earnme.club Open in urlscan Pro
2606:4700:3036::6815:2aa6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tnlink.in/6trZZaT
Effective URL:
https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Submission: On August 18 via manual (August 18th 2021, 3:13:37 pm UTC) from IN

Summary HTTP 238 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 39 domains to perform 238 HTTP transactions. The main IP is 2606:4700:3036::6815:2aa6, located in United States and belongs to CLOUDFLARENET, US. The main domain is earnme.club.
TLS certificate: Issued by R3 on July 6th 2021. Valid for: 3 months.

This is the only time earnme.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3035::ac43:c76a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 19	2606:4700:303... 2606:4700:3036::6815:2aa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
21	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2600:9000:219... 2600:9000:2190:9400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	54.152.122.180 54.152.122.180	14618 (AMAZON-AES) (AMAZON-AES)
4	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	141.95.4.196 141.95.4.196	16276 (OVH) (OVH)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1 3	185.86.137.114 185.86.137.114	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
9	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	54.246.143.132 54.246.143.132	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:1997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.89.192 13.224.89.192	16509 (AMAZON-02) (AMAZON-02)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:219... 2600:9000:2190:4400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.83.70.249 54.83.70.249	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 3	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	34.248.25.248 34.248.25.248	16509 (AMAZON-02) (AMAZON-02)
1 1	3.8.243.222 3.8.243.222	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:15d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	54.217.215.116 54.217.215.116	16509 (AMAZON-02) (AMAZON-02)
23	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
238	40

2 2606:4700:3035::ac43:c76a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

tnlink.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
link.tnlink.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:3036::6815:2aa6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

earnme.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:9400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.152.122.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-122-180.compute-1.amazonaws.com

servt.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.241.23 (United States)

ASN33438 (HIGHWINDS2, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.4.196 (France)

ASN16276 (OVH, FR)
PTR: ip196.ip-141-95-4.eu

storage.de.cloud.ovh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.137.114 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eqx.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.143.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-143-132.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1997 (United States)

ASN13335 (CLOUDFLARENET, US)

boot.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-192.zrh50.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:4400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.83.70.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-70-249.compute-1.amazonaws.com

serv.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.241 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.25.248 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-25-248.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.8.243.222 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-243-222.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:15d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.215.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-215-116.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	doubleclick.net 2 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net googleads.g.doubleclick.net	145 KB
34	googleapis.com fonts.googleapis.com ajax.googleapis.com imasdk.googleapis.com	5 MB
23	taboola.com cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com	810 KB
22	modoro360.com tg1.modoro360.com servt.modoro360.com serv.modoro360.com	9 KB
19	earnme.club 1 redirects earnme.club	240 KB
16	google.com adservice.google.com	2 KB
16	googlesyndication.com pagead2.googlesyndication.com	198 KB
16	2mdn.net s0.2mdn.net	263 KB
9	zeotap.com spl.zeotap.com mwzeom.zeotap.com	3 KB
4	themoneytizer.com ads.themoneytizer.com	204 KB
3	adsrvr.org 2 redirects match.adsrvr.org	2 KB
3	smartadserver.com 1 redirects ww1097.smartadserver.com eqx.smartadserver.com	2 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	pbstck.com boot.pbstck.com cdn.pbstck.com	51 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	google-analytics.com www.google-analytics.com	125 B
2	consensu.org quantcast.mgr.consensu.org	69 KB
2	tnlink.in 2 redirects tnlink.in link.tnlink.in	990 B
1	casalemedia.com as-sec.casalemedia.com	424 B
1	rlcdn.com api.rlcdn.com	218 B
1	adleadevent.com adtrack.adleadevent.com	522 B
1	mathtag.com 1 redirects pixel.mathtag.com	709 B
1	agkn.com 1 redirects aa.agkn.com	382 B
1	quantcount.com rules.quantcount.com	1 KB
1	indexww.com js-sec.indexww.com	13 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	cpx.to p.cpx.to	3 KB
1	quantserve.com secure.quantserve.com	9 KB
1	onetag-sys.com onetag-sys.com	823 B
1	leadplace.fr tag.leadplace.fr	4 KB
1	criteo.com gum.criteo.com	362 B
1	tmyzer.com c.tmyzer.com	271 B
1	sascdn.com ced-ns.sascdn.com	21 KB
1	themoneytizer.net g.themoneytizer.net	271 B
1	aniview.com player.aniview.com	98 KB
1	ovh.net storage.de.cloud.ovh.net	15 KB
1	avplayer.com player.avplayer.com	58 KB
1	googletagmanager.com www.googletagmanager.com	50 KB
238	39

