT8tOsv_B6rWKq68nhg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 2A3E 10 KB
2 KB 62ms
42ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=irmdfpde&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: qXs2niYiqIKN5KfzAX4_02bAkFjheSz-PwrSVy91H2eSb6KeCGFQbw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame FB7E 10 KB
2 KB 61ms
42ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=gchxbfzt&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: OtywUDssmNVSuYET9T5vIHEZxeKFNKlTxtfha8T-KItRhVne7WzeVw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame EC19 10 KB
2 KB 61ms
43ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=biumtjde&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: TpUTqW287_WDZla-ASgY3QhlPy8z21djhI8iojj8IvP_1F3ldYc6-w==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame D5B1 10 KB
2 KB 61ms
44ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=vraexgm&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: W5CkOGAUTY88ypaMdjfaGf_o8L-LfL2eKZ-cN9UcTNy2vqaQ18x3qA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame F48D 10 KB
2 KB 62ms
45ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=cfowevjd&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: Uzs2y0-DSvHural8LLS0kOfE0oBI79znOdbFLYH41UxoOBXxbIqD_w==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 7507 10 KB
2 KB 61ms
45ms Document
text/html 143.204.89.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=wonoeapj&e=1934835366129
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=5755051669534383305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54377
content-encoding: br
content-type: text/html
date: Sat, 26 Nov 2022 16:26:47 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: 0UxgqAlFTrVKI-z4XNjYfR3S_AxOO0BEDQUOMZSX8oNk455Bw0Aq0w==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 161ms
45ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 157ms
42ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 229 KB
33 KB 660ms
659ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2312202965488994&correlator=1708245755252166&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=21735448363%3A22367406785%2Cearnme.club&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C1x1%2C1x1&fluid=height%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0&ifi=1&adks=2564538650%2C174271564%2C174271567%2C174271566%2C174271561%2C3490001028%2C3490001051&didk=1813635145~1813635144~1813637047~1813637046~1813637045~471193909~471193910&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C0%2C0%2C1%2C8&eri=4&sc=1&cookie_enabled=1&cdm=earnme.club&abxe=1&dt=1669534383970&dlt=1669534383091&idt=832&adxs=-9%2C632%2C456%2C989%2C632%2C-9%2C-9&adys=-9%2C178%2C707%2C343%2C4361%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C0%7C1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=0x-1%7C1080x0%7C678x0%7C326x0%7C1600x0%7C0x-1%7C0x-1&msz=0x-1%7C1080x0%7C678x0%7C326x0%7C1600x0%7C0x-1%7C0x-1&fws=2%2C0%2C4%2C4%2C0%2C2%2C2&ohw=0%2C0%2C678%2C326%2C0%2C0%2C0&ga_vid=1365863235.1669534384&ga_sid=1669534384&ga_hid=1823378323&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4df3efefcc7b75a64dac12d40cce168715901708de8a0a39afd486445af8edb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33323
x-xss-protection: 0
google-lineitem-id: -1,-1,5483746265,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138403669908,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
343 B 86ms
85ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2312202965488994&correlator=1708245755252166&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=21857590943%3A22734888843%2Cadsviktory_earnme.club%2Cadsviktory_earnme.club_300x250_1%2Cadsviktory_earnme.club_300x250_2&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=320x50%7C320x100%7C300x250%7C336x280%2C336x280%7C300x250%7C320x100%7C320x50&ifi=8&adks=3548237974%2C3196689019&didk=3522484137~1387365765&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=earnme.club&abxe=1&dt=1669534383981&dlt=1669534383091&idt=832&adxs=-9%2C-9&adys=-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&ga_vid=1365863235.1669534384&ga_sid=1669534384&ga_hid=1823378323&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2711e995bdb0042b32124c0dabdcd1e57363ccbbf3cdf2085a1ba74001717109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3B63 6 KB
3 KB 183ms
44ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:04 GMT
expires: Mon, 27 Nov 2023 07:33:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 15:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 316476
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13838
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Nov 2023 15:38:28 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 238ms
42ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 27 Nov 2022 07:33:04 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 237ms
41ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 27 Nov 2022 07:33:04 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 238ms
43ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 27 Nov 2022 07:33:04 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 237ms
42ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 27 Nov 2022 07:33:04 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 237ms
43ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 27 Nov 2022 07:33:04 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 236ms
42ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 27 Nov 2022 07:33:04 GMT
server: ATS/9.1.10.25

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 336 B
697 B 319ms
208ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: aa776b870a7ecb2c6aacde59216c08ed3381b4c3143827d3de836d88c50019b4

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:04 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
X-Prebid: pbs-go/0.232.0
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
564 B 205ms
104ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=773924&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224352b81fefe0e87%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.google.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F%22%2C%22domain%22%3A%22earnme.club%22%2C%22publisher%22%3A%7B%22domain%22%3A%22earnme.club%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Atrue%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%227.21.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F22181265%2Femc_300v_3%22%2C%22adunitcode%22%3A%22dd5fb9ef-b03d-47b2-a1e6-68cb3a755213%22%2C%22divId%22%3A%22dd5fb9ef-b03d-47b2-a1e6-68cb3a755213%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224497c0e6eb7afd9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22773924%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22773924%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Femc_300v_1%22%2C%22gpid%22%3A%22%2F22181265%2Femc_300v_1%22%2C%22tid%22%3A%2221757fd7-bc6e-4d09-bdf9-567702d1398a%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2246510fbeff9d4b4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22775312%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22775312%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%5D%2C%22pos%22%3A1%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Femc_300v_2%22%2C%22gpid%22%3A%22%2F22181265%2Femc_300v_2%22%2C%22tid%22%3A%220ded2fb6-47c2-430f-89eb-cb2dab8ec0ce%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22480bf29b6637ffa%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22775313%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22775313%22%2C%22fl%22%3A%22p%22%2C%22bidfloor%22%3A0.01%7D%7D%5D%2C%22pos%22%3A3%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Femc_300v_3%22%2C%22gpid%22%3A%22%2F22181265%2Femc_300v_3%22%2C%22tid%22%3A%22328300b4-547e-41fe-864a-7ccf186e58f3%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2227abd298-80e7-4e89-9665-ba0172bd3aaa%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1602%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220074af87-aaa3-45fa-a567-18702c8d8f40%22%7D%5D%7D%5D%7D%7D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 666ce52970e14b7bea137f2126a053e487a9e7560a4ed6605eae68fe45dfddd2

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhatS7bRxAdMq7BCfuYQtMnBPrj7EHO1beVyxVVBAt42zABdMB%2Fov0BuOoARuhfnhPA1a7jFp8MO0xZCUhZD0KfnbMBLWvygMCT%2F%2Foo4aNp2MprCB2o8%2B5%2FYU5hA61pg9JsPnJEO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://earnme.club
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77092c6cd9df693a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
358 B 138ms
41ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 361 B
1 KB 126ms
37ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3efa57d7331466e854dd9bf53ba6cdfd5754743f56c7437d07c67f7feb01ae8c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:04 GMT
AN-X-Request-Uuid: eefbdb81-86f5-4828-ab3d-d3f7f6709da5
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 361
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
309 B 490ms
61ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.21.0&cb=83269452310&lsavail=1

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
237 B 427ms
48ms XHR
application/json 18.196.227.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.227.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-227-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c6b104524d31546f75a06c3078f7bf173d13d32fba0f496cb0ff00835e74e340

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
content-length: 49
content-type: application/json

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
167 B 144ms
41ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Sun, 27 Nov 2022 07:33:03 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://earnme.club
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

GET
H2 200 arj Show response
digikulture-d.openx.net/w/1.0/ 73 B
375 B 200ms
50ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=21757fd7-bc6e-4d09-bdf9-567702d1398a%2C0ded2fb6-47c2-430f-89eb-cb2dab8ec0ce%2C328300b4-547e-41fe-864a-7ccf186e58f3&nocache=1669534384042&pubcid=0074af87-aaa3-45fa-a567-18702c8d8f40&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90%7C300x250%2C336x280%7C300x250%2C336x280&divids=5b10cd0b-6c9e-43bf-9f6b-37d4736d623d%2C5a83ac5d-a871-4cc9-aaf0-fcb08f76c1f8%2Cdd5fb9ef-b03d-47b2-a1e6-68cb3a755213&aucs=%252F22181265%252Femc_300v_1%2C%252F22181265%252Femc_300v_2%2C%252F22181265%252Femc_300v_3&auid=556580797%2C556580798%2C556580799&aumfs=10%2C10%2C10
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4a6216e2a671c8b2d1f221a4b8bebccdbe3c42fe34afaa541f7bee9bd47b2ff0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://earnme.club
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST /
prebid.smilewanted.com/ 0
0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 445 B
995 B 223ms
51ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294686&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,,,&eid_pubcid.org=0074af87-aaa3-45fa-a567-18702c8d8f40%5E1&rf=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_1&tg_i.gpid=%2F22181265%2Femc_300v_1&tk_flint=pbjs_lite_v7.21.0&x_source.tid=21757fd7-bc6e-4d09-bdf9-567702d1398a&l_pb_bid_id=791dcdfc3678a3f&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_1&slots=1&rand=0.27491747342226325
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d498ed4f129445bfa41597ce504d7e7f84df8c3aa7ae131181768748126a7ecb

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 445
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 446 B
772 B 225ms
53ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294692&size_id=15&alt_size_ids=16&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,,,&eid_pubcid.org=0074af87-aaa3-45fa-a567-18702c8d8f40%5E1&rf=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_2&tg_i.gpid=%2F22181265%2Femc_300v_2&tk_flint=pbjs_lite_v7.21.0&x_source.tid=0ded2fb6-47c2-430f-89eb-cb2dab8ec0ce&l_pb_bid_id=80e72213a7cf631&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_2&slots=1&rand=0.8479249823619672
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f66bbef0a315d547a7f852cd1958619988f6a920da32462e53e0bad818acadb3

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 446
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 446 B
772 B 221ms
51ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294696&size_id=15&alt_size_ids=16&p_pos=btf&rp_schain=1.0,1!adapex.io,s1602,1,,,&eid_pubcid.org=0074af87-aaa3-45fa-a567-18702c8d8f40%5E1&rf=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_3&tg_i.gpid=%2F22181265%2Femc_300v_3&tk_flint=pbjs_lite_v7.21.0&x_source.tid=328300b4-547e-41fe-864a-7ccf186e58f3&l_pb_bid_id=81626087311e2bd&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_3&slots=1&rand=0.6509356767975782
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2d857f70a9935f884ca0b4119117091fddfe519c0e8f3dd5aab1b32f4367f6c7

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 446
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 221ms
124ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 26417eda7f74fa1c09a05a3ab8d2188caa35159f25abf6e4be3dfe09e3880a02

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sun, 27 Nov 2022 07:33:04 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 226ms
143ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a8c4b804e926b17ac797ee98c257941270a2110a7bf9e515193e83461342631f

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
294 B 188ms
104ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 7a6149317398791f5a3ab748420aa49fda9931dddb83da7c0739e620392f439b

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 257ms
174ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: da43c26c1aff9f14a64aaaaf30c896aae4a50598a14ef7e205ab02af532c565a

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 221ms
138ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f8e20ed47f5993f8859379ce3743ad1c3747013d43ba8548ea2a4c2622355602

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 225ms
142ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1f0a434963cafe496427c7394e169adc5b3c2b5b93d0b3c69d335612e84a75e9

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 229ms
146ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3c65bfdc8d725ae88c0ff908870bf582b051be9431b1080e0fb5287031e28a8c

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
348 B 1165ms
132ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dSQrD4Kmqr7io0rkHcnlxd
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 0e23ca6ee9ff84c131481946db932e55156899b686c43df4479e1e7c9e3c9407

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 1190ms
156ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dYto7aKmqr7io0rkHcnlxd
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 0e23ca6ee9ff84c131481946db932e55156899b686c43df4479e1e7c9e3c9407

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 1177ms
144ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=d2Vd5MKmqr7io0rkHcnlxd
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 0e23ca6ee9ff84c131481946db932e55156899b686c43df4479e1e7c9e3c9407

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
61 KB 270ms
38ms Script
application/javascript 2a02:26f0:480:b::210:f1d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.playstream.media
URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b::210:f1d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdv3MtB8ywSkxoFTIcVTwmMCJVLnsqLiokzJPDc1lTU-XBbxh1xIFRlJmFv_ujNnAJO9Rwzbgi9de8Pj1jr87iA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 61326
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
server: UploadServer
etag: "9dff0335699f04080269947f40c366ae"
vary: Accept-Encoding
x-goog-generation: 1646327924579580
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=DITkQg==, md5=nf8DNWmfBAgCaZR/QMNmrg==
cache-control: public, max-age=300
x-goog-stored-content-length: 61326
accept-ranges: bytes
expires: Sun, 27 Nov 2022 07:38:04 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 408ms
116ms Image
text/plain 52.206.200.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&cb=1669534384183&r=earnme.club&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d65=&d66=7&e=playerLoaded
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.200.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-200-5.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0652 381 KB
129 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Nov 2023 04:54:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 0652 553 B
211 B 48ms
46ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a8b835b6f11b6387ea2a484337682db4b9c7b6a4fa7fe904b8319ffe219ecce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186
x-xss-protection: 0
expires: Sun, 27 Nov 2022 07:33:04 GMT

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ED71 381 KB
129 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Nov 2023 04:54:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame ED71 553 B
211 B 51ms
50ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a8b835b6f11b6387ea2a484337682db4b9c7b6a4fa7fe904b8319ffe219ecce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186
x-xss-protection: 0
expires: Sun, 27 Nov 2022 07:33:04 GMT

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 115D 381 KB
129 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Nov 2023 04:54:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 115D 553 B
211 B 51ms
51ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a8b835b6f11b6387ea2a484337682db4b9c7b6a4fa7fe904b8319ffe219ecce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186
x-xss-protection: 0
expires: Sun, 27 Nov 2022 07:33:04 GMT

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
334 B 178ms
63ms XHR
text/plain 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:04 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sun, 27 Nov 2022 07:33:04 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 784E 424 KB
122 KB 55ms
54ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=mispvoj&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvrZGcSadFHd0tbAa6XIrbKC%2FoO9unOIE1ArcIckdui4tAh8XetUFVDjA3mwcyW1tMcy%2FktkTQnLUb9LHf%2BCKtr5B41ATeWrz7S5tYiCyU0rfz5xDsdEuFXx45rgISy9Z%2BPg%2B0sskNEmO7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6dd9cf9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 0173 424 KB
122 KB 55ms
55ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=euft&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erwR7guojyk%2F4sfLr4AI7k%2BSoUqc6YDMXYXghx4KsR0cgtmJEs2Hqt0z6m8V9eAjmT%2B5OqxAcVgFaCYwj6VuIEZIy4PMXs%2F%2BFfBCB4qgWN%2BcmBf65v1yGmWmYLTPKHU%2Bn46YTTNFUimVhSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6de9e09112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 8059 424 KB
122 KB 60ms
57ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=eitdcbnpj&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME65tNxwNVzfal2ad7iagnEDHpNs9ny7ZhM8sG%2B6WivuCUcNPzppFR%2F3ApwxD6%2BZDELd0NovQdCtJcyegExusiw%2FJIW%2Bt%2B3s0f8xKXn4XfEBbCnlcbXVUOBW8KLwLnT5Vkz0lP8QxZbAXXg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6e09f69112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 51D0 424 KB
122 KB 68ms
67ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gfupmardh&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4VNCvM9XGnYGzQbW9TKtIY9J%2BFNkWxMVTcYXqetQ5ZAbeh7PMSPoZ3%2FalZ%2B4RTvyNXpKS5s0sYrZFKN3YaKjrAToLTFsw5Fbd7lhDapHfoonzZwdhC0Y2W04LsmgNxFpkC2pjWNt%2FXw7GM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6e0a0e9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame EDBA 424 KB
122 KB 65ms
65ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=umkpyzto&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oe6Vz2PWADFKctuPzgFvkUG6XsW0Weu6%2F288wWO3dQc97SGyRbBMvrt7k9un3RPFGR5wc8o6iayaAXgWbWNACYBX8TcRzqs4KavPytdVbzB%2BBNj6mQePo4uIkf7OYsjHysu8fCoZ909YA4U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6e1a299112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame A11D 424 KB
122 KB 62ms
61ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=yvmobpg&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDp112aoOjb1sewXXHUfw0ThkaHP4wVkgIY3e5xY%2FY0YPnQe8aU3smOUcAqyk1CpKhxCyqXNIPKgDdWQ6jm%2Fg5a%2B9NqtV1upZADUVtctJ3Rbj6u1mw9iWoiJn7P2%2Bw4hf0r6a8%2BDXhLefYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6e3a519112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame F7EC 424 KB
122 KB 53ms
53ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=jlmbcqcae&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVi2v2vlsV0TIdhH9EVXmwzCW9VIMnAXqd%2BqK9D0Z3oREm3SV5Rhciph5%2FvfmK%2B5DH91%2FFzm9u3JfpPxLnx0u3i2QKnJ0qvPXFCT5VpNY1riwWblYxN8ZIAfGiObP5vcOCm%2FxSIg6%2BOMKR4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6e4a7b9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 14D5 424 KB
122 KB 55ms
55ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=olxuugxyt&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVBHVfm%2BF91ZglCYfQy9ERCx4WkIrM%2Bk2PXnpGr3veQAxw0Wl4cz93tI3bnC45lBxkBF0uR00hd3uH5FQhIrUdi1dsxAJa3%2B792BLPwjQ%2Bub3jD5xGoZUh400DMO6t3JdBrdyScMhwApHZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6e5a939112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 88CC 424 KB
122 KB 63ms
54ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rbfrzq&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeOkoLcxA24T%2FpEE4kHCZQv%2FHvKmB6z19jpVoOLPbxrbvi3ddLCoAhnuXEi4Lietq0xGog5696PqdIO5kaMDL0ix9zry8lEe2srXP0i%2BQmwKbScMiQ5KicplbLUZ6GevLwd19D5qcm%2FdVPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6e7acb9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 79F8 424 KB
122 KB 83ms
80ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=uamvbk&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aoQgwUb1GtqJCNecQaT3MhdoM%2BByzFRWVJYlDzx7tkBMkl85Rmg6JcrBasY%2BNV9%2FDK5IQ3ShCVgL0wjY%2FlqM911ozJ2WZ515cRUJjyk7wGIFCa4AhmDk2FO4Z8BG7UHgw%2FSGH20eBD92BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6e7ad49112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 89A6 424 KB
122 KB 84ms
84ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=teboadv&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NK37cw1xuxWiPbHagyGF04VfXJOdZXszzd8YTkyDR3NvboHswgaxC%2FYLpshGMsVW8ls462Fuh6I7RTnAnViKceA%2B%2FS8nhdlTk2V7cijvfw4wqXVVwhvJpFhhbt4ae3kbr4MWcUJx6N72sCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6e8ae09112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 9EEC 424 KB
122 KB 79ms
79ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hefhhf&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkL5c7lNoqbSSlnh3qPm3cUBXnI8tfNhK97WKSTnoOvxTyxK%2FmxXfRhCEAcixFGUgCW5pNmPQUXb73X6rO6eVwClT9KxZyoSl9HQc54%2BhRUb9dfWoAXnU%2Fg%2BcO76abHG82beTWxi%2BF5sblw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6e9af79112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 74E2 424 KB
122 KB 78ms
76ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=taetjqo&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoCZlMHCEOJI13gW0ByIhCNYMel8wiFpaaanGXl74wtRJMMqfnrP%2FGRsypIeq0AHidUY68%2Bu4IC2VY9JRiWPTKIk0XnflSuV1ATCYh74JGFq2rHkquxUPB78HdT3ew7%2BI3%2FrPIiDJqu8Hmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6eab0c9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame ED0D 424 KB
122 KB 76ms
76ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rqaqclnzm&e=1460279865863
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6MgWn%2FZC2on3zQ4v9HqsnuYub95gfyoj5vasBek2WmTJe6m9WeJIEs5rVMPHgsiyvGDZxNbKf8Fpt14VmAQprZsvcE063Gq96MTOBUCKK%2B7whTdN%2BXIDLPPWbabpFkQXyfmLqoJ54JPZME%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6eab289112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame EE74 424 KB
122 KB 109ms
68ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ryljvnj&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrahjZpLTWcbVkgBwqF%2F86ghE5bJGivVuBAW68cU4NSgvdPWK4D0hIpStWeWCxBTv2Jx51mDEbpvoOcn9yPHHvpPisNH9btX5Kz7hoCaR8GSipXrzfW6sfeArmgLmu0BWqw0owqQ2oWauHk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6efb969112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame A8FA 424 KB
122 KB 84ms
51ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=radezpde&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udm6Tqb7%2BY9jh0bn8UlKKC%2BPWRA%2BYMqF82xE3gkCY3P57Au2OZJV%2F0ksOUK4fENncvFjpk4q4MHquwRFrLRj%2Bxzj%2FFBBl3N2%2BA95H1YaSuYwm45WJJ5cMtCYYJ1NBbYqK1u8z%2Ba6LOar7pI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6efb999112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 32F4 424 KB
122 KB 122ms
98ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=foomytso&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCrUB57of6Hj5Fodz3oJ5lcv%2FfzAs8jqcyBt93b9C797pyoc%2FyC5%2BFjUhI0U18RwAwiwXVaT1%2Br3ByikF2jwjNuqIJlk9IHRGdUxyZ658MDLKnKR15rwkFojJTYXVtMFI15AjNXcCCf9k1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6efb9c9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 0E16 424 KB
122 KB 117ms
105ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=yaqcwtind&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puiIxyy4bdkTjH2Ib3knBv3%2F1awtZx0Ykd%2FHzL%2Bz3%2FslHDKWzkOr6P7kmdqQZ7qRsl%2FNdZwkc5TdEKB%2BzQYuhpDFh77s4JhmtAIkiD6yZAt3aPM6eTYFpvlIGhMSCothg6%2FjGjiAFwWBvc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6f0ba09112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 2CFE 424 KB
122 KB 118ms
109ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ytiinxbj&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awLlUuOMkc0%2B8ynlP8oJ82uXrxlI70%2FPvQvFuBk9Zp2KJXwrQ2i3hOmnnWswZaIJ4wxG4EaY4U7aG6AS%2BlbfE%2BvoFPMQa2bNmrokY5ZFD7aUbgLqPlPf0H0uJleMqMZIGs9QgVVrNTW4Gb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6f0ba79112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 9400 424 KB
122 KB 128ms
122ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=souguy&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRlQicwxg4XSFni0s8tGHghgVBf12AKm5MR0DWmV4wN%2BhUg2jpIvEs4qUncR%2FOnn6e4BmR8ykrgGyUUrVmPlWJ4yBtRD1c7gq6%2FSubUebLRs6CZ3NbJzdzqsxJKenME275bPXItIn2buwUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6f1bba9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame C7EC 424 KB
122 KB 129ms
120ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hslvm&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2I9Mw9bICAye7hJ58dmOPeLnSSna%2FXV2Zd4YU8rjige%2F1uo6xJssBXciUgea21qJe%2FrNzaDw6VLyzTPlO3fVt8HWaXO6MloPIuBu3ljNjxo9OzRZTogygGTJqOzUOEvd2Cbgl4Py5ajAjjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6f2be69112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 4813 424 KB
122 KB 125ms
104ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lavzw&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uIQ%2Fuhs5OKtopNykA6zwujNZUeCHL7b%2FokW4VvcasBogZ6sYdupk2ZcYWRuuNy6y%2F1Etwz7MDwzbT3l%2FsbPybPn4YL3eE1y0nZgZjNCwoW2ev27CkgBfJh0mWJExmm1hgAgNPKIC0Y7AuU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6f4c599112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 006D 424 KB
122 KB 157ms
131ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=uhdckcwa&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y74tFLemgUyu4EyywrZAAuOETo83DbO1UkBL4Y2lnsmeKELbE7QI5xIyPwPX64i8bBvlqkTWLSR2%2BbiWzGB8NvTPamSJxdylnrw5xkQY8NDGDXv1DPUlDZs6L4K1WvQqwdLPV900l0IVi6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6f5cb99112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 8BB6 424 KB
122 KB 110ms
89ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rzuyrf&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uiUWrBMqEWy7WgbwmeB7KycL%2FM6db06sCsVmL3EwEEpsXsUyaeC9dLP8nIYImV4OrUJymr4Vk4CB3FT%2FEU71INqyNeB%2B%2BKRhEmNLDwTZcOX7RlhRnxpjD2enmk6756C6vVNun1cba%2BVNEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6f5cbd9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 81E9 424 KB
122 KB 146ms
115ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=iwktsfw&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Wtc1zGb7cgLagd%2FN8NZcVxR2oLjBzorIUeIeQnT2UWx6K%2FvfbsDWbbD3ouFU%2BXUSuuITniYLM6DkO7wGJ1Rjo6y2xsxP44%2BW7iiMxmKG7Yu3zMem1VPt6HL%2BxiXhGo%2FV3zw2JsVrvP%2BH5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6f7cea9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 6BD6 424 KB
122 KB 143ms
105ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=dyuzvhv&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCV2jWj7kFVZ8wbmF5dMQnD8jgLlvj%2FDYopw2YgliSpSGbjN%2FKSHmFjpSPhAJsVA9zCvn5ILpF80sWV6DV2%2F811%2F6D%2B6MNBImNYg1ibr5xTuUdeR9wqU3ZfLcnudr8h3jLoEVVn4zy36h1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6f9d1f9112-FRA

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 0652 18 B
308 B 90ms
65ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=97928212734&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0652 0
333 B 415ms
43ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://earnme.club
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0652 420 B
454 B 151ms
126ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club&tk_flint=pbjs_lite_v7.19.0&x_source.tid=807b2eec-535b-441c-9252-f3c28c6439f3&l_pb_bid_id=676a4465c8c2f7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.45257854891366045
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e7257b5019126c55e01530f810b33023d7656b169aa16f2055c19b118de163a7

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 420
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0652 0
333 B 409ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://earnme.club
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 0652 0
405 B 535ms
372ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0652 0
174 B 198ms
76ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 27 Nov 2022 07:33:04 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame 0652 0
229 B 458ms
342ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:01 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0652 19 B
704 B 86ms
78ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:04 GMT
AN-X-Request-Uuid: a3b71fdf-4c90-4414-be19-d3263cad12f5
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 3A11 424 KB
122 KB 121ms
104ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xqrovb&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iI2uXamwSU6hwRMZ9MWSX8Us8%2FaMDYTUXbRz6akAL2SpLWZmSzxSlcm9Q2gNG2FFt3yoVL%2BHW3TmmR1BFpq045JRYmDFi9a1ZmktuFvjP2SHnO4f95%2FjQkoDibmj5%2Fp4QMOB5taR1UQ07O8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6fad3a9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 3C64 424 KB
122 KB 111ms
101ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=qkkrlhd&e=1986237864053
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AmqDQcoh%2BXAvxjNKmk5KHSQJ7mDXb57UNbE1y5je8VLENjgYrMvrnAUVe3NDlk%2FtOWPOclIA10EdRYTF1dMMQLA5ED1Z0jj6OqKdCXB0f2wgXjREftvKAZMjhjadoeSGi5PcVxb4O%2F4Oj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6fad3f9112-FRA

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame ED71 0
173 B 170ms
77ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 27 Nov 2022 07:33:04 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame ED71 0
333 B 379ms
42ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://earnme.club
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame ED71 0
228 B 436ms
344ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:01 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame ED71 19 B
704 B 129ms
64ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:04 GMT
AN-X-Request-Uuid: a31f1c58-3c89-488b-883f-5d892529b144
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame ED71 0
333 B 381ms
45ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://earnme.club
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame ED71 424 B
459 B 147ms
123ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club_._3&tk_flint=pbjs_lite_v7.19.0&x_source.tid=24a8e63f-ff63-4cc6-a20e-676d493ce974&l_pb_bid_id=12a2d789d9b7b62&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.711322376554653
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a160c2915fe68ae5ec0ab9f6c303bbd448f6e318013df358b791cf96e98a9147

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 424
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame ED71 18 B
308 B 77ms
55ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=20872096058&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame ED71 0
406 B 499ms
372ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 115D 0
333 B 372ms
44ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:03 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://earnme.club
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 115D 19 B
704 B 130ms
49ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:04 GMT
AN-X-Request-Uuid: 2063ec60-4229-4b96-98f6-a88191b772d3
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame 115D 0
228 B 423ms
342ms XHR
text/html 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:01 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 115D 18 B
308 B 93ms
75ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=4899116872&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 115D 0
173 B 156ms
76ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 27 Nov 2022 07:33:04 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 115D 0
405 B 544ms
427ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 115D 0
333 B 406ms
83ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://earnme.club
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 115D 420 B
454 B 179ms
162ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club_._2&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a00cbdc1-0394-485d-8a4f-fae25bc7ab63&l_pb_bid_id=16c9059f6e3c08&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8023496907728203
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 47400cc1ea9b116d38027acbbfad8876ae6c36da12c9e7546e020097bc142875

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 420
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame F404 424 KB
122 KB 91ms
77ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hpigheei&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiYEM2bzpEOscGB0lpKlI3a3Byt3CyKmtR70o8EQnZpGXHR5Nlp1%2Bz6WxDV2YLpiY%2FOw4rA0iXjiIE%2F1GCae4eQg2j8blS%2B9PzzW64NekBgfAz5AnxFv%2FA7vAAoJQN08Mgj4OxOlG3uTM9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6ffdaa9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 66F1 424 KB
122 KB 76ms
69ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kxjzfu&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXL3TmL3O5hjp1I0udVTgcVTpORx678%2B43SxrhbWYC0hQY20XihtdLSSpsWf1Z5DT2bpkweQYKuJYa3IfFHD8e8tM9UH0D1nuOXAqRxReAi3HgCt3%2BDobRSbe%2FS6mt9kn5KCQxrmQXXHKHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6ffdab9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame EA9F 424 KB
122 KB 79ms
74ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=bvffyi&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkJGF8%2FAXXmXQkNsD0fJQuwVesd7t5A5VYi9V428tXcE6PBMXZgoyeLx6GtEHus2Qx%2F9%2FufD%2BRQNUIrsxJFribZTJMTImt7V2pr4ckDfFRbB63ypJyDkW1g4KFA4%2FmR7m0SWFB5dTU76l1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c6ffdac9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 1B29 424 KB
122 KB 77ms
72ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zfissgsp&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdyeXcZupiqLka9QeYBkyMdn43yOrl3W2zR0cdDJYnakBwUeGqdkFbh24da4Cz7k3Im%2FylLhVhv6zrD2sO4UIJI7wjz9nlVcyvkYt4rOUBlER3434l%2B%2BeBiUVIAMHsQMogGy%2BxfWMcNyX58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c700db79112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame B9E2 424 KB
122 KB 69ms
69ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ljddsx&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7Ja8o3OhPhgQ3%2F4kRY7EWmomZ7pRSsbMhwpfMKEH9TnSkPhDh3pRW0RLcqlNB%2Bm2VqJ%2FiyNNg%2B%2Fet20kNePm1TDrVuZ9wFowlsnvY8KMqfHPRvm8Q3sDiQtAr70EnFHrGOsmPOBJPcQKQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c700dc49112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 7EB0 424 KB
122 KB 59ms
59ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=oqpfvjjzva&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipZ2K8SwtLuCQ2GYxvjbVNn13paJZ9LtF9TGr%2B9kgBbfwXL6P8rL1XXgsOZxLhimc0xd%2Bs%2FUwvv7nMaK3ga0tbW6D%2Fqd9bXMMdpHmmtfqSftusA9DDFKZDZh7n6yD6mZ01Xu0d743MHo96E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c701dda9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 32CD 424 KB
122 KB 101ms
100ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=abridaeipk&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nh6gf6QC%2FxuwJwN2GChM%2BIiqBoyZVH7D4QbOKAK01CO03K6CeTS%2FWxdX%2B4Njvor%2FK9nOq%2BGJwl7y548DJy01K%2F%2FVcoK7vDTM3JY8asjwfgTPMfrjIPPqspq037ip93GS9%2FmTLw%2Fnb4YG%2BVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c702df99112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame F7AD 424 KB
122 KB 117ms
117ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=dgxrevtfw&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FRODRwTOZIl9gzxvnqNPapr88KhvcgQ%2Fox0fGRT1ffK4dSM3tFOQsKVuyaqwcr%2FURVZGX7yTJonVnkIo0BBKa24bJCtP%2BzVUfwntBdcvmvr0QXtSFhXDdzkRrgQMU52t2VfPqrPbuFfDAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c703e099112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 2A3E 424 KB
122 KB 110ms
105ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=irmdfpde&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BEOU78cwd%2BYxUrgoquJtq5JqjcNtmbsHdpWNHvZHjRhK1Qu8X6Gr3lmoZesBHsTS5nYcXAx0O3Xrb6gndtY3nSc4tuUwczHPZr1d21digarAfifpN9ChnuTcCUuohRUxsjpCevrEMa2aFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c704e259112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame FB7E 424 KB
122 KB 107ms
101ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gchxbfzt&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FNbmvesng7ro0HEvHu3fOgwKkv0Nf53U0lMy8%2B%2FxUuHDgzhwZnYA6Avzm5%2FtkWrA2%2F9toYDGJHcV%2FwVe19ql6b9bLhrA7X%2FmqNzVkfS%2FxGBd1G7TLA4j6wzXc7Z4IIhK0FBvyif%2FVcBkYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c705e4c9112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame EC19 424 KB
122 KB 102ms
96ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=biumtjde&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSVUKmmgIF4Ovpazov4xfaW5yrmS80cWYkIYRSEY%2Fy%2BQ8ljht7PWSMEfvQYakMurPFBmK9rUNzhOpHIM%2FSnQDGBdsobpg2nzWpvWaLkybfWAVnQ8GeyqNjt8w8G9vM1ix7Jhg6LY9joLClg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c706e529112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame D5B1 424 KB
122 KB 96ms
89ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vraexgm&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCWchbwVLTlcc%2FN%2BM0TY9N0zVHND87spZkhLJ%2Fq50JIV%2FpJ0GweHWrDwUN7yBI%2BzcvEOWS5Rzl6aJDYDUhpdn7HItytGIqDNw8ZmiNYU4A%2FxnoV0l0B3qnhyk0ExN01ND%2B4NI0REbVlQc8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c707e709112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame F48D 424 KB
122 KB 87ms
75ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cfowevjd&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91AcLgti5CtwkmWndXb2Pot7u0l5lZH9Pr1Rf0tdQPAYZxF7FjIgfzldGrTk8MzqBnlc3L0Mzk6Zzv%2FsZ1429Iq%2B6P%2BHklibVcRi8H1fZndoCb7R1mJCnI56oPmFPmq8B5KWy5J6nuh9li4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c709ea19112-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 7507 424 KB
122 KB 88ms
81ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wonoeapj&e=1934835366129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M0KSET0SMARA7YK8
age: 4254
x-amz-id-2: SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZYoOQXWJzimKBNHLCWt5lAT3TFvx%2BgR12WWI%2BJYOtUjmlG1JjSblbB5QhwubF3VIw5CJB0dWiTuwqZ2HtY4c9mfNuzeFl4pYRe639fQzMu20KNaDd9gralgwU4TaDz9V%2BIeJFOVRCwZPmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77092c709eab9112-FRA