	Domain	Requested by
32	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
20	servt.modoro360.com	earnme.club player.aniview.com
19	earnme.club	1 redirects earnme.club
18	pubads.g.doubleclick.net	imasdk.googleapis.com
16	adservice.google.com	imasdk.googleapis.com
16	pagead2.googlesyndication.com	srcdoc
16	s0.2mdn.net	imasdk.googleapis.com
14	googleads.g.doubleclick.net	imasdk.googleapis.com
12	images.taboola.com	earnme.club
8	cdn.taboola.com	earnme.club cdn.taboola.com
6	mwzeom.zeotap.com	earnme.club
4	ads.themoneytizer.com	earnme.club ads.themoneytizer.com
3	match.adsrvr.org	2 redirects js-sec.indexww.com
3	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
3	securepubads.g.doubleclick.net	earnme.club securepubads.g.doubleclick.net
2	trc.taboola.com	cdn.taboola.com
2	dpm.demdex.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ib.adnxs.com	2 redirects
2	ww1097.smartadserver.com	1 redirects ww1097.smartadserver.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com
2	quantcast.mgr.consensu.org	earnme.club quantcast.mgr.consensu.org
1	15.taboola.com	cdn.taboola.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	eqx.smartadserver.com	earnme.club
1	adtrack.adleadevent.com	ajax.googleapis.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	cdn.pbstck.com	boot.pbstck.com
1	pixel.mathtag.com	1 redirects
1	aa.agkn.com	1 redirects
1	serv.modoro360.com	player.aniview.com
1	rules.quantcount.com	secure.quantserve.com
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	boot.pbstck.com	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	c.tmyzer.com	ads.themoneytizer.com
1	ced-ns.sascdn.com	earnme.club
1	g.themoneytizer.net	ads.themoneytizer.com
1	player.aniview.com	player.avplayer.com
1	storage.de.cloud.ovh.net	earnme.club
1	player.avplayer.com	tg1.modoro360.com
1	www.googletagmanager.com	earnme.club
1	tg1.modoro360.com	earnme.club
1	fonts.googleapis.com	earnme.club
1	link.tnlink.in	1 redirects
1	tnlink.in	1 redirects
238	53

This site contains links to these domains. Also see Links.

Domain
i
earn
rasik
wordpress.org
mhthemes.com

Subject Issuer	Validity	Valid
*.earnme.club R3	`2021-07-06` - `2021-10-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
wl1.aniview.com R3	`2021-07-28` - `2021-10-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
outstreamedia.com R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
*.adservrs.com Amazon	`2021-02-02` - `2022-03-03`	a year	crt.sh
*.themoneytizer.com GoGetSSL RSA DV CA	`2021-02-14` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
storage.de.cloud.ovh.net Sectigo RSA Domain Validation Secure Server CA	`2021-03-11` - `2022-03-11`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
g.themoneytizer.net GoGetSSL RSA DV CA	`2019-10-16` - `2022-01-17`	2 years	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
c.tmyzer.com R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2020-09-11` - `2021-09-12`	a year	crt.sh
onetag-sys.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
pbstck.com Cloudflare Inc ECC CA-3	`2021-08-04` - `2022-08-03`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
adtrack.adleadevent.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 53 frames:

Primary Page: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Frame ID: 815F4142B285C6279463B082DC1DAEAE
Requests: 79 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4
Frame ID: 7D6605CADBE0206AEB0A263F7CD6882E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1629299599385
Frame ID: 3E96C9F2DC01E76B8A6EFB70D6D2819A
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258&cmp=0
Frame ID: 152842E095123C29CDF24A81D32F5F6A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 068706F3E80B89E5439B654A6B104560
Requests: 22 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 5D87AE2DEE576AECCC0149595012C62A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 80318D564DAC77F2D2199A6CDEADC211
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 605668B8DF7441B5239C07EC8F3428E2
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 84295D6B40F1E7A4EEE9D1E417F758C7
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 1AD372396A0E8876CABE71939E63F69D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: B7B5061240CCA6B785479EC323E923FA
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: 188D43AA2648694D396512D4293790CE
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: 43E0BA28AB2F6F8C8CE8DF2FF1F9658F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: 90F696F60F4E5734E50DD5FD73E44050
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: DD249AFA244AE48838530175E7FDA354
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 130D2CEDA7782862DE3315694957AA57
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CE18D1C0F80F02594221E6D975427F2B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D7ED3E30A7BED821D1730E408C46BC55
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E2F47BC26C8C0C210DAB2EF1984CA995
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 690EFF2EE7725169BB714308A5518893
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C27D4D92CBE8380437689433EADE14C8
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 493568C6536A60A766D6EBB59EB1100D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: 987BDA153E5D21754E9E4FEB0C4D2D83
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: 80376AB18DF3C356E9498A52F14648E6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6898BDFDDE77EC7E2733F7BF9590BD7E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7EC28BAC03DA489E28786AABBA6AD7B8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 7D31A519978128F820755EE5BD2B8868
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: BEECBC1DD2FA4A5E314461F812F9B502
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 0D776E9459DBFAC63318DD23DF61CBF3
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: 0879700A9B3DCD13C330726AEF5A9684
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: D1856C9F69691A466A796E7ECA78B0AE
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: 1076F0B795F35D52AD1AECAF9A7A7079
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EBE1E055744453388B69C2FDFB5D2615
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FA7ECA8050B9690F8D27BD84CF5627D2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 72E02F4BFFE8D73A7408AF570065BD32
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 982DA91D1F1AB37EA4A46ADC0A2FEE89
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: 42822F7F8595146CEF27BA703629D0BB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A5BBD749839EE4587FED701FFA4BBAA5
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 30A944C32186C83E8268B107AF040B14
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: 87AD6C145762C133C2476857C1407686
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 08F80AF12DE8A148538498B8379AAE6E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: BB68880F133BE6EAE1B94D839E51AAD6
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: 6D3910AA8C212A2307F1B13AA136A6D6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C08E31B1E48D6F31753307C917B12094
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 786BED09F12F5D90D2928C7030CF1E94
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: 67EBE1D53DF1C7803608C27031B064F7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E206EF0945D8C2E7B462593B1B2F052B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 2AF034AA9023CFF5CB3587EC20A0C387
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: B473009C902C0014911879041444ADEF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F86BBB150A199E8FD92995C314498F20
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: BF1C39F19CE901A70FBBA8FE25555860
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html
Frame ID: DCDDE8B54738B7E0F2F069AF19FF1639
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CA33F6981F150BF0A524CF5C0D02082E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tnlink.in/6trZZaT HTTP 301
https://link.tnlink.in/6trZZaT HTTP 301
http://earnme.club/?link=6trZZaT HTTP 301
https://earnme.club/?link=6trZZaT Page URL
https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

238
Requests

93 %
HTTPS

51 %
IPv6

39
Domains

53
Subdomains

40
IPs

6
Countries

7262 kB
Transfer

21876 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://i%20have%20no%20websites%20bro/
Title: Sarbash

Search URL Search Domain Scan URL

URL: http://earn%20me.%20com/
Title: Saminda

Search URL Search Domain Scan URL

URL: http://rasik%20reo/
Title: Rasik

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

URL: https://mhthemes.com/
Title: MH Themes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tnlink.in/6trZZaT HTTP 301
https://link.tnlink.in/6trZZaT HTTP 301
http://earnme.club/?link=6trZZaT HTTP 301
https://earnme.club/?link=6trZZaT Page URL
https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://tnlink.in/6trZZaT HTTP 301
https://link.tnlink.in/6trZZaT HTTP 301
http://earnme.club/?link=6trZZaT HTTP 301
https://earnme.club/?link=6trZZaT

Request Chain 36

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 53

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dc4fc475d-b1c0-42cc-6c56-f9bbed00fd71%26reqId%3D46835a87-6902-4a6b-4f82-ccc65cbda0f9%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=5010540260737221063&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEFmFsrp54WOem5AVGuE4FRs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258

Request Chain 55

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dc4fc475d-b1c0-42cc-6c56-f9bbed00fd71%26reqId%3D46835a87-6902-4a6b-4f82-ccc65cbda0f9%26uc%3D2%26zdid%3D1258 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dc4fc475d-b1c0-42cc-6c56-f9bbed00fd71%26reqId%3D46835a87-6902-4a6b-4f82-ccc65cbda0f9%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=eaa09621-da52-4c0f-9991-21c19ab41bba&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258

Request Chain 56

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dc4fc475d-b1c0-42cc-6c56-f9bbed00fd71%26reqId%3D46835a87-6902-4a6b-4f82-ccc65cbda0f9%26uc%3D2%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dc4fc475d-b1c0-42cc-6c56-f9bbed00fd71%26reqId%3D46835a87-6902-4a6b-4f82-ccc65cbda0f9%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=75155309225091601483735078058774488428&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258

Request Chain 57

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=I2IGvsgljKnFDwuohQ2sObEbS6AwJ4p3%2BS41iYitP1U%3D

Request Chain 58

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dc4fc475d-b1c0-42cc-6c56-f9bbed00fd71%26reqId%3D46835a87-6902-4a6b-4f82-ccc65cbda0f9%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=f05b611d-238f-4100-9a4b-69cb76acb2c9&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258

238 HTTP transactions
-14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
earnme.club/
Redirect Chain

https://tnlink.in/6trZZaT
https://link.tnlink.in/6trZZaT
http://earnme.club/?link=6trZZaT
https://earnme.club/?link=6trZZaT

2 KB
2 KB

415ms
393ms

Document
text/html

2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/?link=6trZZaT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 292d4b5420e4fb37a51631f33b0cee8869a0a36404c8260ce123827446f2cd1c

Request headers

:method: GET
:authority: earnme.club
:scheme: https
:path: /?link=6trZZaT
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:18 GMT
content-type: text/html; charset=UTF-8
link: <https://earnme.club/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pag0ORj3F353VAdQ70Q2zsVnugnzJXPNGI3Ov1q5dsD7bzD92MlenOw7B6kcsn41uFFBAGcolA0ousd959Xth%2BWLCeS3oq12dkWaKEtb28sVJKvykmtTqesxd878Hp07zs8rVfpYScZdyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 680c15d9693adff7-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Wed, 18 Aug 2021 15:13:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 18 Aug 2021 16:13:18 GMT
Location: https://earnme.club/?link=6trZZaT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imHNtqtMkcSG0QeMflRrXMxg7IZOvFTrRIA3HvqVIfNMYUYo1%2F3zvFJ0mQxBX1FCwhLb5O9Htayj1TQSHZJLM9WPUynwJmVetYtrLp6M3eIxLg%2B%2BU2DVpOFHJNx3uVfQzgoCvnqd8X2S%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 680c15d92dbd05bf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 fuckadblock.js
earnme.club/wp-content/plugins/wp-safelink-v3/assets/ 6 KB
2 KB 30ms
15ms Script
application/javascript 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/plugins/wp-safelink-v3/assets/fuckadblock.js
Requested by: Host: earnme.club
URL: https://earnme.club/?link=6trZZaT
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /wp-content/plugins/wp-safelink-v3/assets/fuckadblock.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: earnme.club
referer: https://earnme.club/?link=6trZZaT
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/?link=6trZZaT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3087
cf-polished: origSize=7171
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 17 Dec 2020 11:29:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yoDKKZefzsmGaosH28KeQf48mAD7u8u7tZQNKtpOi4ynMBDbRS%2BEE2fUKdOJzzVj0jD4K7P%2BXJNCTPLRCRFgLmUXhff0UfIf5fkbjIjEaMDrVY9nndsDc12yPmMQapqG%2B4ANeLRbX3f%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 680c15dc1df73258-FRA
cf-bgj: minify