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 448ms
151ms Image
image/png 52.217.236.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=a56697b2617c
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.236.17 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 07:33:06 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: NW36STEY59Q7X09P
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: hw1LpFTNVcmzzjSnNMbksDOJrALYnxbpDUKTDQhYJ8ARe7PfntXOunosexPxlJdcjPhE67Ws4eo=

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 46ms
43ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 9f9e9a6f8680601c36412dc2a4b26945c805037d977c536a0c2e929969377790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:15:40 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 11844
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1726
x-amz-cf-id: vOMsAAYAIrknBC3nb_jGBE6-1965LnekX4tLpjKOuNkFbkonGCL2hA==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
459 B 212ms
85ms XHR
text/javascript 52.222.247.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=yEMhCswgDXGBf&cb=0&ws=1600x1200&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%225b10cd0b-6c9e-43bf-9f6b-37d4736d623d%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%2C%7B%22sd%22%3A%225a83ac5d-a871-4cc9-aaf0-fcb08f76c1f8%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_2%22%7D%2C%7B%22sd%22%3A%22dd5fb9ef-b03d-47b2-a1e6-68cb3a755213%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_3%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C6c317a7e-f757-47df-a33b-123096280f52%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.247.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-247-205.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: CY2CB1TGWNYXS8J8Y7FF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: od3Kc85wjWmcC5C6bqA0EmGDst5jJH4kOpMF6biAsMu8dpA5U-B9Qw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 121ms
38ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding: gzip
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
date: Sun, 27 Nov 2022 03:42:18 GMT
x-amz-cf-pop: FRA56-C2
age: 15575
x-cache: Hit from cloudfront
last-modified: Fri, 18 Nov 2022 03:05:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Ze85A7GGcJgRAlU6d69jfHBpvUyqxZFBSnIiiRNyz-q2g1vjxQIs1A==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame A3B2 221 KB
61 KB 177ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A3B2 14 KB
5 KB 305ms
165ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A3B2 94 KB
28 KB 309ms
169ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A3B2 5 KB
2 KB 316ms
176ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame A3B2 40 KB
13 KB 308ms
168ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A3B2 8 KB
894 B 137ms
53ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 07:13:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Nov 2022 07:33:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A23 0
0 80ms
79ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuadYzLH4aLs6dz4wb2_6h1rJZlXVlomcUMi29EOolkKY1QPxyye6uhmwMLqSWxUZpIIwtMPDkkBDHj6cnCC7W0ObE0fOaGKltU2N3lDvUe0hCXbvK6x9pD-VnRsu15iQ2jJi7OkpG66SYOsGTknBNRRfBsBgMwP4ppeHzGvF_pGSK3tWXBSgmMwq78prYtpLAZX6ybiZzBq9xNTKr2PTLOimCw0V6aC3O4reJ8NdHIJn0hEaFyUs5Dm67azEcLnURqFzswcCGTs2Iyzwzb8aHhnKsNB_urilft1EGRm2mHjLBMHmchipWDkT9kQknj&sai=AMfl-YRjDmyv5FlTh0BXO9hwp9CfX21rsn9Mzl0EkTeWj6aYc1UzE5GDPDhLQ1pHH4aX-fjNQkm1wgf9Jv9zUpf7gJm_Sw9KU5q7k8BO4Zbg33ahOUBdkMjiMjiTAo5146mg3iq2Iax3PvUeRy9Yx4shySo&sig=Cg0ArKJSzOVWzXS5hdWOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 07:33:04 GMT

GET
H2 200 prebid.js Show response
excellence-prebid.sfo2.cdn.digitaloceanspaces.com/ Frame 2A23 228 KB
229 KB 396ms
258ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

0e0d5aaebcb9185499dabbc6f1e6979b963ba0a9e683603e0662e96302be9983

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 14 Aug 2022 17:57:51 GMT
x-amz-request-id: tx0000000000001137363ca-0063830a97-42d93a25-sfo2a
etag: "b8c335a03c0847286b2f70d097c5a38a"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1669534385.dop148.fr8.t,1669534385.cds164.fr8.hn,1669534385.cds010.fr8.c
content-type: text/javascript
cache-control: max-age=1526
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 233961

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A23 154 KB
48 KB 186ms
64ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 07:33:05 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 5DAE 221 KB
60 KB 221ms
108ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 5DAE 14 KB
5 KB 177ms
169ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 5DAE 94 KB
28 KB 178ms
170ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 5DAE 5 KB
2 KB 185ms
177ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 5DAE 40 KB
13 KB 186ms
178ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
DATA 200
OK truncated
/ Frame 5DAE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15720669d47a5de832c6e6d8f5e8c652d48e7baa8b6850c81d855397a8840527

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 4C64 221 KB
60 KB 226ms
125ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4C64 14 KB
5 KB 187ms
179ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4C64 94 KB
28 KB 187ms
180ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4C64 72 KB
16 KB 192ms
184ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe75d0fb01c62e14b75d418f8e5bb6e413e49610f564e90248669d7e3513403

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 21 Nov 2022 18:08:54 GMT
age: 480251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16659
x-xss-protection: 0
server: sffe
etag: "94fac542ca9cc297"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 21 Nov 2023 18:08:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4C64 5 KB
2 KB 195ms
187ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4C64 40 KB
13 KB 196ms
188ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
DATA 200
OK truncated
/ Frame 4C64 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b367117e8cc26a1b21b2d6e37cd7ecbc65228585420b6c8baf76ad70d6b01b59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5146 6 KB
3 KB 132ms
44ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:04 GMT
expires: Mon, 27 Nov 2023 07:33:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C42F 6 KB
3 KB 122ms
37ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:04 GMT
expires: Mon, 27 Nov 2023 07:33:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A3B2 2 KB
3 KB 257ms
158ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76607
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:16:18 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A3B2 295 B
353 B 256ms
158ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 78022
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Nov 2022 09:52:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A3B2 0
0 91ms
85ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHKw6sBKDY-ueA8Wg9u8P752hiAvXwf7DbaSKxZrmEMPvj5yuIxABIL7M12pgldqIgpgHoAGSmav8AsgBBuACAKgDAaoE6QFP0JI3tEBfo7u4QI-gh-wob_K1fpByQ4n4poGyyfQbFUYC5CDFI9_qJySkuAhQi5nBboZEG_c0iGQU_DeHi7tCqpsAV6x_91NpZc6xSKvVeCZhLRpXXOvi4mRkZgZmtoML-gKEciyhI0EgxANCuNou_Wi16SfbSWhOSyQe-KZvK7hfwEfKfmSJa1u9GRMh6q-H-9Q2VLcCoqikA5b6S_EW8i-CnXBUoUiVC-sjuReuDSlH0bgLLv-b_DY6oYW1vY9IMfrVnhQJo10UvoUUQDkwQ4H6JK3uWB2pAK5u2H-lWfCkfJ8MWDm8pMAEjbHGyIUE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB9bm1IMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ0ZtZ0ggRCIDhgHAQARgdMgLrAjoCgEDyCBthZHgtc3Vic3luLTYyMTY1MTk5NDE0MTA5MDCACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTk1OTczMDc1NDAzODAyNhjG3W0&sigh=2neYTBv6liA&uach_m=[UACH]&cid=CAQSTADq26N9hr7EMeyJiZKfJ2RmNJ_lxz2wNYbr5YcRBvmXtxgNCfZRxDxj8IwYnRtagUN4GnKF6L4IJRU6JTDS78SD4D7i7QO7KR3HbjkYASAT&template_id=5020
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 200 3363310725939592973
tpc.googlesyndication.com/simgad/ Frame 5DAE 37 KB
37 KB 180ms
84ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3363310725939592973?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlQj1j36_003VC2irhRfjVZ7uhHLQ

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

145bff31ed12136c3aff5858b8e7a8230d06535aad4827c02fd501e8d2c4be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:16:07 GMT
x-content-type-options: nosniff
age: 173818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37939
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 20:28:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 07:16:07 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5DAE 2 KB
3 KB 136ms
40ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76607
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:16:18 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5DAE 295 B
399 B 181ms
121ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 78022
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Nov 2022 09:52:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5DAE 0
0 90ms
85ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COuTnsBKDY-2eA8Wg9u8P752hiAuyxpW4bf6Skc2lEOiqtpWLAxABIL7M12pgldqIgpgHoAGSmav8AsgBAuACAKgDAcgDCKoE6QFP0OiqhKW91kmOT5GGLnlgrppyuwxJn9yvTxObF_wpXdH_qrWQpV6ZcuJUW9PFFAGkojlmkfbkNRR4wHQl1kkSJgCUF3IcSdPKpEUl-qKCQOaNAoy04PHIGdUBX5WWgR3ixZxCvplcjuFVPNEY_76G8p5w53qi8nZ5uEVwgtCDbfgPp7cUAzMnUmZrgPnUKwukH3Ay9COMFcyXpngtGd5ugMH0pmh9g5ZoCCvvcAYZVlKceoxjoYLeWp7srAWGusPCRXrBymffn26htoLPVIgRLQFKsEL1V00InGSuuZ81knGWzg86bmDyWsAE0dD1mbQD4AQBkgUECAQYAZIFBAgFGASgBgKAB9bm1IMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-MYF0ggRCIDhgHAQARgdMgLrAjoCgEDyCBthZHgtc3Vic3luLTYyMTY1MTk5NDE0MTA5MDCACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTk1OTczMDc1NDAzODAyNhjG3W0&sigh=vw6GcRR_RX8&uach_m=[UACH]&cid=CAQSTADq26N9hr7EMeyJiZKfJ2RmNJ_lxz2wNYbr5YcRBvmXtxgNCfZRxDxj8IwYnRtagUN4GnKF6L4IJRU6JTDS78SD4D7i7QO7KR3HbjkYASAT
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4C64 2 KB
3 KB 218ms
159ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76607
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:16:18 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4C64 295 B
353 B 211ms
157ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 78022
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Nov 2022 09:52:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4C64 0
0 87ms
83ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CT6scsBKDY-6eA8Wg9u8P752hiAvrsNbObeP3ubzdEIzciZ-8ARABIL7M12pgldqIgpgHoAH14JvHAsgBCakC_V3iep9wsT7gAgCoAwHIAwiqBOkBT9BWDtxRfMbhzRQ1ZF0s941BDaAO1GQi0alm_-2Nt7T6yalS2hNjnayUTcwMYI2rdYpYe7jQbpg0KTk8lITjQf6zUmMoRnqdWK--E-httUDM-Il_0x0fpUCmabjUPQPTjOtX_mRGWAJNjtSt5VlPqP1z5DpbuflYxf3-fbrNdXgnoVRxyWzzbOaui_NDBfMCbOQc5H4JxmphOUkyGvcHRDETZ3Bx89qw0rH7NztlGLba2gvXP7fABayKx4WshIAeyzxtvaLxX_4FqAxsZYnAZfk8RePlXpB6sax6ul_PJmG9HUxbAQdgniHABPCKv7OgBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfznuS4AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELf7E9IIEQiA4YBwEAEYHTIC6wI6AoBA8ggbYWR4LXN1YnN5bi02MjE2NTE5OTQxNDEwOTAwgAoDyAsB2BMC0BUBgBcBshceChwIABIUcHViLTk5NTk3MzA3NTQwMzgwMjYYxt1t&sigh=vQ-9wA2qhws&uach_m=[UACH]&cid=CAQSTADq26N9hr7EMeyJiZKfJ2RmNJ_lxz2wNYbr5YcRBvmXtxgNCfZRxDxj8IwYnRtagUN4GnKF6L4IJRU6JTDS78SD4D7i7QO7KR3HbjkYASAT&template_id=419
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 200 bg.jpg
tpc.googlesyndication.com/sadbundle/1578218963981389351/ Frame 4C64 97 KB
97 KB 94ms
40ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1578218963981389351/bg.jpg

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cc99bf2588ad3d83408511afd8f918238a4979f66aff714773a426c83e3ac8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:53:31 GMT
x-content-type-options: nosniff
age: 484774
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99014
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 15:21:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 16:53:31 GMT

GET
H2 200 push1.png
tpc.googlesyndication.com/sadbundle/1578218963981389351/ Frame 4C64 5 KB
6 KB 162ms
108ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1578218963981389351/push1.png

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9183399100c863196f86320a8dec93dee36ad9a3711964b71ea5672a7d3f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:53:32 GMT
x-content-type-options: nosniff
age: 484773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5568
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 15:21:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 16:53:32 GMT

GET
H2 200 cta.png
tpc.googlesyndication.com/sadbundle/1578218963981389351/ Frame 4C64 1 KB
1 KB 213ms
159ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1578218963981389351/cta.png

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fbfc069816c4d95cd310eae7e2ad5122b508a7faf2e8603748408d6fa1d0313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:53:34 GMT
x-content-type-options: nosniff
age: 484771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1369
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 15:21:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 16:53:34 GMT

GET
H2 200 legal.jpg
tpc.googlesyndication.com/sadbundle/1578218963981389351/ Frame 4C64 22 KB
22 KB 165ms
112ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1578218963981389351/legal.jpg

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4472c3f9c3ddd4bcfc159e3dda8e56d33a569ec41844f0888d2af2138276aed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:53:34 GMT
x-content-type-options: nosniff
age: 484771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22648
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 15:21:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 16:53:34 GMT

GET
DATA 200
OK truncated
/ Frame A3B2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A3B2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee00acaa1eeb92b0e009a525b7ee91c409f4d13bede35d72fb5699c72759f174

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 32 KB
10 KB 134ms
42ms Script
text/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7ad2fb033696f6b193dc1e4ef7d353c1d9a4d4a39772bdd0b44175704986ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:00:22 GMT
content-encoding: gzip
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 18:55:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 45164
x-amz-server-side-encryption: AES256
etag: W/"51c5af7d71728569b41d03503fff2de7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: 5MTEKxskCed9XsJeCRX1EJIQ4xOBIIK1v1GPnfAhMi56C5MIxiL07A==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
11 KB 166ms
46ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FNK044PCM9Y7VVCR
age: 2013
x-amz-id-2: AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
server: cloudflare
etag: W/"2280e2148e4ee3c06f679f8fac039778"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAXjxGpcbk7MrF3vsDki4vro57%2F8YE3Njm68O1UBZnaEzw3%2FEX5e8%2FWWSmKA33Z%2FDfnfOi0tBm23J55KEiRD6Qbuxl40CwA2lczIKFWprU8bm%2Bz1CgeJ0kRCE8QBNGP7tb0N3S5QvahuRrSQZcw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 77092c739bb56903-FRA

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 224ms
104ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: ZR9FS0KF8SF3XPE6
age: 459
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 77092c739c239b51-FRA
x-amz-id-2: VistZBWckkAiP7GIvEPImKlKdXTBIKzx8WeKiNFm3NFnvLcmQwjT/xkLRFzAOFbFMk+ugJS7Fn+m45POSdZmLQ==

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 50ms
42ms Script
application/javascript 2a02:26f0:480:b::210:f1d2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b::210:f1d2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdstGGWlRWBPv-OjQ_DsB2viQXPeOr9Add0S6VJCJzI7h5mXi-i4HrWI9P6NrNzuEn0d6eK4T7keIp7lMG_cWg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-generation: 1610290372874389
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=vMWMIg==
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
expires: Sun, 27 Nov 2022 07:38:05 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 251 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 256 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 238 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo.png
cdn.playstream.media/ 1 KB
2 KB 149ms
36ms Image
image/png 2400:52e0:1e00::1053:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playstream.media/logo.png
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1053:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-DE1-1053 /
Resource Hash: 875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sun, 27 Nov 2022 07:33:05 GMT
cdn-edgestorageid: 864
cdn-cachedat: 11/21/2022 14:10:19
cdn-pullzone: 1027527
content-length: 1265
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
server: BunnyCDN-DE1-1053
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 61230634f48fdb0a1cc9b0f88fd77e70
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ctrack
track1.avplayer.com/ 0
71 B 373ms
116ms Image
text/plain 52.44.35.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=0&e=cpll&cb=1669534385215
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.35.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-35-90.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A3B2 28 KB
28 KB 117ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 208644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 21:35:41 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 784E 0
336 B 42ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 784E 334 B
409 B 257ms
256ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384283&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2081e451-4011-4ae8-907b-a59b4b6ce4ce&l_pb_bid_id=4857c0aee6487b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10398972916465765
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8f5138bbe084300fd20ded1b3d49d28d680161f854f19f3db0164d6676f109a3

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 784E 0
336 B 41ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 784E 18 B
311 B 64ms
64ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=34990155208&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 784E 0
407 B 59ms
58ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 784E 19 B
707 B 39ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 130ee52c-4cec-4733-bc16-a442e104d185
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 784E 0
176 B 41ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame ED71 107 B
122 B 136ms
61ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame ED71 107 B
122 B 134ms
58ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED71 0
442 B 175ms
71ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=1715103306569748&vrg=2022111501&nw_id=21671350435%5C%2C22687820958&nslots=1&eid=31069101%2C44752586%2C31065825&pub_url=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&sig=0&req=0&req_cnt=1&dm=8

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ED71 33 KB
12 KB 334ms
333ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1715103306569748&correlator=681646670278399&eid=31069101%2C44752586%2C31065825&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=21671350435%3A22687820958%2C300x250-earnme.club_._3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=941951635&didk=1653906094&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Dc4d91b4e38db5124%3AT%3D1669534384%3AS%3DALNI_MbrWNyJQtwTT-27Lkoku6i9gM_Nog&gpic=UID%3D00000b88e7f767da%3AT%3D1669534384%3ART%3D1669534384%3AS%3DALNI_MbnLiieW6XrJHTlK2WdDYIw7Chlmw&abxe=1&dt=1669534385388&lmt=1669534385&dlt=1669534383637&idt=1403&adxs=989&adys=2655&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=wum5yypqn2s1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&ref=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&top=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1365863235.1669534384&ga_sid=1669534385&ga_hid=838760467&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

926a58621fc0afc2742ccb975b291f042fff053cf3bf8454ac3d4bb760c07359

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12628
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ED71 14 KB
11 KB 180ms
77ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11f92d13ac94346c1b08b18ea8f42522ea2fbe88c6598fb4a48b9939905306df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11068
x-xss-protection: 0

GET
H2 200 container.html
e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 82F4 6 KB
0 73ms
45ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:05 GMT
expires: Mon, 27 Nov 2023 07:33:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0652 107 B
122 B 106ms
47ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0652 107 B
122 B 106ms
45ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0652 26 KB
11 KB 408ms
408ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1713075332049328&correlator=49414591562895&eid=31070950&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=21671350435%3A22687820958%2C300x250-earnme.club&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1124019640&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Dc4d91b4e38db5124%3AT%3D1669534384%3AS%3DALNI_MbrWNyJQtwTT-27Lkoku6i9gM_Nog&gpic=UID%3D00000b88e7f767da%3AT%3D1669534384%3ART%3D1669534384%3AS%3DALNI_MbnLiieW6XrJHTlK2WdDYIw7Chlmw&abxe=1&dt=1669534385403&lmt=1669534385&dlt=1669534383606&idt=1160&adxs=474&adys=2088&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=olxe446pckot&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&ref=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&top=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1365863235.1669534384&ga_sid=1669534385&ga_hid=2129937265&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41ff7df696c9955b4dba3036ffecfd5a8a9ebe257faaa46b5c5d0dd3481141a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11698
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0652 14 KB
11 KB 161ms
70ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

900237de92edcc855669838940fc4210f1f3eee655869b7994c34f2f2fd168d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11178
x-xss-protection: 0

GET
H2 200 container.html
429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C927 6 KB
0 62ms
46ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:05 GMT
expires: Mon, 27 Nov 2023 07:33:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0173 0
336 B 40ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0173 138 B
827 B 52ms
51ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ca5efdb423de2025aebaccf180bd29abcbff28dfb0de7e938f00f6782452d121

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: de995497-6608-402c-bf4e-fcb527644bde
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0173 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 0173 0
407 B 55ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 0173 18 B
311 B 65ms
64ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=40306580382&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0173 0
176 B 41ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0173 334 B
369 B 187ms
187ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384292&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e0d79040-a12a-4264-86f7-6c8201f4d7ec&l_pb_bid_id=14a4762111ea07e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.017621610247794628
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a10cf3db6d57c047422ff1e64f14ce5157967f4402bbee6ac0c5f21fa708456b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 8059 0
407 B 55ms
54ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 8059 334 B
369 B 182ms
182ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384299&tk_flint=pbjs_lite_v7.19.0&x_source.tid=1bfd5505-57e9-489a-b8cc-eea215ea7bd8&l_pb_bid_id=4c60a7f5883a17&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.31559933559518205
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 44f32ab1e85e8dd1ca4d31a3d046578ddc82a58ab77bde83f14f013020b491d6

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 8059 0
176 B 41ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 8059 18 B
311 B 64ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=9725164280&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 8059 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 8059 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8059 19 B
707 B 64ms
64ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: d74c839f-df3e-44bb-b593-b3f8665d97a6
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 51D0 0
336 B 42ms
42ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 51D0 334 B
369 B 266ms
266ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384307&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3d8d481e-dc7b-4bbb-b95f-8de7be1d265c&l_pb_bid_id=449a16998a253c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1347316036935835
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f06319d736cb3d6e05de978eca5e576836541b84b530a6de3e35f3159c4d681b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 51D0 18 B
311 B 125ms
125ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=25440390836&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 51D0 0
407 B 56ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 51D0 0
176 B 42ms
42ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 51D0 0
336 B 43ms
43ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 51D0 19 B
707 B 85ms
51ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: b99877ea-4523-4b7c-8a3c-00092889a6ab
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame EDBA 18 B
311 B 65ms
64ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=22266995207&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame EDBA 0
176 B 61ms
60ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EDBA 0
336 B 103ms
86ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame EDBA 0
407 B 56ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EDBA 19 B
707 B 88ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 7312c2e4-d143-47a6-a5e0-3cd8dcbc47e2
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame EDBA 334 B
369 B 165ms
164ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384316&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ab1ebc52-1b63-4b40-a8b3-9ede7e0e6171&l_pb_bid_id=12f674f680728d6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.49322657045342577
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a6575cd095ca13c609e595584cf5e72ca5eeeddcab7645c8dcfa8db33a9f9e0e

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EDBA 0
336 B 57ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A11D 19 B
707 B 82ms
44ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 7dd484a3-33e5-4f2b-8c33-6f4b9d78a5f6
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame A11D 0
176 B 40ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame A11D 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame A11D 18 B
311 B 83ms
78ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=93935222924&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame A11D 0
336 B 44ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A11D 334 B
369 B 149ms
145ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384337&tk_flint=pbjs_lite_v7.19.0&x_source.tid=11df1a71-70d7-4e78-b445-50a029b2d24e&l_pb_bid_id=12dacc0b9f5a282&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7046800296285416
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4c9a73c68d8d7e8c279140531b10d78afb2a538232efb83bce2967b169608f95

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame A11D 0
407 B 57ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F7EC 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F7EC 0
176 B 43ms
39ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F7EC 19 B
707 B 74ms
41ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 2fd2b741-85dc-4898-ac18-f720a272687c
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F7EC 0
336 B 44ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame F7EC 18 B
311 B 64ms
62ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=45141423681&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame F7EC 334 B
369 B 148ms
145ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384351&tk_flint=pbjs_lite_v7.19.0&x_source.tid=042776f0-ac59-4441-9cf1-66a300f47701&l_pb_bid_id=12e8f1a6e5c1f8f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2537219537914277
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cced6e6d117afa2d6ed36d4bf35822cdb98948ca21eab878e5cf4997c68c156a

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame F7EC 0
407 B 56ms
54ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 14D5 0
176 B 41ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 14D5 19 B
707 B 69ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 237624cb-42bf-4f49-b255-0f6a06953663
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 14D5 0
336 B 46ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 14D5 0
407 B 59ms
54ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 14D5 334 B
369 B 124ms
121ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384361&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c8e682f0-f4e7-4ce6-97ce-056021c73132&l_pb_bid_id=10bafc45f753eef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5207270866909917
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a80ee8dfa1957b839b020b97a499dca97d0bcd27e8c70da63c17b8b77981d29e

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 14D5 18 B
311 B 85ms
82ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=12202861249&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 14D5 0
336 B 53ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 88CC 334 B
369 B 143ms
137ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384369&tk_flint=pbjs_lite_v7.19.0&x_source.tid=4b25f91d-3687-4f3e-97fa-067378f19add&l_pb_bid_id=27fef6029a0f8a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.40308511432354766
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8f7c25570d7a283a363c280d4e04e5f58ee2ad80e8533ede91791859df9eebac

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 88CC 0
336 B 44ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 88CC 0
176 B 45ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 88CC 0
407 B 60ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 88CC 18 B
311 B 67ms
64ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=52939261950&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 88CC 19 B
707 B 45ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 7e5bf0c9-8dba-4511-8ad1-3ad56b757e92
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 79F8 18 B
311 B 63ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=88401730827&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 79F8 0
176 B 41ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 79F8 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 79F8 0
407 B 55ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 79F8 334 B
369 B 125ms
125ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384380&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9c83e512-7110-4739-8d47-cc780f920036&l_pb_bid_id=1054a2b978edfe4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5441001327100665
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7fc841a449b63abb54c966ee75d5d4b92f9a621e10b691540f30aa9e1ba6e381

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 79F8 19 B
707 B 50ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 524aeb4f-e96c-4af9-857e-d118b548df5f
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 74E2 0
407 B 55ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 74E2 138 B
827 B 46ms
39ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

bad8b870144da59d9de7d4382bb7b4d39efcbaf5a11f3eefc13a18da27bc4d6b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 5af429de-bb26-438b-90f6-502d8b38f3b2
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 74E2 0
176 B 40ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 74E2 18 B
311 B 64ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=26148573617&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 74E2 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 74E2 334 B
369 B 121ms
120ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384404&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5c4ab868-df64-46f7-a641-162428c712b0&l_pb_bid_id=12cd7fd956327ec&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.22584160714158408
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 835f767a376161044cae1f81b839650f02f83bde95bfbd9daac9d456ee89bd9c

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A8FA 334 B
369 B 117ms
116ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384430&tk_flint=pbjs_lite_v7.19.0&x_source.tid=484d2ab3-1311-4577-9a82-f7306f9d0753&l_pb_bid_id=240037e125428c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.26891822052546455
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3fd8500b544fbfe395510a18061c3133a0abe0dace51c7f672f120d5d0cc48d6

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame A8FA 0
176 B 41ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame A8FA 0
407 B 55ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame A8FA 0
336 B 42ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame A8FA 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A8FA 19 B
707 B 40ms
40ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 252f28b1-6f66-4434-91a7-fcdc51a3eb4a
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame A8FA 18 B
311 B 63ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=89945055680&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9EEC 334 B
369 B 134ms
134ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384397&tk_flint=pbjs_lite_v7.19.0&x_source.tid=24fb3741-5b09-406d-b9e2-9020cb96c577&l_pb_bid_id=2543e5036fe667&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7178446491964257
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0449640a01b1cf31e7b6fb9ecb324dcf1ae94f15686bfe003ba994ee9c2165da

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 9EEC 0
407 B 55ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 9EEC 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 9EEC 18 B
311 B 63ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=43061933364&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9EEC 19 B
707 B 38ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 6fa3157a-3de5-4770-83e0-58851f934207
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9EEC 0
176 B 41ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame ED0D 18 B
311 B 63ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=88184715380&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame ED0D 19 B
707 B 78ms
78ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 69f77e0f-f055-4a7c-9450-54aaf3302e8d
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame ED0D 0
407 B 56ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame ED0D 0
336 B 41ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame ED0D 0
176 B 41ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame ED0D 334 B
369 B 133ms
132ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384414&tk_flint=pbjs_lite_v7.19.0&x_source.tid=37713abe-8ffe-4e21-975f-e8e0d46bcfc4&l_pb_bid_id=12e59688026eed5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9914445847270612
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 673156dd2f9e0f5f37c0810865decc5496c16ae21a6aba0882d219295bb4e36b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 32F4 137 B
826 B 40ms
37ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d6174072bde023639f0561e74874ff519dfa93a63a5a2e6205aadf94d8dbcbb1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 4162e598-c544-4df7-bfa9-76c080ca4594
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 32F4 0
407 B 57ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 32F4 0
176 B 43ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 32F4 18 B
311 B 65ms
64ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=75293536484&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 32F4 334 B
369 B 122ms
120ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384441&tk_flint=pbjs_lite_v7.19.0&x_source.tid=be3e5cf9-49b4-4211-bf47-ed7ad3dc186f&l_pb_bid_id=10f7f3623826b0e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3409444545747833
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 84a3173cfd1340bb6519bdf25708fe60073636546766e6e0568b6d0621daeead

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 32F4 0
336 B 42ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 32F4 0
336 B 46ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 89A6 334 B
369 B 131ms
131ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384387&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ce5133e6-3791-4559-8626-4bd687bd0f7c&l_pb_bid_id=2e433bcef9edb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3480423173183691
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 67c17fb8fc8304877714f44305fd86427c28907626754df5ee601a8c93bfa5d7

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 89A6 18 B
311 B 63ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=26816536092&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89A6 19 B
707 B 42ms
39ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 92a2a89a-2c68-41af-88bc-6a3e759c6cc0
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 89A6 0
336 B 53ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 89A6 0
176 B 50ms
49ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 89A6 0
407 B 55ms
54ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame EE74 18 B
311 B 63ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=40102004894&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame EE74 0
176 B 46ms
46ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame EE74 334 B
369 B 132ms
132ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384422&tk_flint=pbjs_lite_v7.19.0&x_source.tid=cb8cb503-ded1-48d9-9018-f2ef9a226f46&l_pb_bid_id=69aa185766fef4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.47515157450690526
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4742a640c7e9d31a6ca7b479431150e3e0af5b51ac2321dbef9380c3ead58a6d

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame EE74 0
407 B 55ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EE74 139 B
828 B 45ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

792821be3761b735c9b6c753310d30556eff2e1e5dc45bec36c9755fd3ce77e5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 1b4bd7e4-b039-499c-93d4-17862a665c37
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EE74 0
336 B 47ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EE74 0
336 B 58ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 169 KB
20 KB 666ms
665ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2312202965488994&correlator=2640391003111496&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=22181265%3A22367406785%2Cemc_300v_1%2Cemc_300v_2%2Cemc_300v_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%7C728x90%2C300x250%7C336x280%2C300x250%7C336x280&ifi=10&adks=562446774%2C623723747%2C2314604599&didk=3099166903~1039797534~2927660726&sfv=1-0-40&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dtrue&eri=5&cust_params=is_testing%3Dno%26is_home%3Dno%26category%3DINSERT_CATEGORY_HERE%26post_id%3DINSERT_POSTID_HERE%26adsstarbidid%3D12608%26wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D3%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D500%26waae%3D1500%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D2s&sc=1&cookie=ID%3Dc4d91b4e38db5124%3AT%3D1669534384%3AS%3DALNI_MbrWNyJQtwTT-27Lkoku6i9gM_Nog&cdm=earnme.club&gpic=UID%3D00000b88e7f767da%3AT%3D1669534384%3ART%3D1669534384%3AS%3DALNI_MbnLiieW6XrJHTlK2WdDYIw7Chlmw&abxe=1&dt=1669534385603&dlt=1669534383091&idt=832&adxs=315%2C1002%2C650&adys=154%2C1686%2C5502&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C2%7C3&ucis=a%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=1080x0%7C326x0%7C1600x0&msz=1080x0%7C326x0%7C1600x0&fws=0%2C4%2C0&ohw=0%2C326%2C0&ga_vid=1365863235.1669534384&ga_sid=1669534384&ga_hid=1823378323&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0c1cfde9adbf8428d47eed4232640c18a8f286052b03e35ab75b78285f6d434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20708
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 0E16 18 B
311 B 62ms
62ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=74750559869&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0E16 334 B
369 B 131ms
124ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384457&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6a40b1db-0417-46b5-8bac-32fb21b7cad1&l_pb_bid_id=47219fcf2cae78&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8682477603931418
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8f28972439bb8b299ad068cb973f23babbf95ac3dbef23fb185150a5dec9ed4d

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 0E16 0
407 B 61ms
54ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0E16 19 B
707 B 79ms
75ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 5de0a854-5f39-42e1-b154-a23e5db59edf
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0E16 0
176 B 46ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0E16 0
336 B 46ms
42ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0E16 0
336 B 46ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 2CFE 334 B
369 B 143ms
138ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384465&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a67129be-6197-47b0-bbde-53701a464b46&l_pb_bid_id=28bd0fcfec434e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.581759627112282
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9b52222de39ec5dee8aff7fbad4c7841d52c70c32df487a6e82385b29721e816