POST
H3-29 200 Primary Request / Show response
earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/ 36 KB
11 KB 401ms
396ms Document
text/html 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071bb2e3c8516e772831b3085348e451b060e85f2026300f1a1d168aef923732

Request headers

:method: POST
:authority: earnme.club
:scheme: https
:path: /battlegrounds-mobile-shares-with-chinese-servers-issue/
content-length: 804
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://earnme.club
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://earnme.club/?link=6trZZaT
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://earnme.club
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/?link=6trZZaT

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://earnme.club/xmlrpc.php
link: <https://earnme.club/wp-json/>; rel="https://api.w.org/" <https://earnme.club/wp-json/wp/v2/posts/169>; rel="alternate"; type="application/json" <https://earnme.club/?p=169>; rel=shortlink
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2wVgiUpJ51zci27QtutFtNCscdFzaq9g2FTI19enRZ%2B2gy98N%2FwLtsJSKlv%2BYMKXTBGdwgaMIDGOhcwfIt1uN4uZp76T28WvXzVMUbV89yGy%2B7E4BD7roGo2hiz4UtGbYTW3P7l7SOqtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 680c15dc0df63258-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 style.min.css
earnme.club/wp-includes/css/dist/block-library/ 53 KB
8 KB 15ms
14ms Stylesheet
text/css 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/css/dist/block-library/style.min.css?ver=5.5.5
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.5.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 18:00:38 GMT
server: cloudflare
age: 3087
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBErUo9I8IZgUHMKrpdtKuakZgRLpHKBaBiRpkKzcdNVMPBWB6JXZoKo6grrYX%2Fknx27QwllhFlDEGaWYFnxz83OGzyhVVhvhMSVoZ5htEZKtOTK2QVFefNy1OQO9dLgUBcBga6ZjJo6ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 680c15de9a643258-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 38ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Requested by

Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34b4f46a1278a287eecbab8897310844ce3e7969e3561745f6d3d6e5bbc000e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 13:58:16 GMT
server: ESF
date: Wed, 18 Aug 2021 15:13:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Aug 2021 15:13:19 GMT

GET
H3-29 200 style.css
earnme.club/wp-content/themes/mh-magazine-lite/ 37 KB
8 KB 22ms
21ms Stylesheet
text/css 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.0
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c013d3fb73112b051523c0798ab7ec22c3120ffb2742b4c9b45e6ca0fd1f9f7

Request headers

:path: /wp-content/themes/mh-magazine-lite/style.css?ver=2.9.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3087
cf-polished: origSize=45583
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 20 Jun 2021 14:26:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYNFwp5j4JbKcUDEATFcfGjJ4i%2Bq83H6QHmzIjwDxmxmT%2FabmmDOXivtHLoX20GWdcfXphApfg70rsGgHJeyBUZ3kb%2BL4M6dl20jisz1go2o8%2F9eB%2F0jW6xilQbpuP4oHev3rPopsV%2BPnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 680c15de9a683258-FRA
cf-bgj: minify

GET
H3-29 200 font-awesome.min.css
earnme.club/wp-content/themes/mh-magazine-lite/includes/ 30 KB
7 KB 16ms
15ms Stylesheet
text/css 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

:path: /wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Jun 2021 14:26:21 GMT
server: cloudflare
age: 3087
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjqHseExJaNtmHPFh6YB9TCt%2B28TbxBDB%2FzJ8he7%2BYAAn%2FMhRCzgJvHsU7eLUET1Ox75lDf2OGE5rw2Smzq6pzJ3yM6CZaI1v3lSdwBJarHuOWeRqa4llSgYoVinjuE75fErH2VpJO814Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 680c15de9a6d3258-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 jquery.js Show response
earnme.club/wp-includes/js/jquery/ 95 KB
35 KB 27ms
26ms Script
application/javascript 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3087
cf-polished: origSize=96873
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rEtf19IA%2FwzT3uGC1wUQr8HuNvz%2FwY0kSh1yZFca2Nsefyk%2BkHzROSQSLfCYHBFqc64R6p%2BdPv7NBEM84VrUh1Cedvs9KvdYjZ1J3sTHimbb%2BVGVU8wZSYvurzbuBykz7DwPgu2e%2FORIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 680c15de9a6e3258-FRA
cf-bgj: minify

GET
H3-29 200 scripts.js Show response
earnme.club/wp-content/themes/mh-magazine-lite/js/ 36 KB
12 KB 22ms
21ms Script
application/javascript 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.0
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce57bd0fa2624bc5eac3701da8c04e315f177fc440ef4a9f46bb0699f942c34