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 2CFE 18 B
311 B 71ms
69ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=42639734232&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 2CFE 0
407 B 56ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 2CFE 171 B
556 B 123ms
119ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2CFE 0
176 B 42ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2CFE 19 B
707 B 42ms
42ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: ddb86068-730d-4305-84e4-5171519836da
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 2CFE 0
336 B 54ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5146 0
0 83ms
79ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cr1I7sBKDY--eA8Wg9u8P752hiAvJntKxXPXqoYaIAcCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi05OTU5NzMwNzU0MDM4MDI2yAEJqQL9XeJ6n3CxPuACAKgDAaoE4wFP0A5tZHUDe3TFaLCTmNYYBp5kSUF4YbnabmQFjFXAvzZzRqMBeLIebzQMvm4Xm11bBXZtVG3NEElZNlAme1qw9RLAYPyJgled3_SxuuPF4aDLfYCqw_A9FIUB1C_gAxH7OolgDKAZihyYmDecYtcLW5ofED_K5QkZNdGIb2lf9hQ36v2k8s6VH6yDwRvN7XdJS9xtjcCVZOMOgjT0SJGUaGQcwodEldK2-nhfGu_xk_zoTFhMEs8AsCZNxZaQ3KgPW5QHJNzmv2K81Lu2e9Da7MApcD2OpZMuE8wwJDbFVvr44eAEAYAG4K-07oTu7OYQoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05OTU5NzMwNzU0MDM4MDI2GMbdbQ&sigh=2ZAD8grQGV8&uach_m=[UACH]&cid=CAQSTADq26N9hr7EMeyJiZKfJ2RmNJ_lxz2wNYbr5YcRBvmXtxgNCfZRxDxj8IwYnRtagUN4GnKF6L4IJRU6JTDS78SD4D7i7QO7KR3HbjkYASAT
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 5146 0
0 217ms
48ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kLPAFLr5RO0HfJ2DYgICAAAA5CMF3E1PU90QrxKDY3wHq-6LDri05IhPABIAAA&wp=Y4MSsAAAz28H_ZBFAAhO73sZxhmrig4tY9ZrNA

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 245462
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F337 129 KB
45 KB 228ms
118ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4MSsAAAz28H_ZBFAAhO73sZxhmrig4tY9ZrNA&u=%7CGB7oQwkcIdGLZl2XFg%2Fpph%2FDF9RmFWWcLNMSaJ4wQ3w%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv5nzGVva1W-wwP78Hnv4U0FEjkPxBSOnKYmtzX1IX_BisUVyr0vuEH6uRNJLn-TcZ5NyF1KMuJ-REZ7g3-BzQ2xlbvCAYAX8udkvRuqRDjXVlu0Q2wF0jGJbSc_gcdkJt_DN1_DvsypCSp8QUAj35w8Bt4YWa9-uqd54-nDY-8SqYVnNz2goSPpK7aiCXOXS6VbMfwDd-FV9eIo_ZLRSrbkpqq8CFkwvjyh5thJUFYD60WmI4_syC0QN1JL7Y4TE-Y2a69RHeB1Ck0haX9-p-VfX72WHxWzZBDjq_YHWrkznERqG0N4wHqWnWxDEraXNlxL1-uZPJ4Kqx-3Z466nJzhcoGVAfmazzVQ6TYaf38IT667l6CjsVe28NcEyYQ31meUfbO_Yc48zQSVGzTVpO85UeJUucWxZMH7TCc_eWcHPjGTiUlI0QL64J0dw2z9retnp2OZM8CpwG_VEMG4VGyEYaErsnT3mlUlN3WgAlftJsB5abcJMYDtCnrGca52LwuBQykNRd86Bsr1hntuyFh4YNNmPe9zGMGxEVC0-jFBh8OCwgj877sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1k6vsBKDY--eA8Wg9u8P752hiAvJntKxXPXqoYaIAcCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi05OTU5NzMwNzU0MDM4MDI2yAEJqQL9XeJ6n3CxPuACAKgDAaoE5gFP0A5tZHUDe3TFaLCTmNYYBp5kSUF4YbnabmQFjFXAvzZzRqMBeLIebzQMvm4Xm11bBXZtVG3NEElZNlAme1qw9RLAYPyJgled3_SxuuPF4aDLfYCqw_A9FIUB1C_gAxH7OolgDKAZihyYmDecYtcLW5ofED_K5QkZNdGIb2lf9hQ36v2k8s6VH6yDwRvN7XdJS9xtjcCVZOMOgjT0SJGUaGQcwodEldK2-nhfGu_xk_zoTFhMEs8AsCZNxZbS3omd3BubN2N6q8Fs6R1OcsTQWsoHaL86ba6I4XMuCC5A_H7rXrakp-AEAYAG4K-07oTu7OYQoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3q9yh38Bsbc5RMjoB-rvuqddNsjQ%26client%3Dca-pub-9959730754038026%26adurl%3D

Requested by

Host: df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com
URL: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1ae6406a0b2ce028df62b9eb00686113dad097be3f034f7c925db06fa951f6e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:05 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=3rJaLMZHPLzQVOPlPeKXqs98Huo1DCveKLQbFfunkvdr1D4jYLRu0_5b609Xr089OZlTw5fHOVT2KK6midcSUSItBkRCxgol61ERFYcXhN54Y0QwoqPvBPS_59y9ZK5Q6DIl6-4B2T3Iig-NtR_uKvUKRGI694WAXr-qybGRmP3XM9gw2sO6PnLivGaBbPFzAPOta4uXFxJYUGmC2_W6Aa_H2S6itpv5wkbhVyltnEhUY1o9UxPElhKrBoS0LWKmWR_Gkw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 60414605
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5146 3 KB
1 KB 201ms
47ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com
URL: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 04:54:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5146 18 KB
7 KB 195ms
41ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com
URL: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 10:41:27 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5146 24 KB
6 KB 190ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com
URL: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Nov 2023 16:29:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5146 154 KB
47 KB 124ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com
URL: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 07:33:05 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9400 334 B
369 B 137ms
136ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384473&tk_flint=pbjs_lite_v7.19.0&x_source.tid=086d899f-65b8-4094-be30-a74692ca1d9a&l_pb_bid_id=23898681ea744d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.14608636138642983
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 16af50ef55d20bdada465285d76ef611d68414665fe87f6eed60b4211595d195

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 9400 0
336 B 43ms
43ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 9400 18 B
311 B 76ms
76ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=9927653665&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9400 19 B
707 B 39ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 354dd1dc-7e34-41d4-95ae-768b2dac4fcd
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 9400 0
407 B 55ms
53ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 9400 0
336 B 42ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9400 0
176 B 44ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame C7EC 0
407 B 55ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C7EC 334 B
369 B 135ms
133ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384482&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a5c90985-07c2-4cff-8a6b-2a84ef7197c0&l_pb_bid_id=472af122b836d2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5929971809327383
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 827ef8ec07890d3eb21c0065eaa310c9e8ccc53ebce269e2d210060eacfa4365

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame C7EC 0
176 B 66ms
64ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C7EC 0
336 B 41ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C7EC 19 B
707 B 44ms
43ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: b1b49f50-d569-4f20-9e75-afc1972fa2d2
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame C7EC 18 B
311 B 66ms
66ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=54278650658&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C7EC 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4813 19 B
707 B 41ms
40ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 68940ee9-754f-407c-9c5f-a69ff247ffb3
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 4813 0
176 B 42ms
42ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 4813 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 4813 0
336 B 72ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 4813 0
407 B 55ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 4813 18 B
311 B 65ms
65ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=99377965767&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4813 334 B
369 B 263ms
263ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384491&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ee3b4aa0-35fd-4d94-9cdf-67bd705c9b8e&l_pb_bid_id=147a8e512803b58&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.926459123282543
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b57f49a6a10b1b7f4efc168c0dd9bfa8e51372f8a7aa4018f8083762dc78a701

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 8BB6 334 B
369 B 125ms
124ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384509&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f4844a64-95d1-4769-a744-2d47a313b851&l_pb_bid_id=2c65585ed9648c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2765517877630399
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b15c97229785d86cf4bdad5615f0fa63fd0f73a72112ba74e5d9c41d9e472957

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 8BB6 0
336 B 69ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8BB6 138 B
827 B 44ms
44ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

41523816f727c968d5332470f69797d19a9626d224d1ce5fb5ba940e4bc83237

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 2b4c8c90-8620-4dbd-bd9e-323d26b88a77
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 8BB6 0
176 B 41ms
39ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 8BB6 18 B
311 B 65ms
64ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=85243540726&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 8BB6 0
407 B 56ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
DATA 200
OK truncated
/ Frame 2A23 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 792964c60fc022b143bc5903bb76b771a1f1fa7e8a0e29c91830941b179e107f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 81E9 19 B
707 B 39ms
39ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 96259a92-9466-4c06-9f8c-0c5174035da7
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 81E9 0
336 B 40ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 81E9 334 B
369 B 231ms
230ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384518&tk_flint=pbjs_lite_v7.19.0&x_source.tid=704518e9-4aba-43b6-abb9-e31d818e927c&l_pb_bid_id=64785c86ce2972&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9964049196181648
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7840da1e1514aa186ef658f888d21176aa44b3192a16251cd31d419162ce776a

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 81E9 0
407 B 56ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 81E9 0
176 B 40ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 81E9 18 B
311 B 64ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=99619315892&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 3C64 0
407 B 59ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 3C64 18 B
311 B 67ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=50075410827&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3C64 0
336 B 43ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3C64 334 B
369 B 175ms
172ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384563&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c5d0cfe4-215c-4fa9-b286-053a836b110e&l_pb_bid_id=86804c84eb2d01&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3825386077602566
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b61c89023f7686b1d6bdebccc6648200cab30cd56f490d8b2f60be44e3e97832

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3C64 0
176 B 43ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3C64 139 B
828 B 39ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

bff9db15963c9a1815ce98b084ed6e14cf888fd6385eea98d079f5a246d00dbb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 7e3eb050-442c-4afa-b5f9-b2e4cb972d0a
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 6BD6 0
407 B 55ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 6BD6 18 B
311 B 65ms
64ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=90209724790&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6BD6 19 B
707 B 39ms
39ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 627f9d80-16ad-4f2e-a239-4252a4426d91
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6BD6 334 B
369 B 132ms
131ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384527&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3bf7d328-c9ea-4c45-9a31-48b20769c7c4&l_pb_bid_id=86577a9997cf99&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9450277401915015
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f67aef7445cdf3436ca0bfbf162c6661c2d7ceb755818582187477dce6d163f9

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6BD6 0
176 B 42ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6BD6 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EA9F 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EA9F 0
336 B 41ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame EA9F 0
407 B 56ms
56ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame EA9F 334 B
369 B 157ms
157ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384615&tk_flint=pbjs_lite_v7.19.0&x_source.tid=19b15c3c-a47c-4945-9bb2-47ddfdf765b3&l_pb_bid_id=8d716b41b330cd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.291541069227766
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f9630f9d8197711b7c9852db5749e5dce78ecf5924102a6981b597bdf084bbe4

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EA9F 139 B
828 B 37ms
37ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2f569af96a49aaa0cccac6a1051e552e08f50d44e3630b9832673de9e31f98ab

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 8022e811-ff4d-47f2-9a4f-6103ef00b54d
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame EA9F 18 B
311 B 63ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=38113062758&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame EA9F 0
176 B 41ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1B29 0
336 B 42ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1B29 0
336 B 42ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 1B29 18 B
311 B 77ms
75ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=40605227073&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 1B29 0
407 B 56ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1B29 19 B
707 B 73ms
73ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: ac363bc2-d39c-4c02-aa14-96230704964a
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1B29 334 B
369 B 130ms
127ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384623&tk_flint=pbjs_lite_v7.19.0&x_source.tid=51583a0b-6fd0-474c-9e75-807d47e805c7&l_pb_bid_id=12798661d4ce69&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.22448998613307425
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 68fb9593855c353161c20ce5759e642766c99a86a8a9f39d316856d9b9298c7b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1B29 0
176 B 43ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 006D 0
176 B 41ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 006D 19 B
707 B 41ms
41ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 2791e759-05ec-4e7b-a159-dc834108d91f
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 006D 18 B
311 B 65ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=3006961513&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 006D 0
336 B 91ms
90ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 006D 334 B
369 B 118ms
118ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384500&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bbcb072c-1e00-41fa-9edc-1b83a39f31a3&l_pb_bid_id=10dd9709b2c9446&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7423854677231234
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e3a6c1ba3aa959e2d89552648237fc7c453c1e48680b33467b57597518a60c6b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 006D 0
407 B 55ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B9E2 334 B
369 B 139ms
136ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384632&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f990832d-9aa0-45e2-ba8b-8585680431a1&l_pb_bid_id=21b08c6688839a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.526679013252533
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c31e3cee1036099d7db444aa79b70a4392fc1c8514261d3ad86828831ee57281

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B9E2 138 B
827 B 39ms
37ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

eed6e5065063dae2c782eed50a689ac3a320ed67114356ac9a3c9e6e3e308eab

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 0e5019e7-4081-47d6-955e-4e5ecbe11a5f
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame B9E2 0
336 B 43ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame B9E2 18 B
311 B 100ms
97ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=54315393326&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame B9E2 0
176 B 43ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame B9E2 0
336 B 42ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame B9E2 0
407 B 56ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 7EB0 0
176 B 49ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7EB0 334 B
369 B 155ms
146ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384642&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ba6b9de5-3f0a-48ad-ab50-bfc9043843cc&l_pb_bid_id=4e22c0f80fc359&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5621882543314327
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 254cb4151633296ad59cc8d55b3f1df4c90cfa23f632fd02de1f93110b5b6401

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7EB0 19 B
707 B 42ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 932fd367-e240-4bf1-807b-92d8e788e0fa
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 7EB0 0
336 B 47ms
42ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 7EB0 18 B
311 B 70ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=84182349784&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 7EB0 0
407 B 61ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 7EB0 0
336 B 48ms
42ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3A11 334 B
369 B 154ms
151ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384554&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3ec8fec0-f31c-4edc-8e86-c61cd51c91ac&l_pb_bid_id=2317858372214f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6267286116466264
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1ad3b7003d2f4ad536868513638e900dcfebc4dfcec7fe682452ee64d1e64e50

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 3A11 18 B
311 B 67ms
64ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=31837029981&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 3A11 0
407 B 58ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3A11 0
176 B 42ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3A11 19 B
707 B 39ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 52a9a1cb-10a7-4343-a099-93cee7ae503d
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3A11 0
336 B 42ms
42ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F404 19 B
707 B 39ms
39ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: aec5eb9d-a52f-451d-8f65-57f3324823cb
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame F404 18 B
311 B 65ms
65ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=49241663753&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F404 0
176 B 42ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F404 0
336 B 56ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame F404 0
407 B 56ms
56ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame F404 334 B
369 B 126ms
125ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384598&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f6acce46-b17e-4735-b92a-0b4afe5c95d2&l_pb_bid_id=122b37530f3bfa4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7280229325774308
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0c8a854e8a9ca905a5e011622c43e7f3b8c2626fde55dbc17ff3279d4c8a2c1c

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F404 0
336 B 56ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 66F1 0
176 B 49ms
49ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 66F1 0
407 B 56ms
56ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 66F1 0
336 B 75ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 66F1 18 B
311 B 65ms
65ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=94924529695&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 66F1 0
336 B 73ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 66F1 19 B
707 B 48ms
48ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 5a8f0bc9-4fb0-4849-bbf3-6269cc4fc796
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 66F1 334 B
369 B 138ms
138ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384608&tk_flint=pbjs_lite_v7.19.0&x_source.tid=431a726b-5b83-4501-ad56-605e3afb8751&l_pb_bid_id=1423389cf98ab65&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8307379505467316
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 52ed86cb6567c674f5263fd29a16398ed936d29cfbb471954195f9ea93f0b975

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 115D 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 115D 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 115D 174 KB
40 KB 425ms
424ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2151695117715161&correlator=2534219534030550&eid=31069101%2C21065724&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=21671350435%3A22687820958%2C300x250-earnme.club_._2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3371645434&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3Dc4d91b4e38db5124%3AT%3D1669534384%3AS%3DALNI_MbrWNyJQtwTT-27Lkoku6i9gM_Nog&gpic=UID%3D00000b88e7f767da%3AT%3D1669534384%3ART%3D1669534384%3AS%3DALNI_MbnLiieW6XrJHTlK2WdDYIw7Chlmw&abxe=1&dt=1669534385856&lmt=1669534385&dlt=1669534383663&idt=1359&adxs=474&adys=4219&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=z4llu4y9lhh0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&ref=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&top=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1365863235.1669534384&ga_sid=1669534386&ga_hid=462620318&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec9c4a5d7f3ac95c07391247939dbad133c579e24ba71951b741f0aa1574b902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40831
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 115D 14 KB
11 KB 150ms
71ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cd832fb577a29da8f4fc8e65d7e4519d4a8ada29b2a462933a724187650f8e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11189
x-xss-protection: 0

GET
H2 200 container.html
4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E31 6 KB
0 97ms
43ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:05 GMT
expires: Mon, 27 Nov 2023 07:33:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 32CD 0
336 B 49ms
42ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:04 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 32CD 0
176 B 42ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 32CD 18 B
311 B 69ms
64ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=17085797580&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 32CD 334 B
369 B 129ms
119ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384651&tk_flint=pbjs_lite_v7.19.0&x_source.tid=fb6d4a6a-8e01-485f-bd61-55b3cbd642e5&l_pb_bid_id=809e422887e443&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.20271973331143145
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e15ab701716192b88a540c6f054e5b03aa90911af6ce02c9d74729bd26404d68

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 32CD 19 B
707 B 42ms
39ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 890790d4-d332-4dd7-94b6-144fef2e8b3c
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 32CD 0
336 B 63ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 32CD 0
407 B 58ms
54ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame FB7E 18 B
311 B 70ms
58ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=12701207427&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame FB7E 334 B
392 B 151ms
134ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384675&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b0d24d0c-c132-4cd2-ba74-b225153950dc&l_pb_bid_id=49fea7bb2d5243&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7510912458088974
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 93661508a3e80650e4cf1a6eed5eacaa6b9af20d4020f0262053954c53c989ce

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame FB7E 0
336 B 64ms
42ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame FB7E 0
407 B 61ms
50ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame FB7E 0
176 B 47ms
36ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FB7E 19 B
707 B 42ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: b96816ad-dad3-4293-87ea-16e3731415db
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 2A3E 18 B
311 B 71ms
60ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=19646006173&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 2A3E 0
336 B 58ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 2A3E 334 B
369 B 153ms
137ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384668&tk_flint=pbjs_lite_v7.19.0&x_source.tid=034eff25-5365-4bf0-8e2f-76118fb9cbea&l_pb_bid_id=622ec6996c0866&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11336771200948426
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b3b0137db1382e11e0df414b0c33bda93bef74a0fd793589a3263d59eb8e1681

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2A3E 137 B
826 B 41ms
37ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c8cfc7b197a4cb89f4862b2e121ed799018bc09b078c8ea9fab777c104d4e75a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 791c913f-c8f0-4f3a-a475-5dc07cade203
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 2A3E 0
407 B 63ms
52ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2A3E 0
176 B 49ms
39ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EC19 19 B
707 B 44ms
39ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 44187bd7-2461-4ec2-8fd3-f7ee1f1658c3
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame EC19 334 B
369 B 140ms
126ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384683&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c040e013-b405-46db-b6da-405aeb487bff&l_pb_bid_id=4265a7b21c5e4a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.005808459211232853
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9b43ff6b17f2d84744f3bb348d6dcf7e04648b5cd9f09983355211fe5900a06d

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame EC19 18 B
311 B 70ms
58ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=46292174611&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame EC19 0
176 B 50ms
39ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EC19 0
336 B 66ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame EC19 0
407 B 63ms
53ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame D5B1 334 B
369 B 143ms
131ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384691&tk_flint=pbjs_lite_v7.19.0&x_source.tid=19fd7123-61fa-4c6d-9ad0-9a69a8c3943f&l_pb_bid_id=237983018f7f9d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.596924036805299
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7d269563182c964e135676bda2192bc0d03d6699096450469b08a34bc73364fc

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D5B1 19 B
707 B 43ms
39ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: c69f9d12-742c-4012-848d-8ccbb0feedf9
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame D5B1 0
336 B 61ms
41ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame D5B1 18 B
311 B 70ms
60ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=11261729994&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame D5B1 0
176 B 46ms
36ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame D5B1 0
407 B 60ms
51ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F7AD 138 B
827 B 110ms
106ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

13acdd1f16864122998f10088b7fc3b3299995e006c7fac587cebbb7c45c7558

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 7d6e2da4-6544-4bb5-ac39-87e1f01740a3
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame F7AD 18 B
311 B 69ms
61ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=99083948042&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F7AD 0
336 B 171ms
158ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F7AD 0
176 B 46ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame F7AD 334 B
369 B 156ms
150ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384659&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3fb103d3-e2f6-4a99-b844-4d2b20b8cae3&l_pb_bid_id=10f54c5879be81&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4313357592180074
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 510f80d74225d36d579780275e461eb24610385df6aa475ba3d72918a7007ec0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame F7AD 0
407 B 59ms
54ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F7AD 0
336 B 67ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame F48D 334 B
369 B 139ms
138ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384703&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8b62081c-f6a9-4882-b886-dea5e88cf844&l_pb_bid_id=2972427e063433&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42295630071719015
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d98054f894c7466e12ccd6d18d4ef837dfc14d11462318b8338c422d81327c11

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame F48D 18 B
311 B 64ms
64ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=64037327223&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F48D 0
176 B 41ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F48D 138 B
827 B 38ms
38ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

564f2e78f64eda11dc102ccdf2ee745054535647667735b3f2dbe478d45b08ee

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 905c2746-cf05-4966-854f-f689f86fcbc8
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame F48D 0
407 B 59ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F48D 0
336 B 46ms
44ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7507 334 B
369 B 143ms
141ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1669534384713&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e6b1180d-8f9f-4ba9-87d3-2f6aaf7efbb0&l_pb_bid_id=2adfbe771f08f1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4429992359431747
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b6957d313500d16177e9c52ec1c927e176096aa696954059b1bb2b464371b4ea

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 7507 0
407 B 56ms
55ms XHR
text/plain 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 7507 18 B
311 B 63ms
63ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=2951051294&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7507 19 B
707 B 39ms
39ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:05 GMT
AN-X-Request-Uuid: 2618d851-abdf-4481-b9c3-c8d3451f4092
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 7507 0
336 B 41ms
40ms XHR
application/json 81.17.55.99
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:05 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 7507 0
176 B 41ms
41ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Sun, 27 Nov 2022 07:33:05 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H3 200 container.html Show response
e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC88 6 KB
3 KB 40ms
37ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:05 GMT
expires: Mon, 27 Nov 2023 07:33:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EBAD 6 KB
3 KB 38ms
38ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:05 GMT
expires: Mon, 27 Nov 2023 07:33:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/27fa6/1/earnme.club/ Frame 2A23
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/27fa6/1/earnme.club/ROS?rnd=0.18375537283400445&e=300x250_0%3A300x250&ur=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr...
https://pbjs.e-planning.net/hb/1/27fa6/1/earnme.club/ROS?ct=1&r=pbjs&rnd=0.18375537283400445&e=300x250_0%3A300x250&ur=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&pbv=7.10.0&ncb=1&vs=F&cr...

621 B
1 KB

455ms
455ms

XHR
application/json

185.172.90.251
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/27fa6/1/earnme.club/ROS?ct=1&r=pbjs&rnd=0.18375537283400445&e=300x250_0%3A300x250&ur=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Server: 185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-plannning.net
Software: openresty /
Resource Hash: e6e809e7ba77128450462c6237be9b8de05418612d83fe1898fca041c22b08a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires: Sun, 27 Nov 2022 07:33:06 GMT
date: Sun, 27 Nov 2022 07:33:06 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://earnme.club
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 621
x-sid: AMS-927

Redirect headers

date: Sun, 27 Nov 2022 07:33:06 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/27fa6/1/earnme.club/ROS?ct=1&r=pbjs&rnd=0.18375537283400445&e=300x250_0%3A300x250&ur=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F
access-control-allow-origin: https://earnme.club
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-927

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame 2A23 0
155 B 155ms
41ms XHR
text/plain 3.66.127.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: excellence-prebid.sfo2.cdn.digitaloceanspaces.com
URL: https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.127.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-127-67.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 27 Nov 2022 07:33:06 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2A23 138 B
824 B 40ms
37ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: excellence-prebid.sfo2.cdn.digitaloceanspaces.com
URL: https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

211271cc94205a198c01ad8310ed3f77f1f641661ce338e4982b9d385de25c17

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:06 GMT
AN-X-Request-Uuid: 49285d58-8aac-41a7-aed6-1c77dc42a4a0
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 2A23 66 B
119 B 133ms
132ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: excellence-prebid.sfo2.cdn.digitaloceanspaces.com
URL: https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 2ac5e850e31e9b353722df86e4716ac7bb2b9719f82f9f9b269ed0dfaf471c17

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 45ms
39ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 27 Nov 2022 07:33:06 GMT
server: ATS/9.1.10.25

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A3B2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

126ms
45ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Redirect headers

date: Sun, 27 Nov 2022 07:33:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ED71 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 07:33:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0652 17 KB
6 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 07:33:06 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5DAE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

134ms
54ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Redirect headers

date: Sun, 27 Nov 2022 07:33:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 1224ms
651ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 28 Nov 2022 07:33:06 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A3B2 2 KB
2 KB 42ms
42ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76608
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:16:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A3B2 295 B
319 B 41ms
38ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 78023
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Nov 2022 09:52:43 GMT

GET
H3 200 3363310725939592973
tpc.googlesyndication.com/simgad/ Frame 5DAE 37 KB
37 KB 45ms
42ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3363310725939592973?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlQj1j36_003VC2irhRfjVZ7uhHLQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

145bff31ed12136c3aff5858b8e7a8230d06535aad4827c02fd501e8d2c4be50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:16:07 GMT
x-content-type-options: nosniff
age: 173819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37939
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 20:28:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 07:16:07 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5DAE 2 KB
2 KB 41ms
37ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76608
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:16:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5DAE 295 B
319 B 42ms
38ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 78023
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Nov 2022 09:52:43 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4C64 2 KB
2 KB 42ms
38ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76608
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:16:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4C64 295 B
319 B 44ms
40ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 78023
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Nov 2022 09:52:43 GMT

GET
H3 200 bg.jpg
tpc.googlesyndication.com/sadbundle/1578218963981389351/ Frame 4C64 97 KB
97 KB 60ms
57ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1578218963981389351/bg.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cc99bf2588ad3d83408511afd8f918238a4979f66aff714773a426c83e3ac8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:53:31 GMT
x-content-type-options: nosniff
age: 484775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99014
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 15:21:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 16:53:31 GMT

GET
H3 200 push1.png
tpc.googlesyndication.com/sadbundle/1578218963981389351/ Frame 4C64 5 KB
5 KB 88ms
85ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1578218963981389351/push1.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db9183399100c863196f86320a8dec93dee36ad9a3711964b71ea5672a7d3f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:53:32 GMT
x-content-type-options: nosniff
age: 484774
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5568
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 15:21:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 16:53:32 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/1578218963981389351/ Frame 4C64 1 KB
1 KB 87ms
84ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1578218963981389351/cta.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fbfc069816c4d95cd310eae7e2ad5122b508a7faf2e8603748408d6fa1d0313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:53:34 GMT
x-content-type-options: nosniff
age: 484772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1369
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 15:21:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 16:53:34 GMT

GET
H3 200 legal.jpg
tpc.googlesyndication.com/sadbundle/1578218963981389351/ Frame 4C64 22 KB
22 KB 73ms
70ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/1578218963981389351/legal.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4472c3f9c3ddd4bcfc159e3dda8e56d33a569ec41844f0888d2af2138276aed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:53:34 GMT
x-content-type-options: nosniff
age: 484772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22648
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 15:21:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 21 Nov 2023 16:53:34 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F337 2 KB
1 KB 1102ms
569ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4MSsAAAz28H_ZBFAAhO73sZxhmrig4tY9ZrNA&u=%7CGB7oQwkcIdGLZl2XFg%2Fpph%2FDF9RmFWWcLNMSaJ4wQ3w%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv5nzGVva1W-wwP78Hnv4U0FEjkPxBSOnKYmtzX1IX_BisUVyr0vuEH6uRNJLn-TcZ5NyF1KMuJ-REZ7g3-BzQ2xlbvCAYAX8udkvRuqRDjXVlu0Q2wF0jGJbSc_gcdkJt_DN1_DvsypCSp8QUAj35w8Bt4YWa9-uqd54-nDY-8SqYVnNz2goSPpK7aiCXOXS6VbMfwDd-FV9eIo_ZLRSrbkpqq8CFkwvjyh5thJUFYD60WmI4_syC0QN1JL7Y4TE-Y2a69RHeB1Ck0haX9-p-VfX72WHxWzZBDjq_YHWrkznERqG0N4wHqWnWxDEraXNlxL1-uZPJ4Kqx-3Z466nJzhcoGVAfmazzVQ6TYaf38IT667l6CjsVe28NcEyYQ31meUfbO_Yc48zQSVGzTVpO85UeJUucWxZMH7TCc_eWcHPjGTiUlI0QL64J0dw2z9retnp2OZM8CpwG_VEMG4VGyEYaErsnT3mlUlN3WgAlftJsB5abcJMYDtCnrGca52LwuBQykNRd86Bsr1hntuyFh4YNNmPe9zGMGxEVC0-jFBh8OCwgj877sg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1k6vsBKDY--eA8Wg9u8P752hiAvJntKxXPXqoYaIAcCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi05OTU5NzMwNzU0MDM4MDI2yAEJqQL9XeJ6n3CxPuACAKgDAaoE5gFP0A5tZHUDe3TFaLCTmNYYBp5kSUF4YbnabmQFjFXAvzZzRqMBeLIebzQMvm4Xm11bBXZtVG3NEElZNlAme1qw9RLAYPyJgled3_SxuuPF4aDLfYCqw_A9FIUB1C_gAxH7OolgDKAZihyYmDecYtcLW5ofED_K5QkZNdGIb2lf9hQ36v2k8s6VH6yDwRvN7XdJS9xtjcCVZOMOgjT0SJGUaGQcwodEldK2-nhfGu_xk_zoTFhMEs8AsCZNxZbS3omd3BubN2N6q8Fs6R1OcsTQWsoHaL86ba6I4XMuCC5A_H7rXrakp-AEAYAG4K-07oTu7OYQoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3q9yh38Bsbc5RMjoB-rvuqddNsjQ%26client%3Dca-pub-9959730754038026%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:33:06 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame F337 2 KB
1 KB 1409ms
877ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:33:06 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F337 308 B
637 B 646ms
284ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 22 Nov 2023 07:33:06 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F337 293 B
621 B 646ms
285ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 22 Nov 2023 07:33:06 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame F337 43 B
348 B 206ms
44ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=BVSqKPh6u8KMJUmOEwZD-FKEzCrQ1eSwtxLwH34ABwdjlbXWVOoOXhvHsVkuGTcpJbZm_eeRMtub87N2qoVqV-WCbE-tV0ukloYmdxAJHUnypDT5QxMZsnPdoZ-w8ESNrdVctXfLos9cRm20uQYNM0e9Gmb9Ra5joYX0v34odbdCSU41af4iIl8fy0InXX7qMv_eMHizhzz5aNW6L8sPYeOkJN8VhKijx0zCIEWmr23bt6kSVTYrp_sPfpe9z7uQPBJMLkbkPQO_3lQro0kzj6lSBfRhITIMLPpZlStYVURVQiNNrTKe383WnknhJ1-DnzGKk7M7fDnJuORbYGDX7o_JrUWiC-AI7me-PP3vJ65aewG0FlbRj0nMRQZeZ_B7qmidtf5-Al6qWItMD1xt-CeWWtk2ppzIRgx7pNYwDaXxZhaN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3621031
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
293 B 336ms
127ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://earnme.club
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
540 B 115ms
38ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 27 Nov 2022 07:33:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 any Show response
idx.liadm.com/idex/prebid/ 50 B
424 B 364ms
119ms XHR
application/json 35.173.91.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/any?resolve=nonId

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.91.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-91-17.compute-1.amazonaws.com

Software

Resource Hash

fab9009ed9a4f6edb1662b431b1c969607743dc38f2eded88f35eddbbb0aa993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 1
content-type: application/json
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
trace-id: 19baec1afb5d8ac5
content-length: 50
expires: Mon, 28 Nov 2022 07:33:06 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
315 B 179ms
56ms XHR
application/json 54.195.100.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.100.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-100-225.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://earnme.club
cache-control: no-cache
x-server: 10.45.19.152
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A23 0
0 76ms
75ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzXz56Xq8Jm0G-uVEyRjMibrsCewnioJLkmYkqVx4CXeOAGVq9T0ptJbjm5gb6h7EsEZ6FvKbym8IaVaFSovFIrBzg-_mCN5MVBBuf9zrco6TiPsX_NSgGZcSG1njZvM9aTwRnEpydfr6vkODv3-lTXWuY1KLnOemWwP9Fr-lFg20Pjpkadqd19cM1msJnXswaRhFuE1eRqpbDENBrHkCmR8UMKL-0SHikq2pDY5ZvQR5QJi6Mbf2vkXZktL5xCL_12jx4EPIxCGa_d-UizKm-9MFZSg5JZ29Ne5X1kg2BSqedxF1B5AEWn3paJVxsizo&sai=AMfl-YTkmmlbHqlCs8MHteubOw1bUgvXyOV6_BNHPjFIWPn0YW_XOQgfwSV79BsdUiPgfX7Ck9ptnHQ8MhVFPYVXc_R92Fp2SLt7yIk9iEPbjgrs_Qh85srx2xhDruSODM5tBPrIiZ7pvcuwU6d9Y05nOH8&sig=Cg0ArKJSzOglMi1WxcxwEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 07:33:06 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 47 B
267 B 200ms
200ms XHR
application/json 35.163.64.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/zeb-monk-from-zebronics/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.64.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-64-21.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 9d73d3173870dda8e03d30133fbde838ee6cba38456fb573c1c9672f87224b4e

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: gzip
server: nginx/1.20.0
vary: Origin
content-type: application/json
access-control-allow-origin: https://earnme.club
cache-control: public,max-age=30
access-control-allow-credentials: true

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 621ms
201ms Preflight
application/json 35.163.64.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.163.64.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-64-21.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://earnme.club
cache-control: public,max-age=30
content-encoding: gzip
content-type: application/json
date: Sun, 27 Nov 2022 07:33:06 GMT
server: nginx/1.20.0
vary: Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 180ms
57ms XHR
application/json 52.19.187.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d39a61a41e7f06cf97898bf91ff640d499329f001add42a8859e1da5744fa6a9

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://earnme.club
cache-control: no-cache
x-server: 10.45.3.68
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
398 B 128ms
38ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

0a418aea5dc7c01a9abc948b99ce785df9dfe1807bd2551554ea060507758014

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 34 B
279 B 425ms
38ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lbs.eu-1-id5-sync.com/lbs/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

1e729fd36c5d34a455d0da73aa13dafc72786790414f04a0e77fc29ae5051bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 34
vary: Origin
content-type: application/json

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F074 0
0 81ms
79ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIAHjsRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhwJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRgmZXs5GjfM3Z7kcBhclbvZQWdmeXaIU1QziL1DEZj_5YoemqjwDuAEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yMTI4NzU3MTY3ODEyNjYzGNztag&sigh=0s9CGy0fUDo&uach_m=[UACH]&cid=CAQSPADq26N9kf6Nmbkr0jn76b2cPuoBRvEcCJkZ5CLe6ANvp74VK2MlpBi2Q9tBbRkFPLzCpE-TqLa0QwumZBgBIBM
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame F074 0
0 142ms
50ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jtnr1f6fgvt1t0z3s7y1rn00kq1vgd8822c5ed0dn9wgkf5fnwcdh8s77034pqat4rdc3dje0zaneq2qx8jwhf6ka5mafa4nzzmt8tj83phhvz5srw28fxwbg60y4wdh64hdsa1d4499qhzxj1b1gmhxp65ewdjt2fgpnq2bnqa76nse6qy8jjfamggv8frkghbeyrex7hmzecz487xzjmg8wzadnn5kh81jdjrfwe9qef11s4ht9bpp3jen12gq5xxf201vtm73ce665ahvjxnr6v90wppjb6cpfn4nh0tpksx13gyp1fdxhzn166w6ta4zng2g8svy6jd92172ywxejgvb0yqs3yfjrc13087na6922zne66c0p6e27yf1t26skyr6tb64xg&b=Y4MSsQAG360H_ZyNAAQQe52XR0u9hxa5bhWcfg
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Nov 2022 07:33:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame F0BF 2 KB
3 KB 158ms
65ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j9f2erqdaptwnjpfgqtvrt9455vzbhe75z9qx61naj1k8kh8ghzbgw8r1bwjjvfk5b36yehy7tq46yxk62ygpevgab5vx0332gy3zy8pfebe1jayxjq3a58vjw3hqm9hjnj39yszgbrz3v84ptftzymgzgcptw29k14738swpvadb2dbh9q398rywa7svpvp849ph4xv35d83n0e9zasw3r23q48j7j582wjb6n47jyh2w264xcabq2b80r803sgz50g15qafc49qzjmd2tht7azne0s8xk0xdaa7592d1207rtj0a1ggsjw88crzhkhnfr116vj9jy39msf70fr1qaqapq8s2msv3csaz3dc3nsnp6r343z96rwqtv52mn1wkt6pxgtdp659btfm6zjc9xn7r7wdddt611ce447nzh68g429j15kwhwm54fjmyjdmnmwdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%26client%3Dca-pub-2128757167812663%26adurl%3D

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1fa3e3924cf3e4a8c28a92c28f2983d4009baabee3da2d95c680741f4a5e106

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77092c7baa1bbbb3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:06 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F074 3 KB
1 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 04:54:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 76ED 1 KB
643 B 113ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 10:44:06 GMT
etag: 48472445140208031
expires: Sun, 27 Nov 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F074 18 KB
7 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 10:41:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F074 0
0 47ms
45ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTg6IP2dwJ0Ds7fZQXGwy7Zh4jQM8NQrKkaBwk02zrrOFlJrSaTpfX56ASYtsHKAs3QEgH_v2WQkWMiXVcuNr_O_sZyqQ
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F074 24 KB
6 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Nov 2023 16:29:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F074 154 KB
47 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 07:33:06 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 933ms
205ms Script
application/javascript 52.34.9.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.9.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-9-17.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cache-control: public, max-age=86400
last-modified: Sat, 26 Nov 2022 14:24:54 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 65ms
64ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: YMFZEZYBJKEKRNPV
age: 455
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 77092c7b6cd49b51-FRA
x-amz-id-2: rR7sHzWBBNucr3XhEuqI/nIptBfNR4Bk4gz/tZK0aI7ojtEYwwSH/6l9FgWTrmHoO3CAY8xfMq0=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 873ms
567ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 28 Nov 2022 07:33:06 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 41ms
40ms Script
text/javascript 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:00:23 GMT
content-encoding: gzip
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 18:55:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 45164
x-amz-server-side-encryption: AES256
etag: W/"2c5f4a319c3d99310927955777b5abe3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: ZYUdSYmWXgRrGyvA0Qo69na_8W62_IZI4v5iyOdS4QnQRdU2MF0zcA==

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 3 KB
3 KB 404ms
126ms Script
application/javascript 18.189.199.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.199.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-199-42.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 76424452f8e1eb0bc7fb20f6d7fa0dcaea480d7152a74756c01e816a663c3aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
cache-control: public, max-age=86400
last-modified: Mon, 31 Oct 2022 06:06:26 GMT
accept-ranges: bytes
content-length: 3211
vary: accept-encoding
content-type: application/javascript

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 2F93 221 KB
60 KB 131ms
54ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 2F93 14 KB
5 KB 113ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 2F93 94 KB
28 KB 220ms
144ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 2F93 5 KB
2 KB 223ms
147ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 2F93 40 KB
13 KB 223ms
148ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2F93 4 KB
621 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 05:59:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Nov 2022 07:33:06 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F93 2 KB
2 KB 37ms
36ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76608
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:16:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F93 295 B
319 B 38ms
37ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 78023
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Nov 2022 09:52:43 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame F5BF 221 KB
60 KB 135ms
67ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame F5BF 14 KB
5 KB 228ms
161ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame F5BF 94 KB
28 KB 226ms
159ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame F5BF 5 KB
2 KB 103ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame F5BF 40 KB
13 KB 221ms
154ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F5BF 4 KB
621 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 07:29:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Nov 2022 07:33:06 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F5BF 2 KB
2 KB 37ms
36ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76608
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:16:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F5BF 295 B
319 B 38ms
37ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 78023
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Nov 2022 09:52:43 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 8968 221 KB
60 KB 98ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8968 14 KB
5 KB 220ms
163ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8968 94 KB
28 KB 213ms
156ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8968 5 KB
2 KB 207ms
151ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 8968 40 KB
13 KB 208ms
152ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 24 Nov 2022 16:29:52 GMT
age: 226994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 24 Nov 2023 16:29:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8968 4 KB
621 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 07:20:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Nov 2022 07:33:06 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8968 2 KB
2 KB 38ms
37ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76608
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:16:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8968 295 B
319 B 38ms
38ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 78023
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Nov 2022 09:52:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2F93 0
0 47ms
46ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTqJsJ7BaCZGUwXji9EP74JVahs_1uY85Z6ZdyH2eqCRc7cEqXQ7yiqzpLIxxVlqqnbkBmbfMqcXMAkj37LV0POh1uMw
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2F93 0
0 82ms
81ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZLtysRKDY-7mKJmR7_UPr62ngA7bgbjIbYuT3_2TEKycwLvaGhABIIb3hiZgldqIgpgHoAH_yODIAsgBCakC_V3iep9wsT7gAgCoAwHIAwqqBPABT9CJq3AiFot83L7dbQx90ecMxq7MuQIGaENvQ-WPDFQvOFBv1DL-yDCaSYAzNIdEt8DtHfFvAwgZsXf7kACKOWa7cmt2sanU8XWurHVF8lXDJ8_ElxSXlZ8AKmPEPrD7wfSEDas1bmna_DdlBAGzMDJMpVXaJ6AWqPLaeU0Cduv5U8bbfnmppmMbjaJSGZ6P9Vf40MyrBGEaOPndZeN-6r_ppEIa03prB898se6kqK1_kZJHWplLRmw4qjhwMzxrBo8K72uLBvQE52meIfSXNTePvLQ7ab0BL6y_67KSNTGUI7fBhfkKYKpZ_nbndGhSwATaxbieiQTgBAGgBi6AB-m2n7cBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQj5Iz0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwG4E-QD2BMDiBQH0BUBmBYBgBcBshceChwIABIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=oxT0t47-BJU&uach_m=[UACH]&cid=CAQSPADq26N9_UTOTUQBPKMnCZ-ULmd6fVuJpX-nEXAOcnb41HIn3UeVPoRNPkvtcUWYVRX89XXgwveXyR_XNRgBIBM&template_id=484
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame F5BF 0
0 47ms
46ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwiziclnj_0RH3QukcPUb9pst6uDJxiKCWSy-nPRUT67ZYHcxxGqNpjX_c8Cq67KD4XLBt7dNb61_G059AkTBDNHFpZA
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F5BF 0
0 80ms
79ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVbsDsRKDY-_mKJmR7_UPr62ngA7bgbjIbYuT3_2TEIrRo-2-ARABIIb3hiZgldqIgpgHoAH_yODIAsgBCakC_V3iep9wsT7gAgCoAwHIAwqqBPQBT9DgyBaV7kS47-5tA_y5caPQ4CX5ZG3eBNohRa0rRp4Kwt585CPgmJepQM2yBA3bD6EV10FVkFLH4h3qlciuFI1GLslsIH4-_wda0F5_IscwqdVzkoFbAYKrM_unhf0t8YscNsnRC5IfDhmzr9t6w7R2QCIsj8J22v4RFSPBjRsvq2Bp878EJGt-OiYQG35UqRMHkcENeQ3savekzDnUQ8s9syirNnC7pyLsU3PrF33b-WuNB3azeSjq1rDykzSomNDJW0V49DEufPevT52iDPPmXVzLfS6xG2fBSfEM6rsIsCHmAWrX30AwtResN3h48JGcQMAE2sW4nokE4AQBoAYugAfptp-3AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPOnHdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMDiBQH0BUBmBYBgBcBshceChwIABIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=AtiMjvksuFs&uach_m=[UACH]&cid=CAQSPADq26N9_UTOTUQBPKMnCZ-ULmd6fVuJpX-nEXAOcnb41HIn3UeVPoRNPkvtcUWYVRX89XXgwveXyR_XNRgBIBM&template_id=5000
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8968 0
0 47ms
46ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGBsxrSmcpytMyo5ftKreuJQ9P_HL1QT7B7wMZYJ5upPpbkzQwwfo6dy-7Xs24vMtrNQwOaY2HS5hAQL3mhOIiWn2rlg
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8968 0
0 81ms
80ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPuU7sRKDY_DmKJmR7_UPr62ngA7bgbjIbYuT3_2TEIrRo-2-ARABIIb3hiZgldqIgpgHoAH_yODIAsgBCakC_V3iep9wsT7gAgCoAwHIAwqqBPQBT9Buhy1ir5UnxgEFqgsV9wSbg6sIHOQllXTyE7RymiWFcPJGQ-Vh6sAV1BZmDnjirDE9lf3FQXfnOk94nhQ4G3YDzW4m2T8NbMYuDukQgZabLneFXb_oGJ1T80SfNWnifmNVh0qNGAu8Jyw2OGz7qmtemODgF9VmN_M8BhB1_LW3hkmr_PSdNH5ygGUboT3PQd8YvmcKK0zP5HOrQK0vt3xOxO17xO7fw4IMCL02xtYiUtwPW5RSE62QIWPg0cU0P_S6V1m1nE3mCgnWAyTYpNwo5MZiggAHM_8I4qUj83JgpiI5HNcr2nM_RU2Yu4gh9xeQG8AE2sW4nokE4AQBoAYugAfptp-3AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKXjKtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMDiBQH0BUBmBYBgBcBshceChwIABIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=SR7nJl8PmG4&uach_m=[UACH]&cid=CAQSPADq26N9_UTOTUQBPKMnCZ-ULmd6fVuJpX-nEXAOcnb41HIn3UeVPoRNPkvtcUWYVRX89XXgwveXyR_XNRgBIBM&template_id=5000
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 container.html Show response
4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 329F 6 KB
3 KB 37ms
37ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:05 GMT
expires: Mon, 27 Nov 2023 07:33:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 115D 17 KB
6 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 07:33:06 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EBAD 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8lq8sRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEgwJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d6_M2hF0GYL2lBhb-EfKs0QRtI0MgSsS4CNfvVSr9jTfzGF9yqPig4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTIxMjg3NTcxNjc4MTI2NjMY3O1q&sigh=GM0TMk9HEaQ&uach_m=[UACH]&cid=CAQSPADq26N96SI9lU2gAjufZwqtfhJrs9WuZEaMPKnTwRSRVDV4oCa1V9vqAqP1vg-tNwwbRE9eKiK5aM_G_RgBIBM
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame EBAD 0
0 48ms
46ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jr6dkgf7h58pezzzxt69sv44ec9051mjj93036ce9x7gfawsfy17ptfkj6r7jhn8pgyj2bnfcgwt41sqqzv4wc8c47ca2t9qsqa2dgfjf3k7vhhmw8c50k5qe0qj32ht5s91c9v50pamxthjym335ncx5n1ab2c4xmbkf2nr8pf6eqdvq7bx6y7txqhqjv1a8cvvkn65s1kvb6w7crpj8cnpzbnypgwetnwfnm85tmkaagp6r52gasqxqsvtzj7ydqb0c9s1rksxqwyyb9y4g4809zvakye15hpwpykbd8chce1epxpkv12rwbn38kss57svaa6hpzrd6s2915fkbf9vvv9crw7sjqmsyn33ztf8f7t4wkbpe6pg2z8ptcc7h6rka4nxpyedm0&b=Y4MSsQAG9M0Iu_7wAAdv_D7eF6H_3dMN6pVfUg
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Nov 2022 07:33:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame FE7C 2 KB
1 KB 59ms
57ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k9n38px01ftngjkx4ptbpf9vtjvx6xmdgamrh40364nzbgp6bhg61j85skx4e1kb6a4fqegk84gp2hz4dgs6pcrasepazeqjyhvanmbp82p44v3yamkhyx8qj5904de911x3e22fgathdxnb7bc2pmmtz2g4hzy7dswsz9atkc0w0gdngqr6rg3q4c580s9z1p7v0hhyftv6jkw0y2zdpp1d64qpjjddvb27gq09vt6dyrhm6mbqd2w3qfkr73gmz1n6rvptq82zy9p2r0dzrzn612xnhxqafex248wcj4feevez8dc7wj053phh2nr4rw08p3epqnecqp2987eswgj31cpm99g8za5pmxpfg5cywnf6arn6bvfbaskaqc6q74mk1vf4f3fjz3nazgch0043g3v6byrw9dych9grjnjjs4c0vayvqtgz32vfzvry8wmjtwfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%26client%3Dca-pub-2128757167812663%26adurl%3D

Requested by

Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54147eab61d83661854e0411e81ed1cbd7c340f349aaa369afe91167046c234d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77092c7bda78bbb3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:06 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EBAD 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 04:54:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4F78 1 KB
643 B 39ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 10:44:06 GMT
etag: 48472445140208031
expires: Sun, 27 Nov 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame EBAD 18 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 10:41:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EBAD 0
0 46ms
45ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRA5TtwqyFl7mdw6_KHsm_koKA1OWk34eFQ3E6Ot6-5G6tMoJQ_p4ySRQBsG2UA4akkfJTKfMOagqLccGYe6rS8aQtw0g
Requested by: Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EBAD 24 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Nov 2023 16:29:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBAD 154 KB
47 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 07:33:06 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/3829636510286625117/ Frame 2F93 19 KB
19 KB 38ms
37ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3829636510286625117/6592766407814317453

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa2b6fac2888da36c26781b5c2d4fb6ca8ce622354392de0630db3bdca27942f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:37:13 GMT
x-content-type-options: nosniff
age: 417353
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19532
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 12:28:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Nov 2023 11:37:13 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10459320179165945052/ Frame 2F93 1 KB
1 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10459320179165945052/downsize_200k_v1?w=100&h=100

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37ababdece3bf5c0d3b3d0558b4ac937bc5711af843eb9a8675deff919556b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:34:48 GMT
x-content-type-options: nosniff
age: 417498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1312
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 12:26:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Nov 2023 11:34:48 GMT

GET
DATA 200
OK truncated
/ Frame 2F93 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b077568817ac6d9960ce2056ef98b835658d71543276d9b8e07e0e068e125695

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3829636510286625117/ Frame F5BF 7 KB
7 KB 41ms
39ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3829636510286625117/downsize_200k_v1?w=400&h=209

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74cf4c06490bc2ea5ec19410e68cd2d4dae7868770d9ef7487f01659916a2cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:37:57 GMT
x-content-type-options: nosniff
age: 417309
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7027
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 12:26:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Nov 2023 11:37:57 GMT

GET
DATA 200
OK truncated
/ Frame F5BF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F5BF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80b1c8bca531e93d0d9f4cf7444a72021d115440b3b70417ef489810b320d652

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3829636510286625117/ Frame 8968 7 KB
7 KB 38ms
37ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3829636510286625117/downsize_200k_v1?w=400&h=209

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74cf4c06490bc2ea5ec19410e68cd2d4dae7868770d9ef7487f01659916a2cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:37:57 GMT
x-content-type-options: nosniff
age: 417309
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7027
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 12:26:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Nov 2023 11:37:57 GMT

GET
DATA 200
OK truncated
/ Frame 8968 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8968 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef39f9c952028645a7b7bcef44b4db5a0c674a150c21ec2aa083af898c8c2847

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F337 12 KB
5 KB 128ms
52ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1342444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5LWmIKtjM4jLFzHms70kC5urXm4BUuLfM2ge4g7aAeE1ONGwLLs7XlMzv72PZFCGvuRQPKBZl%2Bwhp2wP3CYYyP8%2BhuCNTbzuW2Ev83fLMZ%2FxvWo5j%2BR%2Bk5fpX8uwW903xcVm8VmUdK%2BqN7HchKHCvym"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77092c7cff87917a-FRA
expires: Fri, 17 Nov 2023 07:33:06 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F337 12 KB
6 KB 701ms
570ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:33:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F337 6 KB
6 KB 157ms
40ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=74612&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F74612%2F201001%2Fbdf6affd9df54455bc26aca64ee0f58c_logo_n_horizontal_5.png&v=3&w=196&s=qxOZAK1aDSyV85l2Py3pDplH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

63e27b65205f3d9efb8776660a651625dded2e1621da5b91b1c9d7592a70b5e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30240848
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5670
expires: Sun, 12 Nov 2023 07:47:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F337 7 KB
7 KB 208ms
91ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=74612&q=80&r=0&u=https%3A%2F%2Fstatic.digitecgalaxus.ch%2FFiles%2F6%2F3%2F9%2F1%2F7%2F4%2F3%2F4%2Fecoflow-400w-solar-panel-32710259015844_1024x1024-2x.jpg&v=3&w=400&s=gE2oTRhBiXwEygvZG09qxC4s&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

90249a65067a64c3685a22c6fed183d9a02a39cf72209459ae4de78c008c5422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=716665
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7208
expires: Mon, 05 Dec 2022 14:37:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F337 13 KB
13 KB 195ms
78ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=74612&q=80&r=0&u=https%3A%2F%2Fstatic.digitecgalaxus.ch%2FFiles%2F7%2F0%2F6%2F8%2F2%2F1%2F2%2F6%2Fimage.jpeg&v=3&w=400&s=8Gn217QsKpubrtLDa1UFuElO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

dd9b8e81b879a37956de87ed59cc06f97c63654cbf0fb23d6f0d2ff367c1fcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1056830
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12906
expires: Fri, 09 Dec 2022 13:06:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F337 7 KB
7 KB 159ms
42ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=74612&q=80&r=0&u=https%3A%2F%2Fstatic.digitecgalaxus.ch%2FFiles%2F2%2F0%2F1%2F4%2F1%2F0%2F6%2F0%2F_MG_1770%2520Kopie.jpg&v=3&w=400&s=dnpkUzaWgeRG49ja9xB1mBR3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cc919c0061c6276f611747fde8eb00f5810b7d97bf352de289a659c3e1881647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=914243
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6962
expires: Wed, 07 Dec 2022 21:30:30 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F337 0
128 B 172ms
48ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=3rJaLMZHPLzQVOPlPeKXqs98Huo1DCveKLQbFfunkvdr1D4jYLRu0_5b609Xr089OZlTw5fHOVT2KK6midcSUSItBkRCxgol61ERFYcXhN54Y0QwoqPvBPS_59y9ZK5Q6DIl6-4B2T3Iig-NtR_uKvUKRGI694WAXr-qybGRmP3XM9gw2sO6PnLivGaBbPFzAPOta4uXFxJYUGmC2_W6Aa_H2S6itpv5wkbhVyltnEhUY1o9UxPElhKrBoS0LWKmWR_Gkw&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F337 2 KB
1 KB 683ms
568ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:33:06 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F337 2 KB
1 KB 853ms
852ms Image
image/svg+xml 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:33:07 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame F0BF 89 KB
12 KB 92ms
52ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j9f2erqdaptwnjpfgqtvrt9455vzbhe75z9qx61naj1k8kh8ghzbgw8r1bwjjvfk5b36yehy7tq46yxk62ygpevgab5vx0332gy3zy8pfebe1jayxjq3a58vjw3hqm9hjnj39yszgbrz3v84ptftzymgzgcptw29k14738swpvadb2dbh9q398rywa7svpvp849ph4xv35d83n0e9zasw3r23q48j7j582wjb6n47jyh2w264xcabq2b80r803sgz50g15qafc49qzjmd2tht7azne0s8xk0xdaa7592d1207rtj0a1ggsjw88crzhkhnfr116vj9jy39msf70fr1qaqapq8s2msv3csaz3dc3nsnp6r343z96rwqtv52mn1wkt6pxgtdp659btfm6zjc9xn7r7wdddt611ce447nzh68g429j15kwhwm54fjmyjdmnmwdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%26client%3Dca-pub-2128757167812663%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j9f2erqdaptwnjpfgqtvrt9455vzbhe75z9qx61naj1k8kh8ghzbgw8r1bwjjvfk5b36yehy7tq46yxk62ygpevgab5vx0332gy3zy8pfebe1jayxjq3a58vjw3hqm9hjnj39yszgbrz3v84ptftzymgzgcptw29k14738swpvadb2dbh9q398rywa7svpvp849ph4xv35d83n0e9zasw3r23q48j7j582wjb6n47jyh2w264xcabq2b80r803sgz50g15qafc49qzjmd2tht7azne0s8xk0xdaa7592d1207rtj0a1ggsjw88crzhkhnfr116vj9jy39msf70fr1qaqapq8s2msv3csaz3dc3nsnp6r343z96rwqtv52mn1wkt6pxgtdp659btfm6zjc9xn7r7wdddt611ce447nzh68g429j15kwhwm54fjmyjdmnmwdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%26client%3Dca-pub-2128757167812663%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669235721
age: 297287
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 20:35:56 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669235756372606
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cPUWheMw9ymX1b%2BwKGZy7hX8OF7r3jd7a%2FDWA9I6Zws3qRU9RWXYaSNv%2B7VtF%2BMeKLxiWLvoNktUwq5yMJBK4eF%2BDI12RtzWUD2Z5cEly5hGEGh7mHKNy99bBBSCBicju3gDM153%2FI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77092c7d3f879271-FRA
expires: Sun, 27 Nov 2022 08:33:06 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame F0BF 35 KB
12 KB 60ms
49ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j9f2erqdaptwnjpfgqtvrt9455vzbhe75z9qx61naj1k8kh8ghzbgw8r1bwjjvfk5b36yehy7tq46yxk62ygpevgab5vx0332gy3zy8pfebe1jayxjq3a58vjw3hqm9hjnj39yszgbrz3v84ptftzymgzgcptw29k14738swpvadb2dbh9q398rywa7svpvp849ph4xv35d83n0e9zasw3r23q48j7j582wjb6n47jyh2w264xcabq2b80r803sgz50g15qafc49qzjmd2tht7azne0s8xk0xdaa7592d1207rtj0a1ggsjw88crzhkhnfr116vj9jy39msf70fr1qaqapq8s2msv3csaz3dc3nsnp6r343z96rwqtv52mn1wkt6pxgtdp659btfm6zjc9xn7r7wdddt611ce447nzh68g429j15kwhwm54fjmyjdmnmwdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%26client%3Dca-pub-2128757167812663%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 436490
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BWA%2F9m%2FxwwWRMkjzD1iAWSh6AupGXemNqVn%2FcuEltiQc2VTNaKL%2FokpFD72XNEmIOJxIPhI4cWpJ6E%2FQB%2FUfeRoqeL8AWbRfUe8bPnbdK11gNtIAS%2BiYP8ByDLBEDS77anblU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 77092c7d0cd3bbb3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 22 Nov 2022 06:18:06 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame FE7C 89 KB
11 KB 109ms
92ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k9n38px01ftngjkx4ptbpf9vtjvx6xmdgamrh40364nzbgp6bhg61j85skx4e1kb6a4fqegk84gp2hz4dgs6pcrasepazeqjyhvanmbp82p44v3yamkhyx8qj5904de911x3e22fgathdxnb7bc2pmmtz2g4hzy7dswsz9atkc0w0gdngqr6rg3q4c580s9z1p7v0hhyftv6jkw0y2zdpp1d64qpjjddvb27gq09vt6dyrhm6mbqd2w3qfkr73gmz1n6rvptq82zy9p2r0dzrzn612xnhxqafex248wcj4feevez8dc7wj053phh2nr4rw08p3epqnecqp2987eswgj31cpm99g8za5pmxpfg5cywnf6arn6bvfbaskaqc6q74mk1vf4f3fjz3nazgch0043g3v6byrw9dych9grjnjjs4c0vayvqtgz32vfzvry8wmjtwfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%26client%3Dca-pub-2128757167812663%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k9n38px01ftngjkx4ptbpf9vtjvx6xmdgamrh40364nzbgp6bhg61j85skx4e1kb6a4fqegk84gp2hz4dgs6pcrasepazeqjyhvanmbp82p44v3yamkhyx8qj5904de911x3e22fgathdxnb7bc2pmmtz2g4hzy7dswsz9atkc0w0gdngqr6rg3q4c580s9z1p7v0hhyftv6jkw0y2zdpp1d64qpjjddvb27gq09vt6dyrhm6mbqd2w3qfkr73gmz1n6rvptq82zy9p2r0dzrzn612xnhxqafex248wcj4feevez8dc7wj053phh2nr4rw08p3epqnecqp2987eswgj31cpm99g8za5pmxpfg5cywnf6arn6bvfbaskaqc6q74mk1vf4f3fjz3nazgch0043g3v6byrw9dych9grjnjjs4c0vayvqtgz32vfzvry8wmjtwfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%26client%3Dca-pub-2128757167812663%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669235721
age: 297287
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 20:35:56 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669235756372606
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDax5sNI2hTWcEmf6RgHv1kNUy1Ex4drhPN6%2BI1mMXOHbYXf%2F3DXj3cy%2BWMkokH5OyJPJTvRnMzedMlz6O9phGzHSdDzLBgA0fYq2h91tAllXycoENcAwjAL62b2C7McighRNmPciOE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77092c7d3f889271-FRA
expires: Sun, 27 Nov 2022 08:33:06 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame FE7C 35 KB
12 KB 48ms
48ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k9n38px01ftngjkx4ptbpf9vtjvx6xmdgamrh40364nzbgp6bhg61j85skx4e1kb6a4fqegk84gp2hz4dgs6pcrasepazeqjyhvanmbp82p44v3yamkhyx8qj5904de911x3e22fgathdxnb7bc2pmmtz2g4hzy7dswsz9atkc0w0gdngqr6rg3q4c580s9z1p7v0hhyftv6jkw0y2zdpp1d64qpjjddvb27gq09vt6dyrhm6mbqd2w3qfkr73gmz1n6rvptq82zy9p2r0dzrzn612xnhxqafex248wcj4feevez8dc7wj053phh2nr4rw08p3epqnecqp2987eswgj31cpm99g8za5pmxpfg5cywnf6arn6bvfbaskaqc6q74mk1vf4f3fjz3nazgch0043g3v6byrw9dych9grjnjjs4c0vayvqtgz32vfzvry8wmjtwfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%26client%3Dca-pub-2128757167812663%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 436490
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2FwPoNRIYMLVvqbrLE5LB8eXOTbu72vqees0J3fnzoHUIsytttjXytEKVetOtPmXvf5t7ekhl93aJywGk8IFrt9EVEXLglsXK5mkR%2BS4MokFtEG0xnXCMw8CKNgPiURC0Kuqpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 77092c7d2cf1bbb3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 22 Nov 2022 06:18:06 GMT

GET
DATA 200
OK truncated
/ Frame 5146 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74196258aeb1037f05157978aa1e551a8ad412aa697bb3b5bf77d9f46bcff531

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
398 B 38ms
38ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

325d1bd9c9b3ec9fbb90b7a1f6474216dbb28bd98283c71e853b163f32b75079

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D7D 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 05:05:32 GMT
expires: Mon, 27 Nov 2023 05:05:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D4AE 783 B
535 B 48ms
47ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

141dca0b06d86565afe268353e51288d63df3cd9150514016e158d1052387c53

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZNOmIQw2cPi5g5XrW2J9yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ZNOmIQw2cPi5g5XrW2J9yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:06 GMT
expires: Sun, 27 Nov 2022 07:33:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD8D 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 05:05:32 GMT
expires: Mon, 27 Nov 2023 05:05:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0B58 783 B
536 B 47ms
46ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28d34ab18b89c1b819b944df64a9da41e88adc720f9d630591b0cff43ba31737

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U2Xbs688HK3BJhC2e9FGnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-U2Xbs688HK3BJhC2e9FGnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:06 GMT
expires: Sun, 27 Nov 2022 07:33:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 index.m3u8 Show response
streaming.playstream.media/storage/videos/6ffc001c-8a14-49dc-9e6f-3cb4071f5112/ 111 B
715 B 434ms
37ms XHR
application/vnd.apple.mpegurl 138.199.37.232
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/6ffc001c-8a14-49dc-9e6f-3cb4071f5112/index.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.232 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-232.bunnyinfra.net
Software: BunnyCDN-DE1-874 /
Resource Hash: fbff17b8544a058a2513ab4cbc795b6fa5880abbb34d5a990979a7257c51ebfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sun, 27 Nov 2022 07:33:07 GMT
cdn-edgestorageid: 865
cdn-cachedat: 11/25/2022 22:44:58
cdn-pullzone: 1024237
content-length: 111
last-modified: Tue, 29 Mar 2022 11:16:12 GMT
server: BunnyCDN-DE1-874
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6242ea7c-6f"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: e6346a783387eb75963322f602dea98a
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2F93 15 KB
16 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 485294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2F93 15 KB
15 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 215451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 19:42:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F5BF 16 KB
16 KB 49ms
49ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 243206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 11:59:40 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F5BF 15 KB
15 KB 58ms
58ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 215451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 19:42:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8968 16 KB
16 KB 67ms
66ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 243206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 11:59:40 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8968 15 KB
15 KB 78ms
77ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 215451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 19:42:15 GMT

GET
H2 200 92d0eacbdd534f81de4b06016912d49f.js Show response
www.gstatic.com/mysidia/ Frame 329F 9 KB
5 KB 410ms
37ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92d0eacbdd534f81de4b06016912d49f.js?tag=client_fast_engine_2019

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 18:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4142
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 18:33:43 GMT

GET
H2 200 104e251e0e49b7fa49eee8ab1ff6ae7c.js Show response
www.gstatic.com/mysidia/ Frame 329F 36 KB
14 KB 411ms
39ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/104e251e0e49b7fa49eee8ab1ff6ae7c.js?tag=local_product/lca_square_v3

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8cd02ee3539f33c17a3e19fcf5a1d004e7126a6eb0e5503898f66cd6ed5f054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 09:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14465
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 09:41:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 329F 13 KB
970 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2Cbold

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 07:26:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Nov 2022 07:33:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 329F 2 KB
774 B 39ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 10:41:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 329F 23 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 13:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 13:25:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 329F 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 04:54:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 329F 18 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 10:41:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 329F 0
0 45ms
44ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6M-nrZk0jo5SPpt3yvAA4_U3kZHnYBvtSJHGpaMe8pt25yvOKoWHbqFJe6fJDNe7KH2X9TaqPDSNvJEJlAQM40_hKKQ
Requested by: Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 329F 154 KB
47 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 07:33:06 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 329F 34 KB
14 KB 112ms
37ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 15:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 15:35:45 GMT

POST
H/1.1 200 579.json Show response
id5-sync.com/g/v2/ 216 B
621 B 113ms
37ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

fac42fe5e32e82981550c07c3b086b232b01c768575520b0e0f876190493110f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 76ED
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFGrX5bkcoIMd9xJnPxD_XA&google_cver=1&google_push=ASkJ3FY6XH_KuWW9ff_0FIqjOQxEO3HMsDZFQiGcSdWqV55TeLkFKJrHDtdbje_3yHkSuSWjjU1B8NwlP0p54Qc04o4ara9WjHQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQ2NzAzOTIzOTIyNzEyODMzNg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFGrX5bkcoIMd9xJnPxD_XA&google_cver=1

43 B
398 B

126ms
47ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFGrX5bkcoIMd9xJnPxD_XA&google_cver=1
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFGrX5bkcoIMd9xJnPxD_XA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 76ED 0
104 B 428ms
73ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEL-KPhT7yxeuC6OP3nFzx8A&google_cver=1&google_push=ASkJ3FaqoMn9iVX8oJVHyseSVhIQr9Zhv7Bgi3k6ovTLVTloVtGs-ZmWRcKWnB1XhOPOX9PQC_9O9VPOK1-_f2BGpiFZgN3rszw
Requested by: Host: e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com
URL: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76ED
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ckV2NFZ1Z0gxT1pjOVo1&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cver=1&google_push=ASkJ3FZ3RmwFLon4Rn08q5zAjw3UN2JNSEVoFvG1qCKyn-U...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ckV2NFZ1Z0gxT1pjOVo1&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cver=1&google_push=ASkJ3FZ3RmwFLon4Rn08q5zAjw3UN2JNSEVoFvG1qCKyn-UzGDbsvR96yQSv76qSNoiJz_hJXE1xGusnQZ9S4IeZs0jW0mWe_2M

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:07 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-00370ec4fddf661ef@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ckV2NFZ1Z0gxT1pjOVo1&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cver=1&google_push=ASkJ3FZ3RmwFLon4Rn08q5zAjw3UN2JNSEVoFvG1qCKyn-UzGDbsvR96yQSv76qSNoiJz_hJXE1xGusnQZ9S4IeZs0jW0mWe_2M
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76ED
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELnjI8nfftKWc7f4N5AUnqQ&google_cver=1&google_push=ASkJ3FbB1WugvRRN10C-XP8v2buBIEYLpW0d_msmcJc6hB3hoCGRVAY8n967DkdoKyO0v9FyZY0iqAXkHz6zRRxgXMuvL6nrVrS2
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E767C135E0B04B19AD72331496476452&google_push=ASkJ3FbB1WugvRRN10C-XP8v2buBIEYLpW0d_msmcJc6hB3hoCGRVAY8n967DkdoKyO0v9FyZY0iqAXkHz6zRRx...