Request headers

:path: /wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4858
cf-polished: origSize=37321
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 20 Jun 2021 14:26:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRTS4nqC24U6wJ%2BeL3xGzeqggF%2FC%2F4Jv4C82%2FEeTf7XBm1RZfFBJjkRurWoE%2BYm8mPZuFfGvExwYiZtz%2F3Oh8LK3BellNddQQfU2%2Bfq42%2BDJCI5EXdPPASyS8ZN8iJW2lgbnC7eE0VkV3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 680c15de9a713258-FRA
cf-bgj: minify

GET
H/1.1 200
OK spt Show response
tg1.modoro360.com/api/adserver/ 18 KB
6 KB 55ms
18ms Script
text/javascript 2a02:26f0:6c00::210:bb99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=6114dc90d1bead46fe092d17&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 88275a8fa9bdbc6bbc76ea8da55ead3ba88a5934b434a90b7242cc05b22d0f58

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 15:13:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 5194
Expires: Wed, 18 Aug 2021 15:18:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y

Requested by

Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ca80befda3fc0a1aa6ef5e9039e064f5132e549b068ef54bd1726cc6b4ddc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51562
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:19 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 72 KB
25 KB 198ms
105ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

47478a31d73e4d80cb4971f181c07bb5134fc3dd9a84af930cdbaae5ed525fdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "962 / 71 of 1000 / last-modified: 1629284901"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25204
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:19 GMT

GET
H3-29 200 wp-emoji-release.min.js Show response
earnme.club/wp-includes/js/ 14 KB
5 KB 13ms
13ms Script
application/javascript 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Jun 2021 14:24:54 GMT
server: cloudflare
age: 3087
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpsWXJPC%2BiZiyRnxymzK4XM4QfbOFr6ULs14ok2YThpfsEb6ByssoQ0KYq48rFEGzskv9nGJAhhnd2F5qy9hZ7wPd0zCqs5ZpiGNgsdj6l7kOItVDWgmhlHvKaENDvoHuTCZM5A%2FWODHqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 680c15deeb103258-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 52ms
15ms Script
application/javascript 2600:9000:2190:9400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9358f222ba40b683e83f1705f68d251bf6002d597f38707e59abef418d6dfc37

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
last-modified: Tue, 22 Dec 2020 18:58:46 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"ba5d12764ba6d8c6ecc9135d06608e70"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: mb-bKqaKt7trmqkJeID0tuvswb_thZd9KAnjHP0Y2gqSQn8yWQipfQ==

POST
H2 204 collect
www.google-analytics.com/g/ 0
71 B 13ms
13ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y&gtm=2oe8g0&_p=296508162&sr=1600x1200&ul=en-us&cid=665174655.1629299599&_s=1&dl=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dr=https%3A%2F%2Fearnme.club%2F%3Flink%3D6trZZaT&dt=Battlegrounds%20Mobile%20Shares%20with%20Chinese%20Servers%20Issue%20%E2%80%93%20Tech%20One&sid=1629299599&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 15:13:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 240 KB
58 KB 27ms
6ms Script
application/javascript 2a02:26f0:6c00::210:bb91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=6114dc90d1bead46fe092d17&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: ddf5e545fd7eeec5f9bad1260cf250e3a119bd8225e376ba197bbb9fe4872aa1

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdv_sINnj3pcgzLSEe3EOf1XswmDXxAwtymeh6tTwQw9I1AV266-BbQiDXwZ5eaQCLz1OSPR6aqyjejYvc-crjgh_fXofw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 58385
last-modified: Tue, 03 Aug 2021 12:29:36 GMT
server: UploadServer
etag: "a238e83145db8cc8824475a857364681"
vary: Accept-Encoding
x-goog-hash: crc32c=h6g+Zg==, md5=ojjoMUXbjMiCRHWoVzZGgQ==
content-language: en
x-goog-generation: 1627993776820377
cache-control: public, max-age=300
x-goog-stored-content-length: 58385
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 18 Aug 2021 15:18:19 GMT

GET
H2 200 track
servt.modoro360.com/ 0
70 B 367ms
117ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?pid=6114dbdb1f8b0669e215b7e4&cid=6114dbec10453b5f0e60bac4&cb=1629299599240&r=earnme.club&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&e=playerLoaded
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 wai.png
earnme.club/wp-content/uploads/2020/12/ 2 KB
3 KB 15ms
14ms Image
image/png 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://earnme.club/wp-content/uploads/2020/12/wai.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 806452f1b480eeeadffcc371cb695fc34d6accba5ebaab95fe8c7b50d8d6061b

Request headers

:path: /wp-content/uploads/2020/12/wai.png
pragma: no-cache
cookie: _ga=GA1.1.665174655.1629299599; _ga_LY1N2M6E7Y=GS1.1.1629299599.1.1.1629299599.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
cf-cache-status: HIT
last-modified: Sun, 20 Jun 2021 14:35:08 GMT
server: cloudflare
age: 6521
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkMD%2B7QGzHBhMqOlGrW29%2FKvh0jwd7MzJpSAsBVb%2F4k6kIZqNDUlqBE3nA8FurTJG9p4Nnr9TkdSneQbhGIgZWzh1s5pF9QaGiMRwCgm9ypVtItwyLlo9I%2FQcLbfEz5td4vP6O6lJDr1Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 680c15df4ba23258-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2178

GET
H3-29 200 980180-pubg-battlegrounds-india-678x381.jpg
earnme.club/wp-content/uploads/2021/06/ 55 KB
56 KB 15ms
14ms Image
image/jpeg 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://earnme.club/wp-content/uploads/2021/06/980180-pubg-battlegrounds-india-678x381.jpg
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3af7764a8736aca1bb0b51f2bea228a344a1aefce9a04c8d4b68b2758588e2ae