170 B
188 B

116ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E767C135E0B04B19AD72331496476452&google_push=ASkJ3FbB1WugvRRN10C-XP8v2buBIEYLpW0d_msmcJc6hB3hoCGRVAY8n967DkdoKyO0v9FyZY0iqAXkHz6zRRxgXMuvL6nrVrS2

Requested by

Host: e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com
URL: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 27 Nov 2022 07:33:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E767C135E0B04B19AD72331496476452&google_push=ASkJ3FbB1WugvRRN10C-XP8v2buBIEYLpW0d_msmcJc6hB3hoCGRVAY8n967DkdoKyO0v9FyZY0iqAXkHz6zRRxgXMuvL6nrVrS2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 26 Nov 2022 07:33:07 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76ED
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFUMGmr3OSpcRLiiXp1mBd0&google_cver=1&google_push=ASkJ3FZlIchDTYpHQJWArIZ88PC1rdhCRjvK7b01nnvjGbh0_YUhWF-Z7u53_QhUe1zRbxY3GyHS2Umk9mGLG6...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MDU5NTU5MTcxNzcxNDA2OA%3D%3D&google_push=ASkJ3FZlIchDTYpHQJWArIZ88PC1rdhCRjvK7b01nnvjGbh0_YUhWF-Z7u53_QhUe1zRbxY3GyHS2Umk9mGLG6SvvT...

170 B
188 B

116ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MDU5NTU5MTcxNzcxNDA2OA%3D%3D&google_push=ASkJ3FZlIchDTYpHQJWArIZ88PC1rdhCRjvK7b01nnvjGbh0_YUhWF-Z7u53_QhUe1zRbxY3GyHS2Umk9mGLG6SvvTMvYoY7LCQ

Requested by

Host: e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com
URL: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3MDU5NTU5MTcxNzcxNDA2OA%3D%3D&google_push=ASkJ3FZlIchDTYpHQJWArIZ88PC1rdhCRjvK7b01nnvjGbh0_YUhWF-Z7u53_QhUe1zRbxY3GyHS2Umk9mGLG6SvvTMvYoY7LCQ
Date: Sun, 27 Nov 2022 07:33:07 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76ED
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EK9Ml4B7Q8yH36ER0ki6AQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EK9Ml4B7Q8yH36ER0ki6AQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FY6C4K3yL8Akh7kyTVRcCUupIq6IZZ7nLl4i8aIZ2CYVpgcEnk96IrE809NIq13Nj2PD3VIc7kJXEX6aVGS0cdcI6vcIScV

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EK9Ml4B7Q8yH36ER0ki6AQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FY6C4K3yL8Akh7kyTVRcCUupIq6IZZ7nLl4i8aIZ2CYVpgcEnk96IrE809NIq13Nj2PD3VIc7kJXEX6aVGS0cdcI6vcIScV
date: Sun, 27 Nov 2022 07:33:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76ED
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJMVFFYU8kRrCxNIW9snm8c&google_cver=1&google_push=ASkJ3Fb-XfAGaON_ygEeAJNy2v-6Ct3n4DlBDCqDxCSdVoJdN9MrkBckmwsu_HJyQuVaW9_X1_PP-U-lbGYfq_ZIF7Uvz4OPzR5p
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3Fb-XfAGaON_ygEeAJNy2v-6Ct3n4DlBDCqDxCSdVoJdN9MrkBckmwsu_HJyQuVaW9_X1_PP-U-lbGYfq_ZIF7Uvz4OPzR5...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQwMTQyMTY2MDExNzcxNDAwOTM3OQ%3D%3D&google_push=ASkJ3Fb-XfAGaON_ygEeAJNy2v-6Ct3n4DlBDCqDxCSdVoJdN9MrkBck...

170 B
188 B

47ms
47ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQwMTQyMTY2MDExNzcxNDAwOTM3OQ%3D%3D&google_push=ASkJ3Fb-XfAGaON_ygEeAJNy2v-6Ct3n4DlBDCqDxCSdVoJdN9MrkBckmwsu_HJyQuVaW9_X1_PP-U-lbGYfq_ZIF7Uvz4OPzR5p

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQwMTQyMTY2MDExNzcxNDAwOTM3OQ%3D%3D&google_push=ASkJ3Fb-XfAGaON_ygEeAJNy2v-6Ct3n4DlBDCqDxCSdVoJdN9MrkBckmwsu_HJyQuVaW9_X1_PP-U-lbGYfq_ZIF7Uvz4OPzR5p
date: Sun, 27 Nov 2022 07:33:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 76ED 0
232 B 389ms
44ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IlYeyeiCbKI1-UCPyk3OyeWMhhYwGAK6cSzw-8v_dcKsu7yYsFiMuarKbM8z7xp6Ha0UHz

Requested by

Host: e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com
URL: https://e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 200 579.json Show response
id5-sync.com/g/v2/ 216 B
621 B 114ms
38ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

d6e31dc642e997695277f9fcf7a9457488572430f157887d176e8db215b7e4ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BE42 13 KB
5 KB 59ms
37ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 05:05:32 GMT
expires: Mon, 27 Nov 2023 05:05:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 66C3 783 B
533 B 70ms
48ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6aff6f6523e945e76b87bc555d3a07b8524dfdfca97022ca479878a5693a4c09

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vaOmaSlz8qDNRm-fHubt0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-vaOmaSlz8qDNRm-fHubt0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:07 GMT
expires: Sun, 27 Nov 2022 07:33:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4F78 0
103 B 397ms
73ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEL-KPhT7yxeuC6OP3nFzx8A&google_cver=1&google_push=ASkJ3FYGKUHGaZ5KPY6Z4OduCb0AmWYcLvJTHkZL0xn8uiTCn8VuPUaRFGT9qnz8YT0eO_pwsA-LH211EtBbepf2ExEFoezjgA
Requested by: Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F78
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ckV2NFZ1Z0gxT1pjOVo1&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cver=1&google_push=ASkJ3FY_3uu4IWS4ILfc5ba-__UZzGMvXyeguvUESg09fy0...

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ckV2NFZ1Z0gxT1pjOVo1&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cver=1&google_push=ASkJ3FY_3uu4IWS4ILfc5ba-__UZzGMvXyeguvUESg09fy0YNWIXcVlbptfoSt2Qv9e5Yl_5XJjOx-ZHocg3WtMpFNvBRey7O4k

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:06 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-001aff4bca77297e8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ckV2NFZ1Z0gxT1pjOVo1&google_gid=CAESEH-8m5umcq9Or-YGAZ3oVyc&google_cver=1&google_push=ASkJ3FY_3uu4IWS4ILfc5ba-__UZzGMvXyeguvUESg09fy0YNWIXcVlbptfoSt2Qv9e5Yl_5XJjOx-ZHocg3WtMpFNvBRey7O4k
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F78
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELnjI8nfftKWc7f4N5AUnqQ&google_cver=1&google_push=ASkJ3FYin8zEyrCudgYDxJFr2DY8Ox5TB-vMdj_lIaOjVK8Ydxf04HeIrw_zfdvyqnneuuz4CpIeCxU_JEeDbIxauVwl97dy2PQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A8B9CE3FC0474748B23BE40EAC23EABA&google_push=ASkJ3FYin8zEyrCudgYDxJFr2DY8Ox5TB-vMdj_lIaOjVK8Ydxf04HeIrw_zfdvyqnneuuz4CpIeCxU_JEeDbIx...

170 B
188 B

116ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A8B9CE3FC0474748B23BE40EAC23EABA&google_push=ASkJ3FYin8zEyrCudgYDxJFr2DY8Ox5TB-vMdj_lIaOjVK8Ydxf04HeIrw_zfdvyqnneuuz4CpIeCxU_JEeDbIxauVwl97dy2PQ

Requested by

Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 27 Nov 2022 07:33:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A8B9CE3FC0474748B23BE40EAC23EABA&google_push=ASkJ3FYin8zEyrCudgYDxJFr2DY8Ox5TB-vMdj_lIaOjVK8Ydxf04HeIrw_zfdvyqnneuuz4CpIeCxU_JEeDbIxauVwl97dy2PQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 26 Nov 2022 07:33:07 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F78
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFyGqeWFhfkfWL5FIdZG4qk&google_cver=1&google_push=ASkJ3FYSRSDpBHZNWPiejc82wUViNMiuZ-xZPaAPI7nGc2tNEg9wOHH-bI3CEnn1iYIl7g2rtXWElkd9wJdGifF8eL5RxwW...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEFyGqeWFhfkfWL5FIdZG4qk&google_cver=1&google_push=ASkJ3FYSRSDpBHZNWPiejc82wUViNMiuZ-xZPaAPI7nGc2tNEg9wOHH-bI3CEnn1iYIl7g2rtXWElkd9wJdGifF8eL5Rx...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FYSRSDpBHZNWPiejc82wUViNMiuZ-xZPaAPI7nGc2tNEg9wOHH-bI3CEnn1iYIl7g2rtXWElkd9wJdGifF8eL5RxwWfe4U

170 B
188 B

48ms
47ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FYSRSDpBHZNWPiejc82wUViNMiuZ-xZPaAPI7nGc2tNEg9wOHH-bI3CEnn1iYIl7g2rtXWElkd9wJdGifF8eL5RxwWfe4U

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ASkJ3FYSRSDpBHZNWPiejc82wUViNMiuZ-xZPaAPI7nGc2tNEg9wOHH-bI3CEnn1iYIl7g2rtXWElkd9wJdGifF8eL5RxwWfe4U
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4F78
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEA9A66Y0pbVRuubJ7EFzhkk&google_cver=1&google_push=ASkJ3FbUoQDf7VQFqehkbnGqK7qDyidJidOsRC7wJIHQ5S7j65wckpAs2p8JzaZGSfggCt8lOWERWLpPwiup...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FbUoQDf7VQFqehkbnGqK7qDyidJidOsRC7wJIHQ5S7j65wckpAs2p8JzaZGSfggCt8lOWERWLpPwiuph8C9NtEyUPqMP0g

170 B
329 B

265ms
47ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FbUoQDf7VQFqehkbnGqK7qDyidJidOsRC7wJIHQ5S7j65wckpAs2p8JzaZGSfggCt8lOWERWLpPwiuph8C9NtEyUPqMP0g

Requested by

Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FbUoQDf7VQFqehkbnGqK7qDyidJidOsRC7wJIHQ5S7j65wckpAs2p8JzaZGSfggCt8lOWERWLpPwiuph8C9NtEyUPqMP0g
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 4F78
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEA9A66Y0pbVRuubJ7EFzhkk&google_cver=1&google_push=ASkJ3FYjsjoSEdjHuZ5FIoLqnJDTeUynb6P4eBCLiZgsKIvbWtoKkVtmE_lHYRYFQizDtAhKALyJuprqJxA...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYjsjoSEdjHuZ5FIoLqnJDTeUynb6P4eBCLiZgsKIvbWtoKkVtmE_lHYRYFQizDtAhKALyJuprqJxABkuy8_mz8V4kf4Ps7
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

38ms
38ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F78
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIfrHGmT3...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

124ms
49ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=&%%GOOGLE_PUSH_PAIR%%
date: Sun, 27 Nov 2022 07:33:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4F78 0
40 B 358ms
45ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JToAoNDDeOAdxAa7vaZCeCWqBXoAu4D-m5bfFMv5FK4ToKvOpGvpj8HyOC56EnKRLAyg4j-Ow

Requested by

Host: 429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
URL: https://429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame F074 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 872dfd5d42b8170c23c07b10587fa208e3aa374ac9bd9ccd5a4d17f47d206f58

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 55C6 143 KB
48 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=wMKxLTv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0095d87a5931ac1dfeb3dcde32742ac61053172341e8cc1922bf224a6d8437b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49327
x-xss-protection: 0
server: cafe
etag: 8859257372892307449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 07:33:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F337 2 KB
472 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2217681f6d9558c2fab7e3ec0f40051276138880c76082503a33a699bc1accde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Nov 2022 07:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 06:35:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Nov 2022 07:33:06 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
330 B 57ms
57ms XHR
application/json 52.19.187.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 998e3efe2d47d0df4a109b3c6d1ff172e03be9bd6578004a393accaae9a321d7

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://earnme.club
cache-control: no-cache
x-server: 10.45.7.71
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 38ms
37ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F93 2 KB
2 KB 36ms
36ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76608
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:16:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F93 295 B
319 B 37ms
37ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 78023
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Nov 2022 09:52:43 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F5BF 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76608
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:16:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F5BF 295 B
319 B 37ms
37ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 78023
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Nov 2022 09:52:43 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8968 2 KB
2 KB 38ms
38ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:16:18 GMT
x-content-type-options: nosniff
server: cafe
age: 76608
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:16:18 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8968 295 B
319 B 38ms
38ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:52:43 GMT
x-content-type-options: nosniff
server: cafe
age: 78023
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 27 Nov 2022 09:52:43 GMT

GET
DATA 200
OK truncated
/ Frame EBAD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17eafd22555ae4b4e81616ec64a0cd1c2fd89af911e977cef3742d7bdf187b03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 e5aa1adb78474601876cfb5d43df4097_gibsonreg.woff
static.criteo.net/design/dt/ Frame F337 52 KB
52 KB 1116ms
557ms Font
application/octet-stream 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e5aa1adb78474601876cfb5d43df4097_gibsonreg.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

400f278f2c69dfe83e18444890571c1aeed175e0314a701a3b26b4e1871ae2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 09 Oct 2017 16:38:09 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"59dba5f1-d038"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:33:07 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F0BF 3 KB
4 KB 238ms
50ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26438669
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNYFyNPmP75O5vsOKbbgJxJ2NcXeGhEWYF6agYSvJYCAGUqN6tofvzK4ih2NATiN0PQICNrvWgqyc9BbJMyE46WxACimTdGcEvbfUCbMhv3PhUOntFnWh80xfOsuX%2FG45RfoYL8yni19YtKfkffxYz7I"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 77092c800d99906c-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame FE7C 3 KB
3 KB 242ms
56ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26438669
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERd3K12K%2Fbt4%2F53ic%2FsxzY87D8O6U47gbCBcb3EeHM%2FI263ZNypoB1VSm4EhT8rz9DGWk%2Bil7XGXty2Rxv95EeME9vxLWswtJqsfwtNh%2BLP%2F8NN%2F8J2YdgKV09MlPC%2BaWupmYmgqd1GYo8pgO%2Bm0iJ6b"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 77092c800d9b906c-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D4AE 0
0 70ms
70ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1715103306569748&rc=
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0B58 0
0 71ms
70ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1713075332049328&rc=
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 frame.html Show response
ad4m.at/ Frame 81E3 2 KB
1 KB 54ms
53ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2481711
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 77092c7febaa9271-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 27 Nov 2022 07:33:07 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsDbYcHfSM0gTL%2FjMAbliwHyPKzCTwd2736SjrWV%2Bcg2LPOvXqsEq87rpyHUV2ybGKJcF%2F9LzrYGqEWvHz%2BoGzIDciI1Rr%2BgdnXpK25giHbgnA72MCqpJ5Ti7UVbka9PVczjnY0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame CEC0 2 KB
1 KB 52ms
52ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2481711
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 77092c7febac9271-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 27 Nov 2022 07:33:07 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IR7ZMSLd2BNydeAlU23fJ4zNbO8Mz2nJLfHkRFXoY76gIW3XgraIjpqT147K75U84nEBbMg1onwaKFgcu5%2FAz1f%2Bcagl5dO6zuthCQxhfKLxnsfKYaeZuQ%2B%2Bh0NBedGwx25ITXo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame F337 8 KB
8 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 302894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 19:24:53 GMT

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame F337 8 KB
8 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 302843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 19:25:44 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D7D 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 04:53:36 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame BD8D 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 04:53:36 GMT

GET
H2 200 405 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 636ms
211ms Script
application/javascript 52.24.69.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.69.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-24-69-139.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 3e0eb65dac6415ddd4d30cb3e5d091f9ad5f55269e4898a43f33bb11fed19baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 55C6 355 KB
117 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9548364294205117&plah=earnme.club

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c9ecfdea408321a7f5dcad4dfd4df6affcd077826566568cdd78a8a673cde15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119607
x-xss-protection: 0
server: cafe
etag: 7743882904405439809
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 07:33:07 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 5C50 10 KB
4 KB 114ms
36ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 12:40:30 GMT
etag: 10353107486223812946
expires: Sat, 10 Dec 2022 12:40:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index_0_250.m3u8 Show response
streaming.playstream.media/storage/videos/6ffc001c-8a14-49dc-9e6f-3cb4071f5112/ 548 B
826 B 40ms
39ms XHR
application/vnd.apple.mpegurl 138.199.37.232
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/6ffc001c-8a14-49dc-9e6f-3cb4071f5112/index_0_250.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.232 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-232.bunnyinfra.net
Software: BunnyCDN-DE1-874 /
Resource Hash: 4258b03c47fdeddcbc090534179a8fe7891a05cd10a8073da842fd4641c384e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: br
cdn-edgestorageid: 756
cdn-cachedat: 11/21/2022 20:38:40
cdn-pullzone: 1024237
last-modified: Tue, 29 Mar 2022 11:16:12 GMT
server: BunnyCDN-DE1-874
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6242ea7c-224"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: d8e672d0cfb11524df4bdda068624a88
cdn-requestcountrycode: DE
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index_0_250_00000.ts Show response
streaming.playstream.media/storage/videos/6ffc001c-8a14-49dc-9e6f-3cb4071f5112/ 635 KB
637 KB 51ms
51ms XHR
video/mp2t 138.199.37.232
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/6ffc001c-8a14-49dc-9e6f-3cb4071f5112/index_0_250_00000.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.232 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-232.bunnyinfra.net
Software: BunnyCDN-DE1-874 /
Resource Hash: 6bd305dae749af55a0692903cc4df6a7cc3134d85fee97c5025500e704e2f938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sun, 27 Nov 2022 07:33:07 GMT
cdn-edgestorageid: 1053
cdn-cachedat: 11/17/2022 00:06:44
cdn-pullzone: 1024237
content-length: 650668
last-modified: Tue, 29 Mar 2022 11:16:02 GMT
server: BunnyCDN-DE1-874
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6242ea72-9edac"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 14dd9a05c6781c84251f3ca8fcaa0243
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 66C3 0
0 71ms
70ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=2151695117715161&rc=
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 2652319142383699934
tpc.googlesyndication.com/simgad/ Frame 329F 2 MB
2 MB 39ms
38ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2652319142383699934

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdce65c59d8d48e267e996153af14ff83be1af70d6e37c59c6dbdd635a8fbe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:23:29 GMT
x-content-type-options: nosniff
age: 180578
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2488769
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 10:16:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 05:23:29 GMT

GET
H3 200 10074023703360132787
tpc.googlesyndication.com/simgad/ Frame 329F 3 KB
3 KB 47ms
42ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10074023703360132787

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31019c9d45fc559bd5b7d56caea9eb3d56a7fb8b1f5794b6f5fdf99af6c0af0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 05:25:50 GMT
x-content-type-options: nosniff
age: 353237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3143
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 07:31:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 05:25:50 GMT

GET
H3 200 18280418950089335811
tpc.googlesyndication.com/simgad/ Frame 329F 41 KB
41 KB 56ms
52ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18280418950089335811?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qlqAZnJtHeJCGe0G2uPVrBGR9inFg&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb5e304dae72c06d08e56338420864dc62451949236ccc7d81609de6689f76fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 15:03:33 GMT
x-content-type-options: nosniff
age: 318574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42116
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 15:03:33 GMT

GET
H3 200 792087489313940531
tpc.googlesyndication.com/simgad/ Frame 329F 66 KB
66 KB 52ms
48ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/792087489313940531?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qmAmUllqtsmUmSaWX61oOO67NNG4g&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0826fb8a61e233ee8407714c14c2d483617fc9f303782315d0acc2a3d80dd6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 14:44:14 GMT
x-content-type-options: nosniff
age: 319733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67628
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 14:44:14 GMT

GET
H3 200 16562326651415517074
tpc.googlesyndication.com/simgad/ Frame 329F 51 KB
51 KB 49ms
45ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16562326651415517074?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qnRuMV-wT-U-yduSFqXAO4o3R8dQQ&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8368cc371de9843c6776a11a84e0e7783afccb8914030507a988a026f413fd04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:37:10 GMT
x-content-type-options: nosniff
age: 78957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52465
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Nov 2023 09:37:10 GMT

GET
H3 200 1304571706359605777
tpc.googlesyndication.com/simgad/ Frame 329F 51 KB
51 KB 85ms
81ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1304571706359605777?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qljX0G6c87USAu0xhn40DqhagiIlQ&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c21a7b5005bdd1f32b15557343ca747efc0378f69b0b792618cf372623bd1e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 15:03:33 GMT
x-content-type-options: nosniff
age: 318574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52049
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 15:03:33 GMT

GET
H3 200 4788267393217142284
tpc.googlesyndication.com/simgad/ Frame 329F 39 KB
39 KB 94ms
90ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4788267393217142284?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qlKNBXJ0IxycGIBuVTR73x8wwTXNA&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfba59eb0b13439ce1e54eba2fd5188f823d4af045feffb22368f1d6a0be7de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 02:06:04 GMT
x-content-type-options: nosniff
age: 451623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40339
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Nov 2023 02:06:04 GMT

GET
H3 200 11455416975802954057
tpc.googlesyndication.com/simgad/ Frame 329F 54 KB
54 KB 75ms
72ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11455416975802954057?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qllp735iAUog6Enes0OtGzYonqKZA&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76043a28cfca83f0cd483258110f88c0ba5ed02b1e69970c0b69d8c390fa109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 14:44:14 GMT
x-content-type-options: nosniff
age: 319733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55560
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 14:44:14 GMT

GET
H3 200 13860802945517665954
tpc.googlesyndication.com/simgad/ Frame 329F 52 KB
52 KB 79ms
76ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13860802945517665954?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qlkXP155aLkS2N7VYEr2S9XC1YEmw&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0445219ca45fc5baaae50134226ef1af0372c5487dd7c1793f2e688a8c16c003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 22:18:27 GMT
x-content-type-options: nosniff
age: 206080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53504
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Nov 2023 22:18:27 GMT

GET
H3 200 8327448480077002583
tpc.googlesyndication.com/simgad/ Frame 329F 29 KB
29 KB 87ms
84ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8327448480077002583?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qmrZKlJdDZSdcflAFb9MChv5v_1nQ&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

242b9440547327fc01011d56734fb2647fcec50b43b43b4955563d31f93db693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 05:27:01 GMT
x-content-type-options: nosniff
age: 353166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29225
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 05:27:01 GMT

GET
H3 200 13422605669042522858
tpc.googlesyndication.com/simgad/ Frame 329F 51 KB
51 KB 95ms
92ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13422605669042522858?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qmSBLHJWbSt6b0-0XfVYEuDLhRUNA&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0350f30e088370e834c602efe1c1ef8bea72bd2799ae902a2d2d808fb504b558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:46:18 GMT
x-content-type-options: nosniff
age: 215209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52643
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Nov 2023 19:46:18 GMT

GET
H3 200 6750146118168429039
tpc.googlesyndication.com/simgad/ Frame 329F 35 KB
35 KB 88ms
85ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6750146118168429039?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qnBiuLOZKHnFO86jKRaXAfDyUUk9A&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15cbcc1f14083603937ed01ca11e9e4b3c2b43e18506880f738bec9aef3bcb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 05:38:04 GMT
x-content-type-options: nosniff
age: 352503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35825
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 05:38:04 GMT

GET
H3 200 8198618786701748763
tpc.googlesyndication.com/simgad/ Frame 329F 47 KB
47 KB 81ms
78ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8198618786701748763?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4ql7z2zhbF9ggeTJNFXTs7Nl3n95wg&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a275f71508c03e493de51202c19a88aa576971942839ddf2ebea5b3e0981067c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 05:51:06 GMT
x-content-type-options: nosniff
age: 351721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47773
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 05:51:06 GMT

GET
H3 200 11044901575660686832
tpc.googlesyndication.com/simgad/ Frame 329F 38 KB
38 KB 61ms
58ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11044901575660686832?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4ql1swY_FtKeVV8skRFuS89cDcpb3w&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b84a24c694347539523be6a02b433a6fde398ee929227a1046e6828ef6cea28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 22:18:27 GMT
x-content-type-options: nosniff
age: 206080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38537
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Nov 2023 22:18:27 GMT

GET
H3 200 16876917938651944919
tpc.googlesyndication.com/simgad/ Frame 329F 52 KB
52 KB 57ms
55ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16876917938651944919?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qmhEjVpX2q9NHnCjzC2tbC9qf9s5g&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d006036555f2f72377938f901c9c62195e664101d2b744de781271fb23fd2b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 14:44:14 GMT
x-content-type-options: nosniff
age: 319733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53187
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 16:55:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 14:44:14 GMT

GET
BLOB 200
OK a0a27d14-60ab-403a-901b-3da5723f75b3
https://earnme.club/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://earnme.club/a0a27d14-60ab-403a-901b-3da5723f75b3
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H3 200 16944839029191673668
tpc.googlesyndication.com/simgad/ Frame 329F 32 KB
32 KB 90ms
90ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16944839029191673668?sqp=-oaymwEOCNgEENgEIAFISFABWAE&rs=AOga4qkZeWYwdOGkWPRk6QIMSvvDOm3RxQ&w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae2fa559328083a8403f479edf65c4a0d0985b0929c8d0bcc005b195df81447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 05:27:01 GMT
x-content-type-options: nosniff
age: 353166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33135
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 18:36:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 05:27:01 GMT

GET
H3 200 13392867249100377424
tpc.googlesyndication.com/simgad/ Frame 329F 1023 B
1 KB 93ms
92ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13392867249100377424?w=100&h=100

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089519d57709ae55c20e3c480bc73d23f891021e3a44fb7a34aa408745abf51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 22:20:44 GMT
x-content-type-options: nosniff
age: 205943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1023
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 07:01:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 24 Nov 2023 22:20:44 GMT

GET
H3 200 location_map_preview_80x80.png
googleads.g.doubleclick.net/pagead/images/ Frame 329F 4 KB
4 KB 37ms
36ms Image
image/png 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/location_map_preview_80x80.png

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f4e942b89543c917fca335351a2bd1d968c5415f04b2054d01348bed12dd644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 08:59:31 GMT
x-content-type-options: nosniff
server: cafe
age: 81216
etag: 208617018205852857
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4410
x-xss-protection: 0
expires: Sun, 27 Nov 2022 08:59:31 GMT

GET
H3 200 directions_googblue_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 329F 448 B
472 B 59ms
39ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/directions_googblue_24dp.png

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3254b0c4685110561aece33f604a07923b63e4dfd91ea9bd691a65ca85455691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 05:43:29 GMT
x-content-type-options: nosniff
age: 352178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 448
x-xss-protection: 0
last-modified: Wed, 27 Jul 2022 20:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Nov 2023 05:43:29 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 329F 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWV1LsRKDY-PUONeh9u8PmrWegASCscLPbYm6zMvnEKrbv6DUARABINbmxVhgldqIgpgHoAHZ0uTPA8gBCakC_V3iep9wsT7gAgCoAwHIA0iqBIMCT9AceSTlUwr5b2iVpN4pdOjOyZ3u00JAZU0Q-t1WrW3M6YxEnPiozvsC3Ssu5cedmRyCpoa-VoWpELCsM-yK7bDT2Cd2SyKYDEGuq-bXJHMLWN1WShS8D1jnQMIZn_ExvtrRyCnE_n11SYYbVTrQHmf6E2hgSbiRnCQNwAnLlRgFiyKAfP1YF7JedKKqN8mo0WUYAN4UH9QbWD5v8MfJrvn_2WGAl0EUdpO721nz7a0UqUkXp4LxCIRdXCDMqzVLw01aMGGnyBclVUaY07XD-Fwa-27NZQiwkty3w2M47431jg8ZBNErS6GIrGtFwKsXkmXS1zt0WUFx3XDDQye-VWmCWcAEwqG7kpYE4AQBkgUECAQYAZIFBAgFGASgBi6AB_ixrTWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQmO0HqAgB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwGYDIXaqoWXBLgTpQTYEw7QFQGAFwGyFx4KHAgAEhRwdWItMjEyODc1NzE2NzgxMjY2Mxjc7Wo&sigh=1Cfbp9BkpLs&uach_m=[UACH]&cid=CAQSPADq26N9EIkwcGjyPUOV9aaMEHKCone-X14ixCF7yZZTyC-GLSTq_O7n_nGtOl1kcNnSeJUCUOD-Qdb-RxgBIBM&template_id=549
Requested by: Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AA5E 1 KB
643 B 46ms
36ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 10:44:06 GMT
etag: 48472445140208031
expires: Sun, 27 Nov 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 329F 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a34b6f86676072feb7011a67871b8c44196b4b68173828056c5612031e15d16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame BE42 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 04:53:36 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 87FC 15 KB
6 KB 154ms
52ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 658802
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 55C6 215 B
426 B 47ms
46ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=earnme.club&callback=_gfp_s_&client=ca-pub-9548364294205117&cookie=ID%3Dc4d91b4e38db5124%3AT%3D1669534384%3AS%3DALNI_MbrWNyJQtwTT-27Lkoku6i9gM_Nog&gpic=UID%3D00000b88e7f767da%3AT%3D1669534384%3ART%3D1669534384%3AS%3DALNI_MbnLiieW6XrJHTlK2WdDYIw7Chlmw&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9548364294205117&plah=earnme.club

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

160a44bb6d78ff7a2e7ea5773a158e9ba9395f52de8feead6ab27384c2d79fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 55C6 107 B
122 B 48ms
47ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 55C6 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED8D 436 B
233 B 146ms
139ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9548364294205117&output=html&h=250&slotname=7769709079&adk=3124451273&adf=3407277735&pi=t.ma~as.7769709079&w=300&lmt=1669534387&format=300x250&url=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669534387231&bpp=3&bdt=2347&idt=197&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dc4d91b4e38db5124%3AT%3D1669534384%3AS%3DALNI_MbrWNyJQtwTT-27Lkoku6i9gM_Nog&gpic=UID%3D00000b88e7f767da%3AT%3D1669534384%3ART%3D1669534384%3AS%3DALNI_MbnLiieW6XrJHTlK2WdDYIw7Chlmw&correlator=8736520944508&frm=23&ife=4&pv=2&ga_vid=1365863235.1669534384&ga_sid=1669534387&ga_hid=1974010394&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=474&ady=1077&biw=1600&bih=1200&isw=300&ish=250&ifk=4271657734&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C44777948&oid=2&pvsid=3616434489605761&tmod=723880777&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j4shh3xyuhu5&fsb=1&dtd=211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b6f4c4c3e350a02d6de6ed54c437b1bd4d6f8ff8c682d81ce2c9d1495d17c90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 55C6 14 KB
11 KB 75ms
74ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e88cf4753d0204c9a3038d859a681acbde8c6df1f79df795b809c76177aaf1a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11187
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4D7D 0
12 B 43ms
43ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QB677w
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 rs Show response
ad4m.at/ Frame FE7C 2 KB
2 KB 76ms
76ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 100621ff17a5cd5dbf80655997960c91b60697d62b7578070949aba3b5fb46f5

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWLD2QjHB9vr2ovIfSrjegSobb%2By5fcPFVOGSeTLgmgLlrC5APNe%2B0gjdMidHnrDC8iswHBVMF8%2B83P33O5kYzjWw0O%2FcB5nD33%2FBvZHODMLxwc4DnUZJvvQFwSGt3GULuXBupk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 77092c829a589c07-FRA
x-backend-server: aa-reachservice-group-europe-west1-ktgt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame F0BF 1 KB
2 KB 65ms
64ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebb7450ea0fc9fad850ee07f9fca7efd3f6a8c6f47ce331924127a366c69e4e3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klZXyIf3wsLQNcN9tIdjxbOCaZxoWlGFqRncI8NdUgLMRATqQf1Bm8juGvMFBaWlyrHA7TDrEdPitWKa2nRTOJMPSWLU8i0wNr01jFLCTFGm0HfsQtW4MgEODWtqKt%2BdfD7Xhk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 77092c829a569c07-FRA
x-backend-server: aa-reachservice-group-europe-west1-ktgt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BD8D 0
12 B 39ms
39ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?q_oE6Q
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 147ms
73ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77092c8229429c07-FRA
content-length: 24
content-type: text/plain
date: Sun, 27 Nov 2022 07:33:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogloBmGq7gAt08Jjs7oD36gxt1ryHqquZyNerv%2Fd7AupJGHGtVAo3%2BBD%2BicNLwulQl5EJvM9vM3QZlsZ9X62OirA5Xylu0miErt%2FWbmYudYdGiJZYklVlrT%2BsnjOZQXycHXdskk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-ktgt

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 144ms
72ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77092c82293b9c07-FRA
content-length: 24
content-type: text/plain
date: Sun, 27 Nov 2022 07:33:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdHouMs2GmXgDunJHOV4TjzDFJSCY5paypYmIymGTlvYgLDJ5sX0WFT7FRuu%2FFcXnPT3sXYGJJtSU8695rFxUXvf%2FCnv%2BrWaYvGzg3z5Tj%2BvW9PXVqNNbFuTaL3B3p5M4rIWLfA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-ktgt

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 55C6 17 KB
6 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 07:33:07 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 0652 88 KB
29 KB 352ms
349ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 28 Nov 2022 07:33:07 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame ED71 88 KB
29 KB 382ms
382ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 28 Nov 2022 07:33:07 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 329F 28 KB
28 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2Cbold

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 208646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 21:35:41 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame AA5E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOFDYB1YH4dKNO965MDQDZ0&google_cver=1&google_push=ASkJ3Fa7e51j99pnhgpXb9ggIWKJ70YsHnogAVhCpkokzjYxfy7W9nTC8MJnKPttte8YZDRmEOJ-YLBUwZEwQEM_r_qPakryo0ycB...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOFDYB1YH4dKNO965MDQDZ0&google_cver=1&google_push=ASkJ3Fa7e51j99pnhgpXb9ggIWKJ70YsHnogAVhCpkokzjYxfy7W9nTC8MJnKPttte8YZDRmEOJ-YLBUwZEwQEM_r_qPakryo0y...

43 B
422 B

220ms
210ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOFDYB1YH4dKNO965MDQDZ0&google_cver=1&google_push=ASkJ3Fa7e51j99pnhgpXb9ggIWKJ70YsHnogAVhCpkokzjYxfy7W9nTC8MJnKPttte8YZDRmEOJ-YLBUwZEwQEM_r_qPakryo0ycBw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa7e51j99pnhgpXb9ggIWKJ70YsHnogAVhCpkokzjYxfy7W9nTC8MJnKPttte8YZDRmEOJ-YLBUwZEwQEM_r_qPakryo0ycBw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 77092c855b0f5c14-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 642
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOFDYB1YH4dKNO965MDQDZ0&google_cver=1&google_push=ASkJ3Fa7e51j99pnhgpXb9ggIWKJ70YsHnogAVhCpkokzjYxfy7W9nTC8MJnKPttte8YZDRmEOJ-YLBUwZEwQEM_r_qPakryo0ycBw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa7e51j99pnhgpXb9ggIWKJ70YsHnogAVhCpkokzjYxfy7W9nTC8MJnKPttte8YZDRmEOJ-YLBUwZEwQEM_r_qPakryo0ycBw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 77092c83f88d5c14-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA5E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGpn7E2o969U2iL1e-nqZvY&google_push=ASkJ3Fa8FqXzR6aknZIo0KaM1IkBvqSkij4ARVFkpjpZu8L0JhhO-irRL7...

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGpn7E2o969U2iL1e-nqZvY&google_push=ASkJ3Fa8FqXzR6aknZIo0KaM1IkBvqSkij4ARVFkpjpZu8L0JhhO-irRL7nO7Xv_aSep8qEZQjedqBju6wyW0lmioFwO7v0FaXXy

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn4047-HHN
pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1669534388.838627,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGpn7E2o969U2iL1e-nqZvY&google_push=ASkJ3Fa8FqXzR6aknZIo0KaM1IkBvqSkij4ARVFkpjpZu8L0JhhO-irRL7nO7Xv_aSep8qEZQjedqBju6wyW0lmioFwO7v0FaXXy
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame AA5E 70 B
265 B 275ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESED4rW1JwXXy6x9e5P1lo4rk&google_cver=1&google_push=ASkJ3FbY6kSfSW0af3KcbKN5LGE_KXoEuJBr1Vr14tbbWoyIcyx96EpA7-N_foyqrJ3fEiKlv0z9ACCXoVvRAsr3peIfpInBP7_D7g
Requested by: Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dds
rtb.openx.net/sync/ Frame AA5E 43 B
351 B 267ms
47ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGypqbHPJaezgWEi1MkPilM&google_cver=1&google_push=ASkJ3FaVafDow2YIv_A5xjaV0SRfJUEOmra74zDYmOuImeiLqKDmC-0qJLl3ZDwMatXmgbGQiTJK5jNpNNo--5Sc6IhhLpOXN9R1vg
Requested by: Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:06 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 0860u5conidn6531qvhcq5f6sr4inf8i

GET
H2

200

/
onetag-sys.com/match/ Frame AA5E
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEA9A66Y0pbVRuubJ7EFzhkk&google_cver=1&google_push=ASkJ3FZ0iUj8R9Aw8pMgeNA5stfpkFt2Xs1DebYDQZH1pyvT1_1FETISTnl_kcyOaFnCFeFFiEdshkjuyqe...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZ0iUj8R9Aw8pMgeNA5stfpkFt2Xs1DebYDQZH1pyvT1_1FETISTnl_kcyOaFnCFeFFiEdshkjuyqes7BYJ-7jnhwk02vzG0q0
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

39ms
38ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame AA5E
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGFY2A3b9fG6DFZGbh_PQxI&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ASkJ3FZdtSaUARm-M1IzmGmerlwdHnuyebxWzxeQq6j7fnZZ_5nX8QtBzuOYJnuRu_yp2r_S4H2LS5e8L8X1c1QAOmN7eRr7QGREQ7E
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

59ms
59ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires: Sun, 27 Nov 2022 07:33:08 GMT
pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA5E
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOMxSB5hBykIiBabZyn7h6w&google_cver=1&google_push=ASkJ3FbjaOnQx3Zfg...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEOMxSB5hBykIiBabZyn7h6w%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODIzODY4MjU2NDU5NjM5NTU1Mg%3D%3D&google_gid=CAESEOMxSB5hBykIiBabZyn7h6w&google_cver=1&google_push=ASkJ3FbjaOnQx3ZfgfJcxRw71dN_nwzXO3...

170 B
188 B

47ms
46ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODIzODY4MjU2NDU5NjM5NTU1Mg%3D%3D&google_gid=CAESEOMxSB5hBykIiBabZyn7h6w&google_cver=1&google_push=ASkJ3FbjaOnQx3ZfgfJcxRw71dN_nwzXO38pzNQ2-Uuu3ZEee_5vEY_rdloBbybKZ9BKumhpSLO7Ei9kgCA6xGTiJUnRkNEDzWSFEWk

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:07 GMT
AN-X-Request-Uuid: e5485d9f-071d-4e76-8632-5be350f634d5
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODIzODY4MjU2NDU5NjM5NTU1Mg%3D%3D&google_gid=CAESEOMxSB5hBykIiBabZyn7h6w&google_cver=1&google_push=ASkJ3FbjaOnQx3ZfgfJcxRw71dN_nwzXO38pzNQ2-Uuu3ZEee_5vEY_rdloBbybKZ9BKumhpSLO7Ei9kgCA6xGTiJUnRkNEDzWSFEWk
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AA5E 0
12 B 45ms
44ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L39dtP4oX2ZgWcIoqWDlPXKK2i84y9V3AGe9JprjCrZfuXqmMsP4xFNKOiKH-4DyNDmIW6dqXd

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 115D 88 KB
29 KB 533ms
533ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 28 Nov 2022 07:33:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ADAD 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 05:05:32 GMT
expires: Mon, 27 Nov 2023 05:05:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 35B9 783 B
535 B 47ms
47ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0a6b97d9bb826082d53d527948dbfe5a62822184c40fee8b5024a6f70c34759

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ncSb4f6gFixO4b3CB7ojeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ncSb4f6gFixO4b3CB7ojeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:07 GMT
expires: Sun, 27 Nov 2022 07:33:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 index_0_250_00001.ts Show response
streaming.playstream.media/storage/videos/6ffc001c-8a14-49dc-9e6f-3cb4071f5112/ 628 KB
630 KB 38ms
37ms XHR
video/mp2t 138.199.37.232
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/6ffc001c-8a14-49dc-9e6f-3cb4071f5112/index_0_250_00001.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.232 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-232.bunnyinfra.net
Software: BunnyCDN-DE1-874 /
Resource Hash: d5a3eabbc1f43d202b1c566d85f2f84100e9ec9ca1b5f6f2719355876015454e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sun, 27 Nov 2022 07:33:07 GMT
cdn-edgestorageid: 1053
cdn-cachedat: 11/18/2022 06:17:44
cdn-pullzone: 1024237
content-length: 643148
last-modified: Tue, 29 Mar 2022 11:16:03 GMT
server: BunnyCDN-DE1-874
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6242ea73-9d04c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 6383d170704d259ad2ad6370a8c13ce5
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BE42 0
12 B 37ms
37ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?A9hBMA
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 6296 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: 4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
URL: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 04:53:36 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 825ms
824ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 28 Nov 2022 07:33:07 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 70D1 4 KB
3 KB 60ms
59ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=196439&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB&c=300&d=50&e=&g=4e58f6bbcf5335c582c709c994fce8b7%2F5381838147590140451&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqvvcfn2sqbxz10rk7mph4wwntasetvw4b2bm8e4jxnepdwvg50z5r0e7fc3nrn4smf9hh7csmf467x6y8gr1220cx7b411v2kzkxy4x8vvfef2pc0qf2wktm5sak8xbdkra92rqgkwk3h5yqtsgcw4j46epg6tykxsw6b7vb2zwch1h3dkz61pcbfd0vaqgpc36t1ewh91ympwpfd6p934sxbgywrhjmmtn5sgz1frv3967ar1jfvpnstm8cgj2qy210h3td3zqy1f2zk92g2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1374625c85486397f165bde97d682f78834ada7f54e41b4e28407b1535d345cf

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1j9f2erqdaptwnjpfgqtvrt9455vzbhe75z9qx61naj1k8kh8ghzbgw8r1bwjjvfk5b36yehy7tq46yxk62ygpevgab5vx0332gy3zy8pfebe1jayxjq3a58vjw3hqm9hjnj39yszgbrz3v84ptftzymgzgcptw29k14738swpvadb2dbh9q398rywa7svpvp849ph4xv35d83n0e9zasw3r23q48j7j582wjb6n47jyh2w264xcabq2b80r803sgz50g15qafc49qzjmd2tht7azne0s8xk0xdaa7592d1207rtj0a1ggsjw88crzhkhnfr116vj9jy39msf70fr1qaqapq8s2msv3csaz3dc3nsnp6r343z96rwqtv52mn1wkt6pxgtdp659btfm6zjc9xn7r7wdddt611ce447nzh68g429j15kwhwm54fjmyjdmnmwdy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%26client%3Dca-pub-2128757167812663%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77092c83ea279271-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:07 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 36BF 11 KB
5 KB 57ms
56ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d04e5745f2b38a9c48cbb922d951b50dabe24f7b5fdf3d2b48137a4a442024b2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k9n38px01ftngjkx4ptbpf9vtjvx6xmdgamrh40364nzbgp6bhg61j85skx4e1kb6a4fqegk84gp2hz4dgs6pcrasepazeqjyhvanmbp82p44v3yamkhyx8qj5904de911x3e22fgathdxnb7bc2pmmtz2g4hzy7dswsz9atkc0w0gdngqr6rg3q4c580s9z1p7v0hhyftv6jkw0y2zdpp1d64qpjjddvb27gq09vt6dyrhm6mbqd2w3qfkr73gmz1n6rvptq82zy9p2r0dzrzn612xnhxqafex248wcj4feevez8dc7wj053phh2nr4rw08p3epqnecqp2987eswgj31cpm99g8za5pmxpfg5cywnf6arn6bvfbaskaqc6q74mk1vf4f3fjz3nazgch0043g3v6byrw9dych9grjnjjs4c0vayvqtgz32vfzvry8wmjtwfvg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%26client%3Dca-pub-2128757167812663%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77092c83fa2f9271-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:07 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5146 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbWHAAxWsIaeK2kQEIxTeRD37vBX64VZ_Cwkmh60FwJay9f1Mau8szZL1k-NY6emqGwV7bFLLUzjRBwGuA5UL9-nLq&sig=Cg0ArKJSzAO_qbqVo2-AEAE&id=lidar2&mcvt=1000&p=1076,298,1200,1303&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3490001028&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669534384921&rpt=1840&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A3B2 42 B
64 B 75ms
74ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLHcvFq2aHP6FwWI8tp70rJ5I409onUv2qGLLVbPWSZTTfjndvBbNuqp4zkijsKiNt-gSJGn0_VE4XZ8TbgIBbxgaRPFV2DnwR8d7PNcKZxqRV9YbZmEu4Wk18UmlxjlrqP2vwLg&sai=AMfl-YTG9LWq1JN2qxXTKNPmMXrMytN6mBZJ_fRRAxU-GbM8kBoQAj25f_lpmXo9EOWXGtPh5zWGExcFz8KW-ZRAccrOS4MyaIYJpkA9LphzIzmjRFmQNEj2wwGrdgujbQ7veXuhxdwY1SmPAFfNkTKP&sig=Cg0ArKJSzGepj-6Jka8SEAE&cid=CAQSTADq26N9hr7EMeyJiZKfJ2RmNJ_lxz2wNYbr5YcRBvmXtxgNCfZRxDxj8IwYnRtagUN4GnKF6L4IJRU6JTDS78SD4D7i7QO7KR3HbjkYASAT&id=ampim&o=464,268&d=672,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=1939&tls=2940&g=100&h=100&tt=2940&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F337 0
127 B 47ms
46ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 27 Nov 2022 07:33:06 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5DAE 42 B
64 B 75ms
74ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwZS1GL7BUD8n15S4Ec4SBlZAg1GSEj9oKkZjSC2PLPSeJthKpO_Y_Cmj7fk9qTWVOOtibr5wqB3TJ7mNI_xrEBXqcvBbgnyW3PBwNrWr9IsWJ6Xoeq7WKQYPR-BZ6HfcjNMAsWw&sai=AMfl-YQcTv4VS3lRh5i8U-E8U_dIQ32fKI8pdStO97YTnISfoQ853FtoYXQIsOmaip1hTwEa9vPv4TI-_raE1Ttn2Q39RwN24ZioGha9KogNjBR-lOotWBz3nUzKgAl8nP9ZUNN4rAOhn1XHutgF3HFC&sig=Cg0ArKJSzMrNQPCxuytbEAE&cid=CAQSTADq26N9hr7EMeyJiZKfJ2RmNJ_lxz2wNYbr5YcRBvmXtxgNCfZRxDxj8IwYnRtagUN4GnKF6L4IJRU6JTDS78SD4D7i7QO7KR3HbjkYASAT&id=ampim&o=989,713&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&tfs=1915&tls=2919&g=100&h=100&tt=2919&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 87FC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=earnme.club&sn=ChromeSyncframe&so=0&topUrl=earnme.club&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=0fln9XxHRFJuSzJUSmJkbVFicFNXUmxmQ0dMY1FxZUpPeXVTcEZYMndsWkRyVFY3dmY4TmlTWGtMMzN6ak9hczdsczBVZmp4Q3pScHBYUkU5eXpsaG5tZkJyUGhiUzFqZFlDK2U0c3BJNTAyUVRUbGxLTnpYZjlyTVRPcn...

420 B
654 B

179ms
44ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=0fln9XxHRFJuSzJUSmJkbVFicFNXUmxmQ0dMY1FxZUpPeXVTcEZYMndsWkRyVFY3dmY4TmlTWGtMMzN6ak9hczdsczBVZmp4Q3pScHBYUkU5eXpsaG5tZkJyUGhiUzFqZFlDK2U0c3BJNTAyUVRUbGxLTnpYZjlyTVRPcnUyMjZGMUFZOEN3V3NleDE3N09yamRyR0czVFRyRkI1cStTeGxEN1ZOb25hZXlEbHpFR1ROK0pCSTUwcnZjRGRtU3c0a1pRUXZuSXl1TzJiZU5vV2JCbmFKOUl2d3AxRFIvRDRBclc1UDQ1VVlYOEQ1cnZhR1RQRVY2ZWNFWXMwZUJIaWlNSFN0aVk1RTBQSk5kb0hYbFk1NmV2b0plUT09fA&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aa9e134bab8c1b867412c14fa1406a5cca132843e5ea21d071db34330bfd1501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2480881
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=0fln9XxHRFJuSzJUSmJkbVFicFNXUmxmQ0dMY1FxZUpPeXVTcEZYMndsWkRyVFY3dmY4TmlTWGtMMzN6ak9hczdsczBVZmp4Q3pScHBYUkU5eXpsaG5tZkJyUGhiUzFqZFlDK2U0c3BJNTAyUVRUbGxLTnpYZjlyTVRPcnUyMjZGMUFZOEN3V3NleDE3N09yamRyR0czVFRyRkI1cStTeGxEN1ZOb25hZXlEbHpFR1ROK0pCSTUwcnZjRGRtU3c0a1pRUXZuSXl1TzJiZU5vV2JCbmFKOUl2d3AxRFIvRDRBclc1UDQ1VVlYOEQ1cnZhR1RQRVY2ZWNFWXMwZUJIaWlNSFN0aVk1RTBQSk5kb0hYbFk1NmV2b0plUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 693188
content-length: 0
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 35B9 0
0 70ms
70ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3616434489605761&rc=
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 36BF 89 KB
11 KB 53ms
52ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669235721
age: 297288
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 20:35:56 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669235756372606
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2F15DncCpkqLD2AFqDcQaaI7v8u6%2FZZ45itjieXnZDfa%2Fo%2F6CCjje8lC2F6QFUms%2BQzxAUjeUlpLiY35ZxGyDyGDAHdF2eRBwByRwW4cTsgRq7R5xTGXCbEUJTuk8XMrsT4ifksagjk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77092c849b169271-FRA
expires: Sun, 27 Nov 2022 08:33:07 GMT

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 36BF 8 KB
8 KB 61ms
51ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1747396
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCYxAaMZErScZ0TWXAMQOWA0qsJpJlnYU4Nt2k5nkGppZl93bcW3UqCFXAZnziB6kjYAMO3sD1BI39zjfky5G9Jc1h4ILWvjL8T903diPFed1EUVbfEZ9fBVZGuglcDN8BNxsz7JEpGsl7Yl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77092c849a35bbb3-FRA
expires: Mon, 28 Nov 2022 07:33:07 GMT

GET
H2 200 AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame 36BF 93 KB
94 KB 66ms
64ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 207438
cf-polished: origFmt=png, origSize=155400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95550
cf-bgj: imgq:85,h2pri
last-modified: Thu, 24 Mar 2022 15:45:36 GMT
server: cloudflare
etag: "6fddd7204b0a0a403f584248bda12d72"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdKrrYaoQeffN6wcPSt45JDfloBrx5bRB4vw13irqKRFeOwyOJF4lDGXZ63AnB4mzWN8SA3mTfGWU61cutp%2BtVIJ0%2B02BBV%2BfyqIrU1PfUUqd24gwSKCilHpaayHLyF%2FAE0QqPOyr2vR0Jip"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77092c84aa3ebbb3-FRA
expires: Mon, 28 Nov 2022 07:33:07 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 36BF
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJaekaHszfsCFW7nuwgdhK0AEA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidMxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669534388_bd0bb5e0-6e25-11ed-9d10-2262c713b6c4

0
517 B

271ms
40ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669534388_bd0bb5e0-6e25-11ed-9d10-2262c713b6c4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:07 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sun, 27 Nov 2022 07:33:08 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669534388_bd0bb5e0-6e25-11ed-9d10-2262c713b6c4
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 36BF 5 KB
5 KB 54ms
52ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2120645
cf-polished: origFmt=png, origSize=17428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4642
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Oct 2021 09:58:13 GMT
server: cloudflare
etag: "aa8fff6f6c7d296f039d5bcda00d5257"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTrkTm0hkOaUCCPjXzqlVcD%2FCrzdOfSLmmpd5sLhENRaWt1kK0SKrBe92OLelFM%2BdpprKdLJ0ACUdinVjngrhVEWUYYR%2BHYPqRFpsEuUIOfkVP7QU20FkSroUEqezlr%2Fm0pZ5U1Jv5ZCc1ZA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77092c84aa40bbb3-FRA
expires: Mon, 28 Nov 2022 07:33:07 GMT

GET
H2 200 FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
assets.ad4m.at/product_image/ Frame 36BF 359 KB
360 KB 55ms
53ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215929
cf-polished: origFmt=png, origSize=565110
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 367856
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Oct 2021 10:16:19 GMT
server: cloudflare
etag: "d711e4bf72811e8e6e7f50c634dcf690"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05rPZTNfSy1ccLWKUOcuUDQ4bYbq4I5Bex7eaa1ZUqeETvF%2BweYtxq%2FuGD4O%2F4P%2Fe%2BxfHSKtjHIr56dFDHilfX%2FLMlyw73FebQebkxyPulqW3FN371nNJaw%2FYTAgEMDlud4LrtorHmn5eVHV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77092c84aa42bbb3-FRA
expires: Mon, 28 Nov 2022 07:33:07 GMT

GET
H2 200 C7D0A57663935ACB204E1E49CF05A9DB79A0F26538557A782BFD3796AF7504BDFC9FEADE507DA8021F6F4910729600339BBE3355A388F5714828A2ED0B9C4AF0
assets.ad4m.at/logo/ Frame 36BF 13 KB
13 KB 65ms
64ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C7D0A57663935ACB204E1E49CF05A9DB79A0F26538557A782BFD3796AF7504BDFC9FEADE507DA8021F6F4910729600339BBE3355A388F5714828A2ED0B9C4AF0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71ca7fcb5b1f41918188022035ce72f844b299b7ffd064c4c9e3c9e596569743

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1516796
cf-polished: qual=85, origFmt=jpeg, origSize=38332
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12866
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:12:43 GMT
server: cloudflare
etag: "24026408b8f2c4498a233cbbb8507821"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4Q9mAeuT7BdZJ8baj1mk%2BOopT4rDuW5s6OIuwq0G80qGkd5yb%2Fk72U0GQj0zRnZGYjETbLiA3VG6TI0EkkYVgHfdsDdfRxLW3g%2F%2FWRzsV%2FwXSlmAwPjISMQJhD4ugP9j5nbURF1f3b6Uzx9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77092c84aa43bbb3-FRA
expires: Mon, 28 Nov 2022 07:33:07 GMT

GET
H2 200 3422B222C63ABA094DD878458B492EAD2702A34D0B4A94DF1894C046A5911BD4297CCD5C5898FD53F62E079B8D1B73737960C5F7DF3FDB5DDEE88068F96E72B0
assets.ad4m.at/product_image/ Frame 36BF 70 KB
71 KB 65ms
64ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3422B222C63ABA094DD878458B492EAD2702A34D0B4A94DF1894C046A5911BD4297CCD5C5898FD53F62E079B8D1B73737960C5F7DF3FDB5DDEE88068F96E72B0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a7a1458058fc8e9a0b596590b7f7eb8a5c3b66280c1b626dc0678fe8f69013

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1429985
cf-polished: origFmt=png, origSize=123808
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71926
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 17:02:56 GMT
server: cloudflare
etag: "541023891e1b079af000e6373725dbc7"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cx%2FSm1JFPuCU%2BPUgSDkjs6EGc44K0cqBfdQpoZtKBfCz%2F9RTUr0IgluT5NRDCeWvlKS7HgAuGBPcwD%2BUyIctvJjnW%2BbzosEzHnPqw1AjLBKNwwAE8EZNpge9ZwDA685NCWLTNVDHOv4AnE%2FN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77092c84aa45bbb3-FRA
expires: Mon, 28 Nov 2022 07:33:07 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 36BF 43 B
702 B 203ms
67ms Image
image/gif 23.203.81.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2941308&v=13686&q=411418&r=412871&pv=1&pref3=oneidYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6qoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.203.81.208 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-81-208.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:08 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 70D1 89 KB
11 KB 50ms
50ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB&c=300&d=50&e=&g=4e58f6bbcf5335c582c709c994fce8b7%2F5381838147590140451&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqvvcfn2sqbxz10rk7mph4wwntasetvw4b2bm8e4jxnepdwvg50z5r0e7fc3nrn4smf9hh7csmf467x6y8gr1220cx7b411v2kzkxy4x8vvfef2pc0qf2wktm5sak8xbdkra92rqgkwk3h5yqtsgcw4j46epg6tykxsw6b7vb2zwch1h3dkz61pcbfd0vaqgpc36t1ewh91ympwpfd6p934sxbgywrhjmmtn5sgz1frv3967ar1jfvpnstm8cgj2qy210h3td3zqy1f2zk92g2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=196439&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB&c=300&d=50&e=&g=4e58f6bbcf5335c582c709c994fce8b7%2F5381838147590140451&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqvvcfn2sqbxz10rk7mph4wwntasetvw4b2bm8e4jxnepdwvg50z5r0e7fc3nrn4smf9hh7csmf467x6y8gr1220cx7b411v2kzkxy4x8vvfef2pc0qf2wktm5sak8xbdkra92rqgkwk3h5yqtsgcw4j46epg6tykxsw6b7vb2zwch1h3dkz61pcbfd0vaqgpc36t1ewh91ympwpfd6p934sxbgywrhjmmtn5sgz1frv3967ar1jfvpnstm8cgj2qy210h3td3zqy1f2zk92g2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669235721
age: 297288
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtnqpkBC2eNpIttCC4X9D-yrOoXK0HfmyiASnHmc5dpKNlZrWHuml5v2FihfATK0UIibbwmZ2MH5YrFqJYKDzRy-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 20:35:56 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669235756372606
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRoM3MEoU9sfwbb6T30kT9QlaBRRHa%2FhGT6DaRpCubwne6pBUyPV8VMAG1%2F5TLsWrmnoYgNewakClhFVIJ%2FOBEXPlTThbEROsqoqD2XEIplJOusPA2QkHSd4%2FYopQxpSOR8N1ceqwq0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77092c849b239271-FRA
expires: Sun, 27 Nov 2022 08:33:07 GMT

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 70D1 8 KB
9 KB 52ms
48ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB&c=300&d=50&e=&g=4e58f6bbcf5335c582c709c994fce8b7%2F5381838147590140451&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqvvcfn2sqbxz10rk7mph4wwntasetvw4b2bm8e4jxnepdwvg50z5r0e7fc3nrn4smf9hh7csmf467x6y8gr1220cx7b411v2kzkxy4x8vvfef2pc0qf2wktm5sak8xbdkra92rqgkwk3h5yqtsgcw4j46epg6tykxsw6b7vb2zwch1h3dkz61pcbfd0vaqgpc36t1ewh91ympwpfd6p934sxbgywrhjmmtn5sgz1frv3967ar1jfvpnstm8cgj2qy210h3td3zqy1f2zk92g2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1747396
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ODoTmKVPKFhHT2MygPzNChechtTqYH5UiBkZAE4PX4fd2T6lgr%2FkqOKQm3Sdb8P3q%2F%2FPqoEo%2FdP279ZF1cGfKjrZNJLIKD8NTu%2FiWvuGNlT%2BDgR6UFMEWdb8jkZUN%2BMRL%2BF49aCKIMetTNG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77092c849a36bbb3-FRA
expires: Mon, 28 Nov 2022 07:33:07 GMT

GET
H2 200 96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
assets.ad4m.at/product_image/ Frame 70D1 43 KB
44 KB 64ms
63ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB&c=300&d=50&e=&g=4e58f6bbcf5335c582c709c994fce8b7%2F5381838147590140451&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqvvcfn2sqbxz10rk7mph4wwntasetvw4b2bm8e4jxnepdwvg50z5r0e7fc3nrn4smf9hh7csmf467x6y8gr1220cx7b411v2kzkxy4x8vvfef2pc0qf2wktm5sak8xbdkra92rqgkwk3h5yqtsgcw4j46epg6tykxsw6b7vb2zwch1h3dkz61pcbfd0vaqgpc36t1ewh91ympwpfd6p934sxbgywrhjmmtn5sgz1frv3967ar1jfvpnstm8cgj2qy210h3td3zqy1f2zk92g2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2084000
cf-polished: qual=85, origFmt=jpeg, origSize=72345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44118
cf-bgj: imgq:85,h2pri
last-modified: Tue, 14 Jun 2022 09:41:24 GMT
server: cloudflare
etag: "ed6f7b3b1b04cd5f78cf354be09c981b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xr2qD7Ga5pNUMANduqS7dOflR2FEIPg43jOJ69Q4mUPIKOOC%2B%2FI1jq08QwbucwW%2FeHUe4TKx9m%2B4vi4Hsq%2B55kjW%2FHncAPjcdNj03md20kszHN0e3%2BLYH%2BapWULE9%2B%2BEEMEVollormFTVLCW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77092c84aa46bbb3-FRA
expires: Mon, 28 Nov 2022 07:33:07 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 70D1
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CK2hkaHszfsCFemS_Qcd6sAJOQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669534388_bd197180-6e25-11ed-bfbc-22342ff4a6f7

0
517 B

176ms
40ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669534388_bd197180-6e25-11ed-bfbc-22342ff4a6f7
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB&c=300&d=50&e=&g=4e58f6bbcf5335c582c709c994fce8b7%2F5381838147590140451&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387635&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqvvcfn2sqbxz10rk7mph4wwntasetvw4b2bm8e4jxnepdwvg50z5r0e7fc3nrn4smf9hh7csmf467x6y8gr1220cx7b411v2kzkxy4x8vvfef2pc0qf2wktm5sak8xbdkra92rqgkwk3h5yqtsgcw4j46epg6tykxsw6b7vb2zwch1h3dkz61pcbfd0vaqgpc36t1ewh91ympwpfd6p934sxbgywrhjmmtn5sgz1frv3967ar1jfvpnstm8cgj2qy210h3td3zqy1f2zk92g2g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy1o3sRKDY62_G4259u8P-6CQ4AKQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEigJP0OXTFk6pzdcTl3qCNIY3HBKdtuYrr9k-0BKB1Kqa8j86xn984OKNORDXPfJrCSN3XclFi8u5y6oyk8CmgHaV7s5KJ1OsasbFpGoHEG-vwi_7R-8NijX_Fxj4HQxfMho4gpPMdFDYBCrcUq0hbGUS5WUvxX3y3m29y9xjpCEFkLCssuo7ZnNZQ6mgZFZ64Yonro5hNYSowTrNjgyVTVIU8O9vZEVhyS7or9B4xSU037rGaXe13-8KV-i2euzt8dyMorLZW_6Ci6R8-HmaN7hJRDb4686djf9rWzTmV2GLjRhkZ1qrzc5LnVZjOI6G3CkreHNs1HymS4mzSvTR6QzhyZLLRjewxmOlb-AEAYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3qe_fDRmAkbILXH_yfFK2iDeaePw%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:07 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sun, 27 Nov 2022 07:33:08 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1669534388_bd197180-6e25-11ed-bfbc-22342ff4a6f7
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame ADAD 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 04:53:36 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 0652 89 KB
29 KB 735ms
734ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 28 Nov 2022 07:33:08 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 36BF 2 KB
2 KB 207ms
95ms Script
text/html 18.133.50.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3766811&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j4scs45f285935g1efdcsgtbvx7amrxgww1dydzz7hwk5bferh6jzh44zk8ftz16693wz2e5j39sv5rvbhz8tdx9wsqkv05b3bykhrzmnht6p9sng1jw78vsxqrcqg1tnsdzw70j37wmkh028yaphxaz6xc6asdxazcw57fdde25x0warcxktdsf12ngez6p65t3veq4dvgdha3thq36ggph88d81datesqvhhx123k2739pzz3kxnm007zv5w80980%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%252526client%25253Dca-pub-2128757167812663%252526adurl%25253D&clickref=oneidQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.50.153 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-50-153.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 7ca845ec82420d7c71882f49bf407d425aed985945706eace9bcc5140a3e444e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:08 GMT
last-modified: Sun, 27 Nov 2022 07:33:08 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 27 Nov 2022 07:34:08 GMT