Request headers

:path: /wp-content/uploads/2021/06/980180-pubg-battlegrounds-india-678x381.jpg
pragma: no-cache
cookie: _ga=GA1.1.665174655.1629299599; _ga_LY1N2M6E7Y=GS1.1.1629299599.1.1.1629299599.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
cf-cache-status: HIT
last-modified: Wed, 23 Jun 2021 13:24:35 GMT
server: cloudflare
age: 2442
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Di1exo%2BQFJLYBxtx8GzOeHu0Oa4uUbPaUKx43YWdK3WG3dXlDYPXpq%2F6sfds0mB47tzvTuNjRvxKuZiM0Pt0MkJesikJIUOJIwB%2F%2ByQa1ULtJLDSXxLlEJxzAozg%2BIOlhKeO9wYZzlmjzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 680c15df4ba43258-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 56799

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 91ms
28ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=16
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 19 Aug 2021 15:13:19 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 101 KB
14 KB 107ms
44ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79247&formatId=16
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 5363d0d723ef689558ef89ce2a0a30f58bdf30d571aa79ccb764d1a005b3fa98

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 19 Aug 2021 15:13:19 GMT

GET
H3-29 200 tg.png
earnme.club/wp-content/uploads/2020/12/ 2 KB
3 KB 14ms
14ms Image
image/png 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://earnme.club/wp-content/uploads/2020/12/tg.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db0c5a52f4b6afff48b7539fa61041a99ad04208363b200833d38688a6678dd

Request headers

:path: /wp-content/uploads/2020/12/tg.png
pragma: no-cache
cookie: _ga=GA1.1.665174655.1629299599; _ga_LY1N2M6E7Y=GS1.1.1629299599.1.1.1629299599.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
cf-cache-status: HIT
last-modified: Thu, 03 Jun 2021 13:37:58 GMT
server: cloudflare
age: 6520
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6Na5ocg6tf6B5AImRHF7yQXvpZn4bp0Y13dYfVPrmaqCPhjZlitncf76r%2BEuX%2B9kd8uX3k1NCpZzeNtf8DeYsnS0fRzD7EhmLyAMdgyBYaLJ6DcmteA%2Fe0H%2F9g4XPrlUZuLsKx9D2VPfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 680c15df4ba63258-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2178

GET
H3-29 200 fuckadblock.js Show response
earnme.club/js/ 6 KB
2 KB 21ms
21ms Script
application/javascript 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/js/fuckadblock.js
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5aea6792c807cf687f4c33074139aabbafb9af1d0b61e6b41dbe7cae8a64d7a

Request headers

:path: /js/fuckadblock.js
pragma: no-cache
cookie: _ga=GA1.1.665174655.1629299599; _ga_LY1N2M6E7Y=GS1.1.1629299599.1.1.1629299599.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6521
cf-polished: origSize=7171
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 17 Dec 2020 11:23:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpJmQeJsIJzQ0Kb%2F6jBvFNnm94eo5kyHerfDS%2BKud3rmy1bcauH0zHBNKCf7sn3pWbjTn9TI8%2Fo%2BCosUE9rM6FWYilgmjyqbW0saxYE0qJ1V6oRkwMsoxWvD%2FehaTgoW8eRif3Vo1FbkhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 680c15df4ba53258-FRA
cf-bgj: minify

GET
H3-29 200 comment-reply.min.js Show response
earnme.club/wp-includes/js/ 3 KB
2 KB 22ms
21ms Script
application/javascript 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/comment-reply.min.js?ver=5.5.5
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.5.5
pragma: no-cache
cookie: _ga=GA1.1.665174655.1629299599; _ga_LY1N2M6E7Y=GS1.1.1629299599.1.1.1629299599.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Jun 2021 14:24:54 GMT
server: cloudflare
age: 3087
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkxwwHeR4JmB196OonFS1j7uuWGhHqri6giu32%2BNKXTV%2BFFcywk6vgWFAkey6aApQtIKlvR%2F6xtDP7eEftzwZMs%2Bm%2BDgknxsJA5awoOj2Fv%2FJaf2A9ksRz7PZsSXFhBECVhuarS0Kyz1Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 680c15df4ba83258-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 wp-embed.min.js Show response
earnme.club/wp-includes/js/ 1 KB
1 KB 22ms
22ms Script
application/javascript 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/wp-embed.min.js?ver=5.5.5
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.5.5
pragma: no-cache
cookie: _ga=GA1.1.665174655.1629299599; _ga_LY1N2M6E7Y=GS1.1.1629299599.1.1.1629299599.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Jun 2021 14:24:54 GMT
server: cloudflare
age: 3087
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6RMm8%2Bhh%2FTyew89wiE%2FZj8peW3hDxOjJRWE8kltI7C7IzYdiBuskPEpV%2BLjkY0WupULKA21Dbp6mykPW7yIVo%2BievPdF2N%2Bny3wx7658HSRmhkyb7H80ogw6XfF5Ei7AfMe8oVpK0KKxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 680c15df4ba93258-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
15 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://earnme.club
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:29:17 GMT
x-content-type-options: nosniff
age: 139442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:29:17 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://earnme.club
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:27 GMT
x-content-type-options: nosniff
age: 139252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:27 GMT