GET
H/1.1 200
OK f5bfe45bb2 Show response
tm.simptrack.com/tm/a/channel/tracker/ Frame D26B 44 B
891 B 137ms
44ms Document
image/gif 46.4.250.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.4.250.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.26.250.4.46.clients.your-server.de
Software: nginx /
Resource Hash: e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 44
Content-Type: image/gif
Date: Sun, 27 Nov 2022 07:33:08 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame ED71 89 KB
29 KB 731ms
731ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 28 Nov 2022 07:33:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED71 0
0 73ms
72ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1715103306569748&bg=!-Pul-7_NAAbvMpMzzzI7ACkAdvg8WmlXPjfyn6LyI5WwNiYG30hpJyVwHlNsvf10AtGgBRLvQIqOOwIAAAE-UgAAAANoAQcKAMXl4IHlaJAAvVJQ6UGyvd5DdhrPjKj6UsHOYIdHWdbRqcFa_dipXy6hhalJQYwAdFsqEsXtAA7Ory-BnWkNymxtDwyztAtMatYAaocOa7uMHlLXu6Iqx52yWdirrTvZ1ilf0GgHt47nZLOEVqoLAq0MUTus35zbNvtkYQ7NUyXy07Hdsg24cXGITPTtVGkGvji-FYHBSKz24Wq-2jH1rh4LKBnCLFXSoBslNtxTii1AFIolkoSsvH7GDIXeazZBanwHoh2oQZkCt9FqOkzxk0p1oMjnFYvptVE5i_N15VUky2BUswJ__BHkGCqo9bZNz6mapVjXUje0Xc_xfbcObITnUksVQQdwkBiM-gWwoM-RjAv1LlyEddhYV5NUbaQFb1jyYmMxJGbyNq4V8QaDtOTjpEERqrICXfK0ByAVc9wONC4w9xg6dDLwMMhKTIAlJds_YLcgq-Fb6aPbKVtscTpsB8UWUqjufBQdLeBUunVlhCVbvwqrtkP7tYIFg2w8G__Kc3SRSRcAlfv_tlRQDGGD7tNwNHTfO8dX6rMy97y5ZzxdGrrDHtQ7lK2xx4Zixe4RdrB5EqZT0ZPlCOHYIBvhdiwuExexVywxWZ8cYWOWN-ZaPDdj9qQp2AXnBW5GdnM97tQ4L5UhKDFzhniOFegEVSBOjQNJwAZEUEdSLMw1LaqaIHyHaGhkUhmCa2eEgxfFAW4XE-7LsQ5nT4ycJTEMQqFP2Ab9b_gMbOraQ6uwoyAiC5fzLFsC8Xw239sepv3IX8NZpFqzQQ_f659oAJhuz4zz-B_d183sWeLg-C07XnPxJYlCBNYXyJrgS3ICn_esQhJl1UdCy4yhZvPIuXfAiXHwTRiRLrLG7cTWq2s2rzUGF_HXH_mrUYR9KurG_sDmGxB0P0jOub5a6Z1nfFc7x33OpM6NLYmy7s-uyMfTkYh1iGNHKou5buPnNBIRasgqDDLgoous4pWf4VVaC9FtH2qMPdtBfmjfcAdFZu-fo18gKBgwRdCxyMVG_kdW0lJX0-Lq-dOq5WDV0U9zXPijiou714J8xy7lBe-sdj4FUr8Kjs_W9S1mVp5D-OiiLK4kvr4OLBAa5fTc4PwoRXEcCkTNcLpUOnjlwhjX8t1hE8XT9NgMy9Lzh9Ik5HrTk4A5ZKeuItsD0MnPBnodbEaiZOAVuSnDCcQhp1z6jloS
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2F93 42 B
64 B 81ms
81ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwAupR6RtJLlecmVxIUd02LHe8EeofIBJxzhDTa84fS73WkT6Lkq5do-CIjqcnkvcxYheCLN9TM-PHft8D3Pd9MPtFV64OhUZbvMuI4selq1tA6z5hdjNXZSZ80-spqvhT1IcARkOJntibEBzNZQ8vPLDdD2_1TexnBVZsZDAlvHbJNwC9vcbAfVaSYdGhDNHnQowhQ1xGTW2X4tvOrmgjjm3CQrXEXXClgn7hb8pgLGV4e3enZtlTKEsxVwNnvf3XYMI6rMb2Rg1cg-fxH2SCNrUeIIbttafEhnCmL0UonegGUaEDN_SXxe8XKQzp7OLJz4RvYkQsi8oKmio05eraM0rblAo-XLcvobgRYV-MU0r5cPqLMotu1Yiy88oqT-EUadGqER7d0h-0hVXKVfMLlMFgojcpVJiQn82KwZMi5eTgDxNBn23S7hQqTfaERF86T98FTHp1BJKtl6BRxXB-PXN6zrvHtGOHrWQqwWxoRyID_-K_aiGZ21yphLOCupPOhDLA_sZgIeLX3BdGQ3nxsMskxshaThXi_eVes3aRsz9DgN0culM8mBzBoZP5MkdzQ8732FYZZoSHj0KPSWfagSu1pygcNPS5rwhvuY8y2bSJIDz2U165QuiIv7j-vcA5XWkRVY2OxIiMYtS3ppNBrQsTxcOq9MelzNJozPP3bO9S5EpkkZRnwLgE7hSVK8CYQcIaTMf9kjhO3WP1NbjQxQQ1PlnLRyCv66ViZUsMqjTKvPWlrNdu6PyusdG3xvqx8t0AJFxDMb_aw06p6f4EgDOsbcIc002BnYTjtIAzuP6a_MAyFHxYDK7Wzsk2SqV-_vu3rSutfcclc_2P4mbmcPNhmHi_7Z8Y4WYz24pQEGhuDBX2XAuRP96Ka5IJmkDqSHRdAqZ56KYjXDuq7xl62qsOEby6Y1tB_UKBozo9B0wMtkvhTwyUSMUExl-NvC6H3Qt672e8LBpsyzDf0nEwBndOf65DFWywnxhCSQafqg7KOdxDwcNF5IwANRIBh8btRJ493hWOGotN0xSdWbvMRtpUBfl_fnjbZiMoKTUMVOrf0mUZ&sai=AMfl-YSZDD9A2K8z-J8_G21lCki6HZLHo4OUTe7-RTo1cwppngZQgBQt8MhtSQzE9KYALiOT8VS5Adhp1RqPvxYMZKRQG7bKI8-UcydGgwmnoBMh9XbF6oPXAIRNln2DVyri4XB4hA7fU2UCZdtK&sig=Cg0ArKJSzPJgwMFo5Y3LEAE&cid=CAQSPADq26N9_UTOTUQBPKMnCZ-ULmd6fVuJpX-nEXAOcnb41HIn3UeVPoRNPkvtcUWYVRX89XXgwveXyR_XNRgBIBM&id=ampim&o=315,154&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=593&tls=1593&g=100&h=100&tt=1593&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0652 0
0 72ms
72ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1713075332049328&bg=!p6SlpODNAAbvMpMzzzI7ACkAdvg8Wqo8sSbU6QcHLhCwzrwFLfeTLQ1XDu2RRPMkoQQNvrSfHjF3CQIAAAFVUgAAAAJoAQeZAqszZnIUr3iCZikxZmg8EPbFIkZc5jlEFh-Pu7hecrZKSlzBs901lIn0SPIiVbNMEj2eYKNWvpnvAKyAjywIrFXlKcLLZg2yek9iuEfiSgq6cc-gFql_vEXM3eDLoCnxj1K3DnkVW7cXSsnGIyhHg6plJAOMzz6cFewlc7qcJzxQF3xAHAZB-Cg7qMdFjKI4VAY--uhQbkVUBP7pJmYpCevBPwfk3RNpaWhULtHP0IeJ1aHnMPQtBeRtzc-bX3gfVRlV7w4ilqgXHFc-UHuj_crz6tc8bUlrXe5FwoHx9g3uv_tu4-jZXh75Z-1oVe2R_bGm5IhsPDG4C2Tk2KqOBMwCKZYNCIPpmuofUcRQXRT0ZVvtC3LCU9DMsdlBom3gn6W80Pe5aj8gNpo4ggY7SS1UULmSq46LHFlVmhYebzxkrUenN_BSOfDBBsKFs6f03YbDqd-5rfGf4aVa-zSkduDwAhgmTtupxnoPkBdOavLlgHgI7a1KS4MYiWuDFOn1YjNIYnvD9iXufP9L35V3pF0hjtX7f0UrtvxW7t8zo1ilb7OfepTEKG-zR-J88t3jgRXA1uFvHAeOs9GiQX7-GZ4qzzg4wwIXGvdEB_MPCwsolqdtXg9_SpWy_yAZqJWvyD5nHB-G_hFw58XYsEBr2SGdrUHm46ri4jWaCtrPCSDDY5EHMFQdtrRENb6JqQtnZ9Z2qFdKRqM_IVdbM1_ajFzRAYY4UQLmEn8RMz8NZ8FDTE78-BB0EhqbGYqR0Pb3B0TBYnKB_Tt0sEX0vDaTnFLExN_wEzGDJk-acnDF9s5HA9SCp0QVFFW7-XmlkW2M2olOHWM3S6fU4JfivqnAJpRWHvARbk5MYPHVN9HIJSh-jP-q4nW1kk2162KPERtnGwQHSWiztGmS23cVtA
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ADAD 0
12 B 36ms
36ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sfkr0g
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 36BF 85 KB
31 KB 149ms
41ms Script
application/javascript 65.9.66.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766811&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j4scs45f285935g1efdcsgtbvx7amrxgww1dydzz7hwk5bferh6jzh44zk8ftz16693wz2e5j39sv5rvbhz8tdx9wsqkv05b3bykhrzmnht6p9sng1jw78vsxqrcqg1tnsdzw70j37wmkh028yaphxaz6xc6asdxazcw57fdde25x0warcxktdsf12ngez6p65t3veq4dvgdha3thq36ggph88d81datesqvhhx123k2739pzz3kxnm007zv5w80980%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%252526client%25253Dca-pub-2128757167812663%252526adurl%25253D&clickref=oneidQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-110.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 06:06:18 GMT
content-encoding: gzip
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 5211
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: L3-YcyzAFdkQjhqkJBJ2E-NgoyRdsKj0onlnonuF_I2cB2b-jGJ-3g==

GET
H2 200 1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png
cdn.track.production.webgains.team/287405/ Frame 36BF 5 KB
5 KB 209ms
67ms Image
image/png 18.172.226.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/287405/1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png?Expires=1669534688&Signature=Mg4RSG6Tuy6IZ4tYUJxVST4aDDZAWHGkd0D3Cub9k6JJbzpo6gA023PR6UgvHDcOrZGe~7kUElSiyntzGU4eySyxV3vig7YvbgS~uqgJFoVBo2tT8r5lstoztOeLamVttRusuY6eGnmFLts8SoONESmq6lmJ0EHDW0JLDDqOFh4M1t~NfSmW25KlYv1IVh5GbRl3TnAy9tP8iP7rE1S2XCEMDhYnX3zd~xv4N4konjg9VDpmAb6WOG8q8DKN~49jIRG9lY4B7iR9V9XpGN28Ryacuh4-z7eJJfQsc4ogArOag2-anFwIc6G3wx4Zm7QfvKkvPTftar5GWXdCRwjubg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15255%2C169080%2C321054&b=MxGHzfrf1zRuWHEHGtDt2jpCBS4Txr1CE2g7%2CRx3HgfQfGGG2akHwH3tQtwKbbh9SzTYMAhB3zZ%2CYxRHrf3fzdBwCVH9HetQtgB9skS1Td9rF1Z6q&f=625hef3f6wmheHmHYtEC5kmtYS1T3V8cERB9%2CQxWH4fjfPPPXcxH5HYt9CbM44H6S4TGD4HEzJ5%2Cq42umfWfZ15ESZHgHDtRCrPjteSgTJD5sq4xM&c=300&d=250&e=&g=890ce673a59c06b9f5755301e745eaba%2F8467817242429078341&i=25174%2C65760%2C21854&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1669534387643&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jyec8bfc3p62n7jq86t3tj9vj6x9sahw5ycgf1fx8vgfgh501srphh4ment0axd97jye2cc50d5zdh82qesrapk4tjtawznhafjrpf3rpawvhvk9afpswpn9j2g7vmgyrcp1v4y556j0yzcnw1jpzshd7v4zd8me2k2217cc06r9hxy68evqt82k1b7vhrss9v7zwsmcrpdf4k9c82yf3fth43yxnf7j83s30t8d064ntj58vnqyb5mgjmq3fr8hd1y2ttxj7kc5gnpma0v1rhd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6XFusRKDY83pG_D97_UP_N-diAmQ4YGEXLaoworwAsCNtwEQASAAYJXaiIKYB4IBF2NhLXB1Yi0yMTI4NzU3MTY3ODEyNjYzyAEJqQL9XeJ6n3CxPuACAKgDAaoEhgJP0KnkUXJBH5kALFWXPb6v8FWl_bgH3HpTpIJnPOFo7EBJCPv1z9s56T5o0l3pexwyGPid0M_031lsU-3FCGOytaaupUwKqJede9aTsjYRmbwjq0RPm2_llusvshvV56_f4cqas2kn6P697KcVzwaOt-0hqhcewIexcAubS-JYRXT-zQqvjRDxocawChOAa4crk-8YgVJcz7kwHOH00yOdxWitc3pygsvMeXAmPfQXQgfHYXvamEh1RmYCpWzcf2CFUkrIBJgi8KKQ-EL_NYeKuoZmLGeUqopQ446d67E0pc_RmTrlzpG2hyjlQ_ZUN0mNQOqg1VctHLgFGSnfAIquN7hoBZRT4AQBgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_29t3JNRxVF1Cdmt8aFU27WdVQgJg%2526client%253Dca-pub-2128757167812663%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.226.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-226-34.bcn50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 26 Nov 2022 08:36:40 GMT
via: 1.1 26128c902f606477b4fcc17362e0ae9c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:42:17 GMT
server: AmazonS3
x-amz-cf-pop: BCN50-P2
age: 82588
etag: "252bcf3942798a64e6a899b7c6e034d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 5216
x-amz-cf-id: sYu3iJoui2pbg2hh40ISBXDi5hQFpLQCt2CM31fmvWbu90IbZSt2zg==

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 115D 89 KB
29 KB 660ms
660ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 28 Nov 2022 07:33:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 115D 0
0 74ms
74ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=2151695117715161&bg=!q6ilqOzNAAbvMpMzzzI7ACkAdvg8WncQ3BUFD3cbJqeR2yT3yPSWCO2pEssDS7DEyWH5ydRv8ndWoAIAAACeUgAAAANoAQeZArpGrTx61sL3hhB7CDtIl6zlo0_zvx4DWlpfobszARb6UafR1JC0HNOlI-2FjWSnCP1-sudkcvln6RLfKCXCggAispiz7ymFygG53rBLItq78c7NUarxO6gVDA4BSX9rKzga2VJ_KIEecwQwDPjfBvidL4hepyDOJdh4FWq0FjTLTqDTFVJ0VGGlb6Pwb3Q05uyTSuAeNB9SFoQieLaq0CKBQotchLfKtQ8tv_WQrIhsMaGyi9uo8Oo8S5PHelFBsfnDu0zuBmi_PAio7e562wHWi2YM8CY-jekZH23_vUfwXhpjGxM7L6WnDQMyIW-ugNCjJ3jDUkaRu3sk8sTSJDAMozPdwZGeYDhU7lGJx7JkBltw1cjLpe7Jlk-NCE6SItLLecwJAYIfYhUlpdglEM1rW4fvaN1v2gY0bd2DWECcAAgPIP711cmMwokBpeUr6xsSZETa2_n_4MfDR3E6FnASZi0XSpoQR_fkjCisduBkcLVedyJkRpyqE2inb4JDx30zhoTMtGHfLRvU1Jdf3dJbzyiIHA7IORIasJtZU1Ohi4sHUpfVRZKyyLtfZSaW-4JiOZkhhg1MxBqzsX7mxJTJpXk17450iZ3SYIvPrimSl0Fg1io1PKXxT7JwF3YNg15G9ALUE6IA0QJ1rU76bVXiDNPP6H1cHqSPkDdfbtfbzJE_QmTLEBS2r-era6_Om_tMZ0VSC0mDNC-bU6F0KMAtnXl13cog7AjuOvfLm7w7FW0xmIZxHjwaCE3J_FbIrABsgQ7rp1UYJPyKcNKnjvmMbhaJDnoR7qMyC7L1G4UhAGrk5jFRUh_QCgsqO5N3JbG_tzpvUDAlyYLpa8EVmxSn4BSlR-N-JbjwsbbLjSYQvd-VE0TGoria1MbmXSxIPKsEkRNtgHgwF1DEihplBAnc2HJ0aYQmvfavEw
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 200 /
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame ED71 95 B
222 B 215ms
43ms Image
image/png 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/png
date: Sun, 27 Nov 2022 07:33:08 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 /
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 0652 95 B
223 B 199ms
42ms Image
image/png 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/png
date: Sun, 27 Nov 2022 07:33:08 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 119ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y&gtm=2oeb90&_p=1823378323&cid=1365863235.1669534384&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1669534383&sct=1&seg=1&dl=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Zeb-Monk%20From%20Zebronics%20%E2%80%93%20Tech%20One&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

pixelSync
pixel-sync.sitescout.com/dmp/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=773924&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=773924&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=0

0
191 B

172ms
47ms

Image
text/plain

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=0
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 27 Nov 2022 07:33:07 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skxzdgC2mraOUN9epEltxdZybj%2BpNEtPjXYMQdkNy%2BOD6RR0UExb624RLHqbAQhoYayQmz1Fg0azZ6uzWGLd%2FeILfpdS8WrXJUwn6iaBfAir6GvLfYpqgROSeKdUczR6LBleS36r"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=0
cache-control: no-cache
cf-ray: 77092c89cf429be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=themediagrid
https://x.bidswitch.net/sync?dsp_id=188&user_id=LjfXwdIcTa1P4QsNLw7fXVD_B2c&user_group=1&ssp=themediagrid

43 B
145 B

40ms
39ms

Image
image/gif

35.158.8.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=188&user_id=LjfXwdIcTa1P4QsNLw7fXVD_B2c&user_group=1&ssp=themediagrid
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Server: 35.158.8.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-8-6.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=188&user_id=LjfXwdIcTa1P4QsNLw7fXVD_B2c&user_group=1&ssp=themediagrid
Date: Sun, 27 Nov 2022 07:33:09 GMT
Connection: keep-alive
Content-Length: 140
Content-Type: text/html; charset=utf-8

GET
H2 200 pd
u.openx.net/w/1.0/ 43 B
120 B 102ms
49ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ 43 B
131 B 69ms
45ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ 0
38 B 38ms
37ms Image
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Requested by

Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 55C6 0
0 74ms
74ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3616434489605761&bg=!h4SlhMDNAAbvMpMzzzI7ACkAdvg8WkYJTu-VnJixW3-ZxzCYk-VgIO7Gfyp9Nib6fvkCGuu3zXOMWgIAAABgUgAAAANoAQcKACLnYf5_Khkan0XAn728GXwQFol08pOlHv4ZMkNr61USdSVSmQLJK7vlJH8zx0vIA6AcIlqVk9chL2q7rm0MGkLk4WrH2PW9hBbIPh_ZG3VSmInZzLg_4pSxOoT_V4b8hiyJCZgWufmx_z5N6hzVGbdVPNJiyTtV3k1XYeJfrhC3m376XsO8Sfi3OAHQYHJNBEI9bGLO9MzBXxMO9ikfeHOcusHtMluIFd4J9Yqx8USfYMAmFNh0-a09K0yJuFKYjc9qywc734PYHTlXm92dwZGSpwhxyQX-MD-y4rbTzaNKYlemylp7osP2aWJdEgs_aAh0JPrLbcLBV0Eu34ztJE_gdEIvp01NmgNvJfU4TODnVmAKQFeKGquJOjs93zA4s6wYJfvFYgHmCcdG8vZdTAO9VbGOBVUlEhBQTb5zdJPaVAx-qg8kAhvhwdLk631wUAPGHTc0eDd_iEBVCja-dsxnxd2PDySIaqEDrZJOdbHmVeo4zD1iouHFpdXwWHp6spWicy89rQkmVFG3jdMxydTrIjLRA40uK54jO9SFcLjoO1ZHYKVRe_R83LSUW8SlhnxfPVygoAAP4tYraqErYQInVjgXzJ5re6MeQlVX9EsXbn8IPIa-s-G7mnmCsZ5d0QHbUhbJRByJSI3LSuNZvkU-VDVTteSE6KVpvdKuS2D9ohk1xyY51hKfHBcaSJtxr2nhCebuJZz5MJpZTdj4L7Im_vEK01xYQP-s4R421X7Uc_yjnholFnRPXoN1EbbbRUfuZSPymEHtH6LTbi6VRi6j31JG_RiQnHNOrnD2ZA8uODmDvA85v3ySqyEUcVR3NIieDVGLUJUTx1qUF1n4mZzop6ZjOR-9AahuVEtQAe422sVXODPCIGV3AVTwHPBV6l2rGEEUwyidAauB8MiVLFRo1WU-u7JeEjHML5eDCDX05e5L4-CmwtO7YcAXX1bWtQT4W3v-smzZFovTbMbMKOheIAevMJ_BT2Bixi2ONJQ
Requested by: Host: earnme.club
URL: https://earnme.club/zeb-monk-from-zebronics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 200 /
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 115D 95 B
222 B 41ms
41ms Image
image/png 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fearnme.club%2Fzeb-monk-from-zebronics%2F
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/png
date: Sun, 27 Nov 2022 07:33:08 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 36BF 16 B
232 B 96ms
96ms Fetch
application/json 18.170.123.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.170.123.253 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-170-123-253.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 07:33:09 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 70ms
70ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

571f34c3cbf43861292fc8996f00733829bafd8c0b52f4f6735ab49121b182be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11165
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C655 15 KB
6 KB 50ms
50ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 2373550
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 029A 15 KB
6 KB 62ms
62ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 2072648
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F87C 15 KB
6 KB 70ms
69ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:09 GMT
server: Kestrel
server-processing-duration-in-ticks: 1934984
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9BB5 15 KB
6 KB 77ms
77ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 1703431
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 190ms
45ms Preflight 18.170.123.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.123.253 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-123-253.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 27 Nov 2022 07:33:09 GMT
server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 07:33:09 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C655
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Tdn-qF9UaWdSd1RMdDc2Z05JbnNUN3Zzbk1iUFJjYXEwMHoyazhPY3duV2RPdkFrVER4Y3BxeFhv...
https://mug.criteo.com/sid?cpp=ZTSXQ3x2UTJ1eXJ6em9LUlh1ajU3TElvTFVnakcwM2xCcGttMU5zaUZmZTFiS0NvcHdKd1JEZUUxalBndWFnYU9uN0FLcDQ4R1NiUUJ4QmplV1NaY0QwMmx0QURWTHNoWmk1Rmx4ZUo3NnRQbWtYMlY1NCtrNnd2VDhoeE...

425 B
650 B

43ms
43ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ZTSXQ3x2UTJ1eXJ6em9LUlh1ajU3TElvTFVnakcwM2xCcGttMU5zaUZmZTFiS0NvcHdKd1JEZUUxalBndWFnYU9uN0FLcDQ4R1NiUUJ4QmplV1NaY0QwMmx0QURWTHNoWmk1Rmx4ZUo3NnRQbWtYMlY1NCtrNnd2VDhoeE1hMlRCbmd4Z0ljRUgxdGtHN0l5UDVPcUJUOStZRTNRV1BHYUg5NEt1MTFha3JTd2ErQlA0YkVlMlVIY1NVbTRQZGd6RnZVRzMyY240b3A0aDZKdlJ6T3QyYUVQV3FSTWxxMHc4WGdhN2M1ZXdFNStweTZwaE42T0R4UStTQ0htT2hFSEwvNEZKTlJobXV4TGpOb2tRQXFmM2toZ1FqcWlCRVk5a3kyYVVaek41bTE0N3NqUT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3992c07950c9ac3e237d8385e2897a4e2d8ae86c629701f1ea1c557ed37a0508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1837082
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ZTSXQ3x2UTJ1eXJ6em9LUlh1ajU3TElvTFVnakcwM2xCcGttMU5zaUZmZTFiS0NvcHdKd1JEZUUxalBndWFnYU9uN0FLcDQ4R1NiUUJ4QmplV1NaY0QwMmx0QURWTHNoWmk1Rmx4ZUo3NnRQbWtYMlY1NCtrNnd2VDhoeE1hMlRCbmd4Z0ljRUgxdGtHN0l5UDVPcUJUOStZRTNRV1BHYUg5NEt1MTFha3JTd2ErQlA0YkVlMlVIY1NVbTRQZGd6RnZVRzMyY240b3A0aDZKdlJ6T3QyYUVQV3FSTWxxMHc4WGdhN2M1ZXdFNStweTZwaE42T0R4UStTQ0htT2hFSEwvNEZKTlJobXV4TGpOb2tRQXFmM2toZ1FqcWlCRVk5a3kyYVVaek41bTE0N3NqUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 644301
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 029A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Tdn-qF9UaWdSd1RMdDc2Z05JbnNUN3Zzbk1iUFJjYXEwMHoyazhPY3duV2RPdkFrVER4Y3BxeFhv...
https://mug.criteo.com/sid?cpp=cz9FsXxYNEJINmpGaTN5RVcxTXFnMm1DN3hBWE5HcEx4NmRwYTdJeFVBK1RadjI5bUw2VEZ3M1dpcGNCMDVMMExhZ1l3K3Z4V1EraW02NEV4SkcvWjVWL3ZPQ0dpR1FZUjVjbXltaTNNZGltRk9zQzVpT1VJVFBWTDFOMU...

427 B
649 B

43ms
43ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cz9FsXxYNEJINmpGaTN5RVcxTXFnMm1DN3hBWE5HcEx4NmRwYTdJeFVBK1RadjI5bUw2VEZ3M1dpcGNCMDVMMExhZ1l3K3Z4V1EraW02NEV4SkcvWjVWL3ZPQ0dpR1FZUjVjbXltaTNNZGltRk9zQzVpT1VJVFBWTDFOMUJxNGpyTWc4eGhCU21YZzEyeGp2NEZVbFdzaXhNNndkeGRuSVRMcWNlRVp1cU9yRFFKbVF0RmM2OGtFL3pXejVBWWgwY1ZNOFlRT0tUakpqWWNOOWRZMnU5UWx3djcvRXQzTzl5VVdMZy9zU0M2SlJWeVN3bXpaNVNhanVLdDNVM0NtRzRRZlM3L2p6NUpoS1BtL1FYSzJRQ09GNVBHNzFPcDQ2WlFpUDIzU3Z6VTE3bndOWT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5a6309d5edec6f88df85065def2eba6e1cfa20cb5f8f26b11ae7a5e4455b452e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1579965
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=cz9FsXxYNEJINmpGaTN5RVcxTXFnMm1DN3hBWE5HcEx4NmRwYTdJeFVBK1RadjI5bUw2VEZ3M1dpcGNCMDVMMExhZ1l3K3Z4V1EraW02NEV4SkcvWjVWL3ZPQ0dpR1FZUjVjbXltaTNNZGltRk9zQzVpT1VJVFBWTDFOMUJxNGpyTWc4eGhCU21YZzEyeGp2NEZVbFdzaXhNNndkeGRuSVRMcWNlRVp1cU9yRFFKbVF0RmM2OGtFL3pXejVBWWgwY1ZNOFlRT0tUakpqWWNOOWRZMnU5UWx3djcvRXQzTzl5VVdMZy9zU0M2SlJWeVN3bXpaNVNhanVLdDNVM0NtRzRRZlM3L2p6NUpoS1BtL1FYSzJRQ09GNVBHNzFPcDQ2WlFpUDIzU3Z6VTE3bndOWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 515292
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame F87C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Tdn-qF9UaWdSd1RMdDc2Z05JbnNUN3Zzbk1iUFJjYXEwMHoyazhPY3duV2RPdkFrVER4Y3BxeFhv...
https://mug.criteo.com/sid?cpp=ZqwprnxoeGZrWXZiY1BJL09TRUZKYzhUTisySUFPQmt5Y3JvQS9JQjhCRXpJZVR6aGQ0WVBBWUlvK1o2aFpVRk0wS0RZdWVwZ0xGM3h1clVwOTRZNjR1UlgyR040K1dESzhoTCtJUk1yVjF1L3p4VmNHTmZvUmJxUlNXZU...

436 B
658 B

43ms
43ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ZqwprnxoeGZrWXZiY1BJL09TRUZKYzhUTisySUFPQmt5Y3JvQS9JQjhCRXpJZVR6aGQ0WVBBWUlvK1o2aFpVRk0wS0RZdWVwZ0xGM3h1clVwOTRZNjR1UlgyR040K1dESzhoTCtJUk1yVjF1L3p4VmNHTmZvUmJxUlNXZUNYdVMwVmROWUFKQmVaMUlVK1ZJNlI1Q1BiN0x1QkNNeGhwelRXUDZVZnFwdE1HOENodnRHSjgrN3dQS08wZzAwaFBxRHovYzBKYWduV1MrSEVWZGowZHBHVmN1aXdyZlBBclpJUXlZVGh3bjA2VFBHZVU4TXRnSjZmRk8yaTNtYmpsZVBFK3NSeVArSVVHTVJtbm1tb3NHNk9ZQmRERit2QVJkR0Z0MjhLRVlPSHZzNU5LTT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d5f18b59933f43748543c3828bdee6a0831f8777cac086c15f0d33e9600f13c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1154636
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ZqwprnxoeGZrWXZiY1BJL09TRUZKYzhUTisySUFPQmt5Y3JvQS9JQjhCRXpJZVR6aGQ0WVBBWUlvK1o2aFpVRk0wS0RZdWVwZ0xGM3h1clVwOTRZNjR1UlgyR040K1dESzhoTCtJUk1yVjF1L3p4VmNHTmZvUmJxUlNXZUNYdVMwVmROWUFKQmVaMUlVK1ZJNlI1Q1BiN0x1QkNNeGhwelRXUDZVZnFwdE1HOENodnRHSjgrN3dQS08wZzAwaFBxRHovYzBKYWduV1MrSEVWZGowZHBHVmN1aXdyZlBBclpJUXlZVGh3bjA2VFBHZVU4TXRnSjZmRk8yaTNtYmpsZVBFK3NSeVArSVVHTVJtbm1tb3NHNk9ZQmRERit2QVJkR0Z0MjhLRVlPSHZzNU5LTT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 628962
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9BB5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Tdn-qF9UaWdSd1RMdDc2Z05JbnNUN3Zzbk1iUFJjYXEwMHoyazhPY3duV2RPdkFrVER4Y3BxeFhv...
https://mug.criteo.com/sid?cpp=UPzInXxRMFBkdVNuVW8zSUxacWJ2OVlSNlBTUlhlQzlwb0QxZ3h5V2lGZ0k5TXdDMW02bkN1QTdhV2JnYVBQeWJ4RVJqTWluNlhjcTl4NEZQNjM3c29CNFJnTndBejNZbUdMN0duZm0zUVJoVmdIRXhLNWF3V1ovYVFwTE...

422 B
648 B

43ms
42ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=UPzInXxRMFBkdVNuVW8zSUxacWJ2OVlSNlBTUlhlQzlwb0QxZ3h5V2lGZ0k5TXdDMW02bkN1QTdhV2JnYVBQeWJ4RVJqTWluNlhjcTl4NEZQNjM3c29CNFJnTndBejNZbUdMN0duZm0zUVJoVmdIRXhLNWF3V1ovYVFwTEloN2RsdkY0ejNud28zTDFVcmJVcVY4bUV2Unk3S1VzVk5rcUZVYlpWaFYydTFSR1VVSGI2ZW1YRXZaS1QrSC9aSVhkR1FZNzA1ZUFIcTFobk9iNUw0REtZTVNyMDcyUEJmTGNBWWVQVno3N2RBbmpkbktyK1ZBZDFrZm9zVmpETE16ckxXSkhHZjBhall3SkwvUlQvaDR0eDRUNDhFV1NtazcvamdZY0I0ekpkWXpEWlFXUT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

109fcd8aad755e758c8cb5a5f5bde927ddf8ae7c31d093c2f366643c523e62ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1544652
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 07:33:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=UPzInXxRMFBkdVNuVW8zSUxacWJ2OVlSNlBTUlhlQzlwb0QxZ3h5V2lGZ0k5TXdDMW02bkN1QTdhV2JnYVBQeWJ4RVJqTWluNlhjcTl4NEZQNjM3c29CNFJnTndBejNZbUdMN0duZm0zUVJoVmdIRXhLNWF3V1ovYVFwTEloN2RsdkY0ejNud28zTDFVcmJVcVY4bUV2Unk3S1VzVk5rcUZVYlpWaFYydTFSR1VVSGI2ZW1YRXZaS1QrSC9aSVhkR1FZNzA1ZUFIcTFobk9iNUw0REtZTVNyMDcyUEJmTGNBWWVQVno3N2RBbmpkbktyK1ZBZDFrZm9zVmpETE16ckxXSkhHZjBhall3SkwvUlQvaDR0eDRUNDhFV1NtazcvamdZY0I0ekpkWXpEWlFXUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 522873
content-length: 0
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 82C1 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 05:05:32 GMT
expires: Mon, 27 Nov 2023 05:05:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9D4B 783 B
535 B 46ms
46ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5709197244032b5952090c2362fd0fc4e7771cd51fa4a97b97e57c695c08f9e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uwQ6WVSMjh_d9HDIVeokIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-uwQ6WVSMjh_d9HDIVeokIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 07:33:09 GMT
expires: Sun, 27 Nov 2022 07:33:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 82C1 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 04:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 04:53:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9D4B 0
0 70ms
70ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=2312202965488994&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 82C1 0
12 B 37ms
36ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KQR_Tg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 07:33:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

um
u-ams03.e-planning.net/ Frame 2A23
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Ddefe08069b97482e%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=defe08069b97482e&uid=8238682564596395552

42 B
104 B

258ms
39ms

Image
image/gif

185.172.90.252
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=defe08069b97482e&uid=8238682564596395552
Protocol: H2
Server: 185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

server: openresty
date: Sun, 27 Nov 2022 07:33:10 GMT
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:09 GMT
AN-X-Request-Uuid: 62e75785-9f63-48b5-91ba-5274b93d037e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=defe08069b97482e&uid=8238682564596395552
Connection: keep-alive
X-Proxy-Origin: 80.255.7.103; 80.255.7.103; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

us
sync.go.sonobi.com/ Frame 2A23
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Ddefe08069b97482e%26uid%3D%24UID&partner=eplanning
https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wMzM5MDFlNy05OTNmLTMzNDctODk4Mi01YWM3ODVjMzJmMjkQ____________ASp1a...
https://ssp.disqus.com/match?bidder=6&r=Cid1YS0wMzM5MDFlNy05OTNmLTMzNDctODk4Mi01YWM3ODVjMzJmMjkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZGVmZTA4M...
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wMzM5MDFlNy05OTNmLTMzNDctODk4Mi01YWM3ODVjMzJ...

0
500 B

505ms
120ms

Image
text/plain

69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wMzM5MDFlNy05OTNmLTMzNDctODk4Mi01YWM3ODVjMzJmMjkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZGVmZTA4MDY5Yjk3NDgyZSZ1aWQ9dWEtMDMzOTAxZTctOTkzZi0zMzQ3LTg5ODItNWFjNzg1YzMyZjI5MgIGEjgC

Protocol

HTTP/1.1

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 07:33:11 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-138
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wMzM5MDFlNy05OTNmLTMzNDctODk4Mi01YWM3ODVjMzJmMjkQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9ZGVmZTA4MDY5Yjk3NDgyZSZ1aWQ9dWEtMDMzOTAxZTctOTkzZi0zMzQ3LTg5ODItNWFjNzg1YzMyZjI5MgIGEjgC
pragma: no-cache
date: Sun, 27 Nov 2022 07:33:10 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
72ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=2312202965488994&bg=!NTalNnLNAAbvMpMzzzI7ACkAdvg8WjIWVrWK1O3nt-eQJZ4Z24LPX8159iFfwgEU-_oX7IFNXhNDXAIAAACGUgAAAAJoAQcKAPdVnWigvYe2Y16R4FuY0A_zdxjzPuWu4UXqPq6Hv0MDdnGmg9kXrdNQe3GnjXRg3n9Bq7p661DrR-V-4pv4G_zpYYLQjcM2wz5mehkFVY5b8Xf7LOeK5YxLNHHrVuG9D4Ro78hF4qZOJrd6WHgmIYMfbtCGPXZFLvExQxrzpGXRqjed1Cf8ZZKDOHh1yLMmkSEYDNoZ5qrmAkJX37HyMTTNheRwhbxfDVprFKb84EsA9wupGEXubGC3u-ixCt6sZxS-NLAVYU5Bvw4xcBoQpc4g5b5Q814ayj0mXFkFgDH9U9P6m6hH6lnOsyfvLS2xh_NBzmxFCshhmQKWXiCz09lONU26REvxDBKDXAKyqxq0G3dPFXbmsEmbnIh1il1u_jL3Cssa6b2GnDImUXFEsO4rFxo0L21mk-HOiFwdwDMADpIGfuHJd66en-JBoAFKZ27RTFRgzY3wIEq-8iv_dhZwWwNkjvXatJuiDNVc1XmHkeo1hOUtbPuo8A3UM11sdS7-fjrHycehoSid8x2Tx729ifqe5ZlzhbwsfBtJkrQwjksY16MzNHpefRobLfHFFYwweud_fPC0oqEAOxIayUFwQFDI-E4A27_dfhEZlz7D2-XiOQDSG01b5HAxRdGRpQBTxDN5866N-jij0fRJFXwGF-tt1OwGSAhPLe0jaxpzHcqC-3QwqY29qXi6qYkxWJ5tY7WUQFWYhPYRIqk5BfbEPN_iNGxweAZqEzHYpdRpvk-und6UUPn3Q7Rye_XSD5iWPBRG2PVikUDh8qHLtofdLbfJGaUTkQPLIKOv8GsETie3RJ4_lC0WPtLvTFlochd517ARpXmYpOimaIsqx5SL8i05BUjWZs4S0B3mS9TY66D1E0ap2HRimNQmuw7xLQds181DXI7NtsrvQK6M7Ha8mU5_rgszoIcGyyDnJWMRGYn-qaewXu2Kdo2LnxDOYxqA6n80gtrCstItcJjBxZPysErACsqTFY8SANuQPPQFzPiK9fFZUDskVdooSlL5NdVRxHPFMPWZ889E0wwJHjz7klw4pMPvvURgAucOs_TxTY6wa4WxlupXiEGwzWGoWdHQ1nBAwSTZNdyIVn1eika2N-8mwVYkDJ8ya-OfDPCFkf-BS6griM5eLhjpJQFHa0wfC88BwZwfDeLTD86oKJJnAhqPBOJj_vKMVtOXFp1KseAzrm7rsQNcwi0DcvpvKLM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Verdicts & Comments Add Verdict or Comment

298 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
earnme.club/	1970-01-20 07:45:34	Name: tp2 Value: wMKxLTv
.google.com/	1970-01-20 17:15:21	Name: __Secure-ENID Value: 8.SE=tt3CRf1XIc48dO8YXN3UJsBl4gjvg8l8HmB0bJOfyLs-XF88ymERLOvNl4byO8H_DJoHtUp1lO7-Mno0ALsgLqgazMVlV51b_PGoK-OV3ThdStBji2cUoJWtc2VlhDbZpeQUIp0GIWvG_NXDAuTcRiFpSC7HPSjoH8V8mNdILSw
.google.com/	1970-01-20 17:21:34	Name: CONSENT Value: PENDING+180
.earnme.club/	1970-01-20 17:21:34	Name: _ga Value: GA1.1.1365863235.1669534384
.earnme.club/	1970-01-20 17:21:34	Name: _ga_LY1N2M6E7Y Value: GS1.1.1669534383.1.1.1669534383.0.0.0
earnme.club/	1970-01-20 16:31:10	Name: _uc_referrer Value: https://www.google.com/
earnme.club/	1970-01-20 08:28:46	Name: _pbjs_userid_consent_data Value: 3524755945110770
.rubiconproject.com/	1970-01-20 16:31:10	Name: khaos Value: LAZ1NZHZ-1-LGIS
.rubiconproject.com/	1970-01-20 16:31:10	Name: audit Value: 1\|naVuGyos1qqltzw0DTpTIwNb0fGVcfL/XWaA1sYWTLHCRi4Lg8bJK2R4JP69+u/WT0XZRSL7Xhq7N1XQbIqEyNp8FH0KG6PuUN+/nvRkaHE=
.earnme.club/	1970-01-20 17:07:10	Name: __gpi Value: UID=00000b88e7f767da:T=1669534384:RT=1669534384:S=ALNI_MbnLiieW6XrJHTlK2WdDYIw7Chlmw
.doubleclick.net/	1970-01-20 17:07:10	Name: IDE Value: AHWqTUmlg0eGaHZ0oyx1qtelkcl3_q9GCGVkUKtTlEnQY9bY9mhtKj5zkQYRdAlLgs8
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
earnme.club/	1970-01-20 07:45:37	Name: _lr_retry_request Value: true
earnme.club/	1970-01-20 08:28:46	Name: _lr_env_src_ats Value: false
.doubleclick.net/	1970-01-20 07:45:37	Name: DSID Value: NO_DATA
.liadm.com/	1970-01-20 17:21:34	Name: lidid Value: c3ac6860-668c-49bd-9a5c-74f3e6777808
earnme.club/	1970-01-20 07:47:00	Name: pbjs_li_nonid Value: %7B%22nonId%22%3A%22OkyVo4p88UXRDWLW6qPxL7obxq2EZS8ihrNQrg%22%7D
.e-planning.net/	1970-01-20 17:21:34	Name: E Value: AE3acf-dUtSXgZad
.turn.com/	1970-01-20 12:04:46	Name: uid Value: 2467039239227128336
.3lift.com/	1970-01-20 09:55:10	Name: tluid Value: 1401421660117714009379
.pubmatic.com/	1970-01-20 07:47:00	Name: KTPCACOOKIE Value: YES
.adfarm1.adition.com/	1970-01-20 09:55:10	Name: UserID1 Value: 7170595591717714068
.simpli.fi/	1970-01-20 16:32:36	Name: suid Value: A8B9CE3FC0474748B23BE40EAC23EABA
.de17a.com/	1970-01-20 16:23:58	Name: guid Value: 1.6002453090652829642
.w55c.net/	1970-01-20 17:14:22	Name: wfivefivec Value: rEv4VugH1OZc9Z5
.pubmatic.com/	1970-01-20 09:55:10	Name: KADUSERCOOKIE Value: 10AF4C97-807B-43CC-87DF-A111D248BA01
.w55c.net/	1970-01-20 08:28:46	Name: matchgoogle Value: 5
.earnme.club/	1970-01-20 17:07:10	Name: __gads Value: ID=c4d91b4e38db5124-22e1001d97d700ec:T=1669534384:RT=1669534387:S=ALNI_MYAyGaHd1peV0ZkMfBQsIi9qql_CQ
.criteo.com/	1970-01-20 17:07:10	Name: uid Value: d8476af6-775c-419d-9466-2aba387f45c0
.adnxs.com/	1970-01-20 09:55:10	Name: uuid2 Value: 8238682564596395552
.everesttech.net/	1970-01-20 16:31:10	Name: everest_g_v2 Value: g_surferid~Y4MSswALI70DsAAr
.awin1.com/	1970-01-20 07:47:00	Name: awpv13686 Value: 412871\|1669534388\|bceedf10-6e25-11ed-adce-2234a4c513ba
.simptrack.com/	1970-01-20 09:55:10	Name: ntm_tps__4011 Value: .NNNOZv4zyeWniVrIbMZmc9wN2d2kiI3TKsnvc8-8jhLA4y45CKv0YWDz8qnZoZqQFDl15nvitNK7R2vGqTSs8F39fvcMpqZLU_dAO1m3_nK4hUB6xf2qAAOYebIc_IDkfE3qDKD0k2zdIcyhcSo-5Hr8BGfJzg-E_ovJt8lPUsVjiXWrSRx_3mcpcJIgoeJ14J4JE4dfbCw-SDZtLyLI0CFpVFmUBD0Z__M2_Cr4tfYGGhYkIGD9OovgnbO0wl5R0FFPjZ0rcM7yd60gFH83TlNZQ7HjB2TNNNNNNNNNVf4U
.simptrack.com/	1970-01-20 09:55:10	Name: v0rur7gqspb3_uid Value: 619ffa249c834508
.tribalfusion.com/	1970-01-20 09:55:10	Name: ANON_ID Value: aCntmIO5nP97PRo7UVbxeyiJYrNKb38lmyNFLZaCtwIDgut4ErKcsvVytrXZaOecCwkFyUdo0HrUUcHLTZcIGNU6Zcik
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.awin1.com/	1970-01-20 07:55:39	Name: awpv11938 Value: 412871\|1669534388\|bd197180-6e25-11ed-bfbc-22342ff4a6f7
.bidswitch.net/	1970-01-20 16:31:10	Name: tuuid Value: dc883d81-4ff1-476e-b5f0-29ef61ed4675
.bidswitch.net/	1970-01-20 16:31:10	Name: c Value: 1669534388
.bidswitch.net/	1970-01-20 16:31:10	Name: tuuid_lu Value: 1669534388
.congstar.de/	1970-01-20 07:55:42	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1669534388_bd0bb5e0-6e25-11ed-9d10-2262c713b6c4%22%2C%22sp%22%3A%22awin%22%7D
.casalemedia.com/	1970-01-20 16:31:10	Name: CMID Value: Y4MStAs6VQIlDsNzLtOpmQAA
.casalemedia.com/	1970-01-20 09:55:10	Name: CMPS Value: 1197
.casalemedia.com/	1970-01-20 09:55:10	Name: CMPRO Value: 1197
.casalemedia.com/	1970-01-20 09:55:10	Name: CMTS Value: 3242
sync.srv.stackadapt.com/	1970-01-20 16:31:10	Name: sa-user-id Value: s%3A0-2e37d7c1-d21c-4dad-4fe1-0b0d2f0edf5d.2cUPvRD9qTUqSi6zufSiVyTpk4Q%2B6BJoh2LxqVjxOA0
.srv.stackadapt.com/	1970-01-20 16:31:10	Name: sa-user-id-v2 Value: s%3ALjfXwdIcTa1P4QsNLw7fXVD_B2c.0iULNRWpN62kcINGjJPA0K6QLQZljVyRRbdtfTutZqU
.earnme.club/	1970-01-20 17:07:10	Name: cto_bundle Value: 1_SB_19UaWdSd1RMdDc2Z05JbnNUN3Zzbk1hV3glMkZTa2FHWjRBeVNLRUNqS3U3Tk9LR3Q3RnFrOUJJdm1pMlJZQUZCRFRuQXFWdiUyRm5JMGJlOVI4NGtyNURwUVY3RTJJYkNEckQ3RDhGZ0Y5TzV3MTFwdHIyZTZWNGJDYjZ2bkRmY0lSN1B4b0gzSFREcVVzYzdjcVVXTjlJRTZ3JTNEJTNE
.disqus.com/	1970-01-20 16:31:10	Name: zeta-ssp-user-id Value: ua-033901e7-993f-3347-8982-5ac785c32f29
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85138\|Y4MSu

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://earnme.club/zeb-monk-from-zebronics/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://earnme.club' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://earnme.club/zeb-monk-from-zebronics/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://earnme.club' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://earnme.club/zeb-monk-from-zebronics/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://earnme.club' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://earnme.club/zeb-monk-from-zebronics/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://earnme.club' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

429735be2a98d3f5cdc37b5c16eac78c.safeframe.googlesyndication.com
4437bb117a0747f60bb8deab1a4df4c3.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
adx.adform.net
ams-pageview-public.s3.amazonaws.com
analytics.webgains.io
api.rlcdn.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
at.teads.tv
banner.congstar.de
bcp.crwdcntrl.net
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cat.hbwrapper.com
cat.nl.eu.criteo.com
cdn.adapex.io
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.playstream.media
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
d3div1mtym39ic.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
df38bd896be520d961af1a9e6246d5d2.safeframe.googlesyndication.com
digikulture-d.openx.net
dsp.adfarm1.adition.com
dsum.casalemedia.com
e5d6ec74714bba04696559b88150e6d5.safeframe.googlesyndication.com
earnme.club
eb2.3lift.com
excellence-prebid.sfo2.cdn.digitaloceanspaces.com
fastlane.rubiconproject.com
flashnetic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.adpone.com
htlb.casalemedia.com
htlbid.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id.sharedid.org
id5-sync.com
idx.liadm.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lexicon.33across.com
link.tnlink.in
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pix.eu.criteo.net
pixel-sync.sitescout.com
player.avplayer.com
pm.w55c.net
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prebid.smilewanted.com
prg.smartadserver.com
prod-rtb.ad4mat.net
prod.uidapi.com
r.turn.com
region1.google-analytics.com
rtb.fr.eu.criteo.com
rtb.openx.net
s.tribalfusion.com
secure.adnxs.com
securepubads.g.doubleclick.net
shb.richaudience.com
ssc.33across.com
ssp.disqus.com
static-de.ad4mat.net
static.criteo.net
streaming.playstream.media
sync-tm.everesttech.net
sync.go.sonobi.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.teads.tv
tags.crwdcntrl.net
tg1.playstream.media
tm.simptrack.com
tnlink.in
tpc.googlesyndication.com
track.webgains.com
track1.aniview.com
track1.avplayer.com
u-ams03.e-planning.net
u.openx.net
um.simpli.fi
us-u.openx.net
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
api.rlcdn.com
prebid.smilewanted.com
104.18.33.19
104.75.89.75
104.79.89.16
13.32.121.60
13.32.28.197
138.199.37.232
142.250.185.198
142.250.186.66
143.204.89.72
147.75.85.234
151.101.66.49
157.90.71.190
162.19.138.117
162.19.138.82
162.55.101.208
162.55.236.224
172.64.154.237
178.250.2.146
178.250.2.148
18.133.50.153
18.170.123.253
18.172.226.34
18.189.199.42
18.196.227.91
18.66.97.9
185.172.90.251
185.172.90.252
185.184.8.90
185.64.189.115
185.89.208.11
192.241.157.60
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
205.185.216.42
213.155.156.167
23.203.81.208
2400:52e0:1e00::1053:1
2406:2600:4::1
2600:1901:0:76b9::
2600:1901:0:8344::
2600:9000:2057:3c00:11:1ed0:3900:21
2602:803:c003:200::41
2606:4700:10::6816:3556
2606:4700:20::681a:71b
2606:4700:20::681a:a19
2606:4700:20::681a:bd1
2606:4700:20::ac43:49e4
2606:4700:20::ac43:4a81
2606:4700::6810:85e5
2606:4700::6811:180e
2606:4700::6812:19ad
2a00:1450:4001:806::2003
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a02:2638:1::13
2a02:2638:1::17
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::2
2a02:2638::24
2a02:26f0:480:b::210:f1d2
2a02:26f0:480:b::210:f1d7
2a02:fa8:8806:13::1400
2a06:98c1:3120::3
3.66.127.67
3.69.57.55
34.107.148.139
34.149.20.76
34.236.140.33
34.91.62.186
35.157.246.167
35.158.8.6
35.163.64.21
35.173.91.17
35.186.253.211
35.244.159.8
35.71.131.137
37.157.6.242
37.252.171.22
37.252.172.123
46.4.250.26
51.89.9.252
52.0.108.169
52.19.187.82
52.206.200.5
52.217.236.17
52.222.247.205
52.24.69.139
52.34.9.17
52.44.35.90
54.195.100.225
65.9.66.110
66.155.71.149
69.166.1.12
76.223.111.18
81.17.55.99
85.114.159.118
87.118.116.9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0350f30e088370e834c602efe1c1ef8bea72bd2799ae902a2d2d808fb504b558
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
0445219ca45fc5baaae50134226ef1af0372c5487dd7c1793f2e688a8c16c003
0449640a01b1cf31e7b6fb9ecb324dcf1ae94f15686bfe003ba994ee9c2165da
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0826fb8a61e233ee8407714c14c2d483617fc9f303782315d0acc2a3d80dd6a3
089519d57709ae55c20e3c480bc73d23f891021e3a44fb7a34aa408745abf51e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0a418aea5dc7c01a9abc948b99ce785df9dfe1807bd2551554ea060507758014
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c8a854e8a9ca905a5e011622c43e7f3b8c2626fde55dbc17ff3279d4c8a2c1c
0e0d5aaebcb9185499dabbc6f1e6979b963ba0a9e683603e0662e96302be9983
0e23ca6ee9ff84c131481946db932e55156899b686c43df4479e1e7c9e3c9407
100621ff17a5cd5dbf80655997960c91b60697d62b7578070949aba3b5fb46f5
109fcd8aad755e758c8cb5a5f5bde927ddf8ae7c31d093c2f366643c523e62ee
11f92d13ac94346c1b08b18ea8f42522ea2fbe88c6598fb4a48b9939905306df
1374625c85486397f165bde97d682f78834ada7f54e41b4e28407b1535d345cf
13acdd1f16864122998f10088b7fc3b3299995e006c7fac587cebbb7c45c7558
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
141dca0b06d86565afe268353e51288d63df3cd9150514016e158d1052387c53
145bff31ed12136c3aff5858b8e7a8230d06535aad4827c02fd501e8d2c4be50
15720669d47a5de832c6e6d8f5e8c652d48e7baa8b6850c81d855397a8840527
15cbcc1f14083603937ed01ca11e9e4b3c2b43e18506880f738bec9aef3bcb41
160a44bb6d78ff7a2e7ea5773a158e9ba9395f52de8feead6ab27384c2d79fa8
16af50ef55d20bdada465285d76ef611d68414665fe87f6eed60b4211595d195
16af8924f7860436731659fdeeb4b9cbab4bb000891e6b7651aab9060551c7cd
17eafd22555ae4b4e81616ec64a0cd1c2fd89af911e977cef3742d7bdf187b03
1a34b6f86676072feb7011a67871b8c44196b4b68173828056c5612031e15d16
1ad3b7003d2f4ad536868513638e900dcfebc4dfcec7fe682452ee64d1e64e50
1ae6406a0b2ce028df62b9eb00686113dad097be3f034f7c925db06fa951f6e2
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1cc99bf2588ad3d83408511afd8f918238a4979f66aff714773a426c83e3ac8e
1e729fd36c5d34a455d0da73aa13dafc72786790414f04a0e77fc29ae5051bde
1f0a434963cafe496427c7394e169adc5b3c2b5b93d0b3c69d335612e84a75e9
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a
211271cc94205a198c01ad8310ed3f77f1f641661ce338e4982b9d385de25c17
2217681f6d9558c2fab7e3ec0f40051276138880c76082503a33a699bc1accde
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
242b9440547327fc01011d56734fb2647fcec50b43b43b4955563d31f93db693
254cb4151633296ad59cc8d55b3f1df4c90cfa23f632fd02de1f93110b5b6401
26417eda7f74fa1c09a05a3ab8d2188caa35159f25abf6e4be3dfe09e3880a02
2711e995bdb0042b32124c0dabdcd1e57363ccbbf3cdf2085a1ba74001717109
28d34ab18b89c1b819b944df64a9da41e88adc720f9d630591b0cff43ba31737
2ac5e850e31e9b353722df86e4716ac7bb2b9719f82f9f9b269ed0dfaf471c17
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d857f70a9935f884ca0b4119117091fddfe519c0e8f3dd5aab1b32f4367f6c7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f569af96a49aaa0cccac6a1051e552e08f50d44e3630b9832673de9e31f98ab
31019c9d45fc559bd5b7d56caea9eb3d56a7fb8b1f5794b6f5fdf99af6c0af0f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3254b0c4685110561aece33f604a07923b63e4dfd91ea9bd691a65ca85455691
325d1bd9c9b3ec9fbb90b7a1f6474216dbb28bd98283c71e853b163f32b75079
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34f33f34e78fa950653c120fab2d337ff48d56ebe196c7572d8738ad69285903
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37ababdece3bf5c0d3b3d0558b4ac937bc5711af843eb9a8675deff919556b62
3992c07950c9ac3e237d8385e2897a4e2d8ae86c629701f1ea1c557ed37a0508
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3c65bfdc8d725ae88c0ff908870bf582b051be9431b1080e0fb5287031e28a8c
3c9ecfdea408321a7f5dcad4dfd4df6affcd077826566568cdd78a8a673cde15
3e0eb65dac6415ddd4d30cb3e5d091f9ad5f55269e4898a43f33bb11fed19baf
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3efa57d7331466e854dd9bf53ba6cdfd5754743f56c7437d07c67f7feb01ae8c
3fbfc069816c4d95cd310eae7e2ad5122b508a7faf2e8603748408d6fa1d0313
3fd8500b544fbfe395510a18061c3133a0abe0dace51c7f672f120d5d0cc48d6
3fdce65c59d8d48e267e996153af14ff83be1af70d6e37c59c6dbdd635a8fbe3
400f278f2c69dfe83e18444890571c1aeed175e0314a701a3b26b4e1871ae2c2
41523816f727c968d5332470f69797d19a9626d224d1ce5fb5ba940e4bc83237
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
4258b03c47fdeddcbc090534179a8fe7891a05cd10a8073da842fd4641c384e3
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37
4472c3f9c3ddd4bcfc159e3dda8e56d33a569ec41844f0888d2af2138276aed3
44f32ab1e85e8dd1ca4d31a3d046578ddc82a58ab77bde83f14f013020b491d6
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
47400cc1ea9b116d38027acbbfad8876ae6c36da12c9e7546e020097bc142875
4742a640c7e9d31a6ca7b479431150e3e0af5b51ac2321dbef9380c3ead58a6d
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6216e2a671c8b2d1f221a4b8bebccdbe3c42fe34afaa541f7bee9bd47b2ff0
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b6f4c4c3e350a02d6de6ed54c437b1bd4d6f8ff8c682d81ce2c9d1495d17c90
4c9a73c68d8d7e8c279140531b10d78afb2a538232efb83bce2967b169608f95
4cd832fb577a29da8f4fc8e65d7e4519d4a8ada29b2a462933a724187650f8e0
4df3efefcc7b75a64dac12d40cce168715901708de8a0a39afd486445af8edb1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
50ff8f6189413a33afbb07569cf756f8bda593c9259ef09bc05f0935f353ede2
510f80d74225d36d579780275e461eb24610385df6aa475ba3d72918a7007ec0
52ed86cb6567c674f5263fd29a16398ed936d29cfbb471954195f9ea93f0b975
54147eab61d83661854e0411e81ed1cbd7c340f349aaa369afe91167046c234d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564f2e78f64eda11dc102ccdf2ee745054535647667735b3f2dbe478d45b08ee
571f34c3cbf43861292fc8996f00733829bafd8c0b52f4f6735ab49121b182be
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a6309d5edec6f88df85065def2eba6e1cfa20cb5f8f26b11ae7a5e4455b452e
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ae2fa559328083a8403f479edf65c4a0d0985b0929c8d0bcc005b195df81447
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
5fe75d0fb01c62e14b75d418f8e5bb6e413e49610f564e90248669d7e3513403
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e27b65205f3d9efb8776660a651625dded2e1621da5b91b1c9d7592a70b5e6
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
666ce52970e14b7bea137f2126a053e487a9e7560a4ed6605eae68fe45dfddd2
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
67222206459cdeb286aa7e26886bcd9b3e8fd6e4b655f21585f0f7a2029619a6
673156dd2f9e0f5f37c0810865decc5496c16ae21a6aba0882d219295bb4e36b
673cdb3abcd7e9ea010e3d93ebcc60f161f17094dbae17bf5810241dce7c0183
67c17fb8fc8304877714f44305fd86427c28907626754df5ee601a8c93bfa5d7
68fb9593855c353161c20ce5759e642766c99a86a8a9f39d316856d9b9298c7b
6a8b835b6f11b6387ea2a484337682db4b9c7b6a4fa7fe904b8319ffe219ecce
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6aff6f6523e945e76b87bc555d3a07b8524dfdfca97022ca479878a5693a4c09
6b84a24c694347539523be6a02b433a6fde398ee929227a1046e6828ef6cea28
6bd305dae749af55a0692903cc4df6a7cc3134d85fee97c5025500e704e2f938
71ca7fcb5b1f41918188022035ce72f844b299b7ffd064c4c9e3c9e596569743
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612
74196258aeb1037f05157978aa1e551a8ad412aa697bb3b5bf77d9f46bcff531
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74cf4c06490bc2ea5ec19410e68cd2d4dae7868770d9ef7487f01659916a2cea
76424452f8e1eb0bc7fb20f6d7fa0dcaea480d7152a74756c01e816a663c3aa1
7840da1e1514aa186ef658f888d21176aa44b3192a16251cd31d419162ce776a
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
792821be3761b735c9b6c753310d30556eff2e1e5dc45bec36c9755fd3ce77e5
792964c60fc022b143bc5903bb76b771a1f1fa7e8a0e29c91830941b179e107f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a6149317398791f5a3ab748420aa49fda9931dddb83da7c0739e620392f439b
7ca845ec82420d7c71882f49bf407d425aed985945706eace9bcc5140a3e444e
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
7d269563182c964e135676bda2192bc0d03d6699096450469b08a34bc73364fc
7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f4e942b89543c917fca335351a2bd1d968c5415f04b2054d01348bed12dd644
7fc841a449b63abb54c966ee75d5d4b92f9a621e10b691540f30aa9e1ba6e381
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80b1c8bca531e93d0d9f4cf7444a72021d115440b3b70417ef489810b320d652
827ef8ec07890d3eb21c0065eaa310c9e8ccc53ebce269e2d210060eacfa4365
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
835f767a376161044cae1f81b839650f02f83bde95bfbd9daac9d456ee89bd9c
8368cc371de9843c6776a11a84e0e7783afccb8914030507a988a026f413fd04
84a3173cfd1340bb6519bdf25708fe60073636546766e6e0568b6d0621daeead
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
872dfd5d42b8170c23c07b10587fa208e3aa374ac9bd9ccd5a4d17f47d206f58
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
89013866b8ebfdf82160764b685d3348dbc619e7342d161756f8153252ac3ae8
8c21a7b5005bdd1f32b15557343ca747efc0378f69b0b792618cf372623bd1e3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8f28972439bb8b299ad068cb973f23babbf95ac3dbef23fb185150a5dec9ed4d
8f5138bbe084300fd20ded1b3d49d28d680161f854f19f3db0164d6676f109a3
8f7c25570d7a283a363c280d4e04e5f58ee2ad80e8533ede91791859df9eebac
900237de92edcc855669838940fc4210f1f3eee655869b7994c34f2f2fd168d3
90249a65067a64c3685a22c6fed183d9a02a39cf72209459ae4de78c008c5422
926a58621fc0afc2742ccb975b291f042fff053cf3bf8454ac3d4bb760c07359
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
93661508a3e80650e4cf1a6eed5eacaa6b9af20d4020f0262053954c53c989ce
961d69dd0e8a2f52ae99473f60e510978dd3c6cda2365e665977afc10c975492
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
998e3efe2d47d0df4a109b3c6d1ff172e03be9bd6578004a393accaae9a321d7
9a0fda7bca53807a574a641ba6e1c70b4b335bb745d6bf73c239b3701f167cf8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b43ff6b17f2d84744f3bb348d6dcf7e04648b5cd9f09983355211fe5900a06d
9b52222de39ec5dee8aff7fbad4c7841d52c70c32df487a6e82385b29721e816
9d73d3173870dda8e03d30133fbde838ee6cba38456fb573c1c9672f87224b4e
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f9e9a6f8680601c36412dc2a4b26945c805037d977c536a0c2e929969377790
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0c1cfde9adbf8428d47eed4232640c18a8f286052b03e35ab75b78285f6d434
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a10cf3db6d57c047422ff1e64f14ce5157967f4402bbee6ac0c5f21fa708456b
a160c2915fe68ae5ec0ab9f6c303bbd448f6e318013df358b791cf96e98a9147
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a275f71508c03e493de51202c19a88aa576971942839ddf2ebea5b3e0981067c
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6575cd095ca13c609e595584cf5e72ca5eeeddcab7645c8dcfa8db33a9f9e0e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a80ee8dfa1957b839b020b97a499dca97d0bcd27e8c70da63c17b8b77981d29e
a8c4b804e926b17ac797ee98c257941270a2110a7bf9e515193e83461342631f
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
aa776b870a7ecb2c6aacde59216c08ed3381b4c3143827d3de836d88c50019b4
aa9e134bab8c1b867412c14fa1406a5cca132843e5ea21d071db34330bfd1501
ad032d1cf528ab452328c93f4e286e5034be1a9e5c74da91d2828d6a50caa6c9
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b077568817ac6d9960ce2056ef98b835658d71543276d9b8e07e0e068e125695
b15c97229785d86cf4bdad5615f0fa63fd0f73a72112ba74e5d9c41d9e472957
b1fa3e3924cf3e4a8c28a92c28f2983d4009baabee3da2d95c680741f4a5e106
b367117e8cc26a1b21b2d6e37cd7ecbc65228585420b6c8baf76ad70d6b01b59
b3b0137db1382e11e0df414b0c33bda93bef74a0fd793589a3263d59eb8e1681
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60
b57f49a6a10b1b7f4efc168c0dd9bfa8e51372f8a7aa4018f8083762dc78a701
b5bb863c6910d0c861eeeaa51d06324486b9d280f11a11ccfd77c305283fa912
b61c89023f7686b1d6bdebccc6648200cab30cd56f490d8b2f60be44e3e97832
b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd
b6957d313500d16177e9c52ec1c927e176096aa696954059b1bb2b464371b4ea
b7a7a1458058fc8e9a0b596590b7f7eb8a5c3b66280c1b626dc0678fe8f69013
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
bad8b870144da59d9de7d4382bb7b4d39efcbaf5a11f3eefc13a18da27bc4d6b
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
bff9db15963c9a1815ce98b084ed6e14cf888fd6385eea98d079f5a246d00dbb
c31e3cee1036099d7db444aa79b70a4392fc1c8514261d3ad86828831ee57281
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c5f03612599dd719e77207b571205c351b395c4621a457d337cab93101373d81
c6b104524d31546f75a06c3078f7bf173d13d32fba0f496cb0ff00835e74e340
c76043a28cfca83f0cd483258110f88c0ba5ed02b1e69970c0b69d8c390fa109
c7ad2fb033696f6b193dc1e4ef7d353c1d9a4d4a39772bdd0b44175704986ef8
c8cfc7b197a4cb89f4862b2e121ed799018bc09b078c8ea9fab777c104d4e75a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca5efdb423de2025aebaccf180bd29abcbff28dfb0de7e938f00f6782452d121
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cc919c0061c6276f611747fde8eb00f5810b7d97bf352de289a659c3e1881647
cced6e6d117afa2d6ed36d4bf35822cdb98948ca21eab878e5cf4997c68c156a
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1
d006036555f2f72377938f901c9c62195e664101d2b744de781271fb23fd2b37
d0095d87a5931ac1dfeb3dcde32742ac61053172341e8cc1922bf224a6d8437b
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d04e5745f2b38a9c48cbb922d951b50dabe24f7b5fdf3d2b48137a4a442024b2
d0a6b97d9bb826082d53d527948dbfe5a62822184c40fee8b5024a6f70c34759
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d381aad39c58759bfcc6d1621209fab9f0405cfda55ed3feebac66ebe8fecd2e
d39a61a41e7f06cf97898bf91ff640d499329f001add42a8859e1da5744fa6a9
d498ed4f129445bfa41597ce504d7e7f84df8c3aa7ae131181768748126a7ecb
d5a3eabbc1f43d202b1c566d85f2f84100e9ec9ca1b5f6f2719355876015454e
d5f18b59933f43748543c3828bdee6a0831f8777cac086c15f0d33e9600f13c9
d6174072bde023639f0561e74874ff519dfa93a63a5a2e6205aadf94d8dbcbb1
d6e31dc642e997695277f9fcf7a9457488572430f157887d176e8db215b7e4ab
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d98054f894c7466e12ccd6d18d4ef837dfc14d11462318b8338c422d81327c11
da43c26c1aff9f14a64aaaaf30c896aae4a50598a14ef7e205ab02af532c565a
db9183399100c863196f86320a8dec93dee36ad9a3711964b71ea5672a7d3f32
dd9b8e81b879a37956de87ed59cc06f97c63654cbf0fb23d6f0d2ff367c1fcb8
dfba59eb0b13439ce1e54eba2fd5188f823d4af045feffb22368f1d6a0be7de3
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e15ab701716192b88a540c6f054e5b03aa90911af6ce02c9d74729bd26404d68
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3a6c1ba3aa959e2d89552648237fc7c453c1e48680b33467b57597518a60c6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41ff7df696c9955b4dba3036ffecfd5a8a9ebe257faaa46b5c5d0dd3481141a
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6e809e7ba77128450462c6237be9b8de05418612d83fe1898fca041c22b08a5
e7257b5019126c55e01530f810b33023d7656b169aa16f2055c19b118de163a7
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
e88cf4753d0204c9a3038d859a681acbde8c6df1f79df795b809c76177aaf1a9
e8cd02ee3539f33c17a3e19fcf5a1d004e7126a6eb0e5503898f66cd6ed5f054
e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa
ea19d08a020adb3eb7ce2fd8643604a6c012685543d5260289ab254462f7a7d5
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb5e304dae72c06d08e56338420864dc62451949236ccc7d81609de6689f76fb
ebb7450ea0fc9fad850ee07f9fca7efd3f6a8c6f47ce331924127a366c69e4e3
ec9c4a5d7f3ac95c07391247939dbad133c579e24ba71951b741f0aa1574b902
ee00acaa1eeb92b0e009a525b7ee91c409f4d13bede35d72fb5699c72759f174
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eed6e5065063dae2c782eed50a689ac3a320ed67114356ac9a3c9e6e3e308eab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef39f9c952028645a7b7bcef44b4db5a0c674a150c21ec2aa083af898c8c2847
f06319d736cb3d6e05de978eca5e576836541b84b530a6de3e35f3159c4d681b
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5709197244032b5952090c2362fd0fc4e7771cd51fa4a97b97e57c695c08f9e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f66bbef0a315d547a7f852cd1958619988f6a920da32462e53e0bad818acadb3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67aef7445cdf3436ca0bfbf162c6661c2d7ceb755818582187477dce6d163f9
f8e20ed47f5993f8859379ce3743ad1c3747013d43ba8548ea2a4c2622355602
f9630f9d8197711b7c9852db5749e5dce78ecf5924102a6981b597bdf084bbe4
fa2b6fac2888da36c26781b5c2d4fb6ca8ce622354392de0630db3bdca27942f
fab9009ed9a4f6edb1662b431b1c969607743dc38f2eded88f35eddbbb0aa993
fac42fe5e32e82981550c07c3b086b232b01c768575520b0e0f876190493110f
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fbff17b8544a058a2513ab4cbc795b6fa5880abbb34d5a990979a7257c51ebfd
fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa
ff1cbafc0bdcbd047e63cf4002ebb7a4773fd8970048d5c9ca99d574780260f2

earnme.club Open in urlscan Pro 157.90.71.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

842 Requests

95 %HTTPS

37 %IPv6

78 Domains

124 Subdomains

97 IPs

12 Countries

15049 kBTransfer

36517 kBSize

50 Cookies

6 Outgoing links

Page URL History

Redirected requests

842 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 24 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

earnme.club Open in urlscan Pro
157.90.71.190 Public Scan

Screenshot
Live screenshot

Full Image

842
Requests

95 %
HTTPS

37 %
IPv6

78
Domains

124
Subdomains

97
IPs

12
Countries

15049 kB
Transfer

36517 kB
Size

50
Cookies

842 HTTP transactions
24 data transactions