GET
H3-29 200 fontawesome-webfont.woff2
earnme.club/wp-content/themes/mh-magazine-lite/fonts/ 75 KB
76 KB 18ms
18ms Font
font/woff2 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: earnme.club
URL: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode: cors
origin: https://earnme.club
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.1.665174655.1629299599; _ga_LY1N2M6E7Y=GS1.1.1629299599.1.1.1629299599.0
:path: /wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: earnme.club
referer: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://earnme.club
Referer: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
cf-cache-status: HIT
last-modified: Sun, 20 Jun 2021 14:26:21 GMT
server: cloudflare
age: 3087
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVyiPcPzWOxTnyrqOM2%2FerVxSi4OpoMLF0ObLA7smB2MVHr05%2FMH3s3JitJnXbYsZMnxXcP38SgL3eDoMFQ85i8NUq035679MBEDqxqW8W2lxJOkei%2BHf315mNYh0QHn2bQ2MNEelmPL0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 680c15df5bb33258-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160

GET
H3-29 200 5f3d70804fef2b0d18646dd7b7f1c359_feat-80x60.jpg
earnme.club/wp-content/uploads/2021/06/ 3 KB
3 KB 14ms
13ms Image
image/jpeg 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://earnme.club/wp-content/uploads/2021/06/5f3d70804fef2b0d18646dd7b7f1c359_feat-80x60.jpg
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f255403630c2aac3427aa6b00ab5ec9090b684106572476531160091240a4b

Request headers

:path: /wp-content/uploads/2021/06/5f3d70804fef2b0d18646dd7b7f1c359_feat-80x60.jpg
pragma: no-cache
cookie: _ga=GA1.1.665174655.1629299599; _ga_LY1N2M6E7Y=GS1.1.1629299599.1.1.1629299599.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
cf-cache-status: HIT
last-modified: Wed, 23 Jun 2021 12:26:34 GMT
server: cloudflare
age: 7055
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irzVddB7xhRrGtIpsJnu%2FAk%2FNJny6fRutRw%2BuVoa8hzyR9EQnlspRlzB0TFRx%2B4Q3HuWzCdBT%2FTL96yzbW8FU5ioKXPflorwaQKXJbhe7330sFdh292U21VWdJqTEaBcCAZrG0qyX2DXWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 680c15dfcc603258-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2702

GET
H3-29 200 X-T30_DSF4443_678x452-80x60.jpg
earnme.club/wp-content/uploads/2021/06/ 2 KB
3 KB 20ms
20ms Image
image/jpeg 2606:4700:3036::6815:2aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://earnme.club/wp-content/uploads/2021/06/X-T30_DSF4443_678x452-80x60.jpg
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:2aa6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 722751dd1491aac555f90f3d89607a36c50bdd273a935cff85313f083f2a33e9

Request headers

:path: /wp-content/uploads/2021/06/X-T30_DSF4443_678x452-80x60.jpg
pragma: no-cache
cookie: _ga=GA1.1.665174655.1629299599; _ga_LY1N2M6E7Y=GS1.1.1629299599.1.1.1629299599.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: earnme.club
referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
cf-cache-status: HIT
last-modified: Wed, 23 Jun 2021 13:28:31 GMT
server: cloudflare
age: 2441
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sbh6N%2FNLmHav3718eKbqsK8mdGMe5IU0xZl97sggqnkaixc%2FzjN3hiDyfu8OCNIY8F2zfk8glhvU%2FZubYXUQYSgPI96UCXeKckgAQd8WjtS3qJtIpuQvgalnZ80D4SU029t9NY0zddcZEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 680c15dfcc653258-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2531

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 266 KB
67 KB 23ms
23ms Script
text/javascript 2600:9000:2190:9400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:02 GMT
content-encoding: br
age: 36
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:37 GMT
server: AmazonS3
etag: W/"1d55b13d85c9837da884d1e8594cc025"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: rJ-9c7f9FtXNY5OMUsH3qYxdfhhE5ST397VEGfrhP9MEClLlpdXDOQ==

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 15 KB
15 KB 182ms
66ms Image
image/x-icon 141.95.4.196
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 141.95.4.196 , France, ASN16276 (OVH, FR),
Reverse DNS: ip196.ip-141-95-4.eu
Software: /
Resource Hash: fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 15:13:19 GMT
X-Openstack-Request-Id: tx9d8723b7815d482a97dbc-00611d238f
Last-Modified: Sun, 31 Jan 2021 12:57:34 GMT
X-Trans-Id: tx9d8723b7815d482a97dbc-00611d238f
Etag: 7bf4f6782dee3b520a65ff84286e3691
Content-Type: image/x-icon
X-Timestamp: 1612097853.12655
Accept-Ranges: bytes
Content-Length: 15086

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 7D66 344 KB
98 KB 20ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d4fd70934ff0f5ee1d0532a77b78824aa035865292c57d5f86baf08694cd03cc

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtPqR2ibDBT2iI2NCxGU-xY58YWtBLap4lv0co7ug0Aav5WiDPzL9kpaUiBj_F5QvBlOmXKko0n5LVv5PPVi4Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99517
last-modified: Wed, 11 Aug 2021 15:29:34 GMT
server: UploadServer
etag: "ab1fcec5662af2cb034c8af0788d2e0a"
vary: Accept-Encoding
x-goog-hash: crc32c=qrX52Q==, md5=qx/OxWYq8ssDTIrweI0uCg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1628695774006555
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99517
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 18 Aug 2021 15:18:19 GMT

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ 26 B
271 B 212ms
85ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: bd63b8f0f7ca2f0cfffab88049d3fdee89162fdfa11b80c64f122415dc6acb7e

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 15:13:19 GMT
Server: nginx
X-IPLB-Request-ID: B9ECCB4C:D07A_91EFC191:01BB_611D238F_4A3F370:27B7E
X-IPLB-Instance: 29821
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 32ms
32ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: nginx
etag: "604b9fc7-981e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16267
expires: Thu, 19 Aug 2021 15:12:42 GMT

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

71 KB
21 KB

51ms
10ms

Script
application/x-javascript

2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fbc18d8db6012565449eef0a113333f5b8d04c86bd3b3492439b9907fc7f5ad6

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 15:13:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Aug 2021 08:07:38 GMT
Server: AkamaiNetStorage
ETag: "e8f732091957bed1c7bcdd3debf0feba:1628755660.913415"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21457

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Wed, 18 Aug 2021 15:13:18 GMT
content-length: 0

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 240ms
97ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=79247&f=16&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79247&formatId=16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 18 Aug 2021 15:13:19 GMT
Server: nginx
X-IPLB-Request-ID: B9ECCB4C:7C88_36264064:01BB_611D238F_4A69134:26A34
X-IPLB-Instance: 38432
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
362 B 79ms
24ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79247&formatId=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 18 Aug 2021 15:13:19 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1647
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 4 KB
4 KB 158ms
39ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79247&formatId=16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8da935c18168ab5561137d875449b7b5b4e38ec854c5f3d2296823cf0b93a3f9

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 15:13:19 GMT
Last-Modified: Mon, 31 May 2021 09:07:48 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: B9ECCB4C:3174_91EFC0A6:01BB_611D238F_446D067D:260F1
ETag: "60b4a764-10b7"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4279

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 3E96 2 KB
823 B 106ms
35ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1629299599385

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79247&formatId=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1629299599385
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame 1528 2 KB
1 KB 53ms
33ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79247&formatId=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2eec0a17ceff950d3a14f07356a795a80b42dea59c9e2d81922c982f94d5878

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://earnme.club
set-cookie: zc=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%A8P%A5%E4%BDZ%FE%A9ypR%22L7%CA%1A%A0q%21%BC%FF%9DD%3Bdm%F5%85%E0%BA%FB%14W3%9D%80%2F%E1%08%C6%86%B9%DF4%D1%229%89%AB%C3%CD%07%EDe%D1%CB%A1%2FC%97b%23%AE%DF%E1%F5A%0D%E8%C9S%3DJ%08_%E4W%5D%D0%C7%96%1AN%A5%9D%A2%E3%FE%BCG%B9%3A%0B%1C%FD%C4%F7%B2%9F%9E%0D%C8%40%FC%25; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 680c15e04a160742-FRA
content-encoding: br

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 26ms
7ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79247&formatId=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 25 Aug 2021 15:13:19 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12761/ 3 KB
3 KB 234ms
52ms Script
application/javascript 54.246.143.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12761/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79247&formatId=16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.143.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-143-132.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3a40c2004b3607e3715e0cf21311000332cf42259eb349df53676f1c3389e747

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 15:13:19 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 3010
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 6f803b36-0c37-4e39-a253-2d39499e0e11 Show response
boot.pbstck.com/v1/tag/ 1 KB
968 B 140ms
120ms Script
application/javascript 2606:4700:10::ac43:1997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/6f803b36-0c37-4e39-a253-2d39499e0e11
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79247&formatId=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d5e6735264dd15a8c13338997941d1725811db834df6403abfb16f8b1d945a9

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: private,max-age=120
cf-ray: 680c15e05f4005b3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 132ms
42ms Script
text/javascript 13.224.89.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79247&formatId=16
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-192.zrh50.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 17 Aug 2021 19:05:58 GMT
Via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 72441
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: lnmUSijl6bw4N-kQ5mWmtcBeagV6i6-PHXOzQSx_7lYA2ExnN9EYMw==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 582ms
512ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79247&formatId=16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 15:13:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Aug 2021 15:10:29 GMT
Server: Apache
ETag: "9018d4-930b-5c9d6d5bd9323"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Wed, 18 Aug 2021 16:13:19 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid4_40/build_rb/dist/ 551 KB
171 KB 32ms
31ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid4_40/build_rb/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79247&formatId=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f6901c061a53e9a128e0c75521a58d3086ea8fb16e3b49f82a59f4e9b35aa38

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 09:49:09 GMT
server: nginx
etag: "611b8615-89aca"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 175051
expires: Thu, 19 Aug 2021 15:12:45 GMT

GET
H3-29 200 pubads_impl_2021081201.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 107ms
55ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

01e51940762b45561e5a0c1ea5e5ad122f4c732178d0cb428f8f4409030efb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 08:42:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117424
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:19 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 138 B
127 B 108ms
55ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1005904ed58effec20fe3eebe0156d6c53a08ce7a4f64ae1106821a4308a9e4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:19 GMT

GET
H2 200 track
servt.modoro360.com/ 0
71 B 119ms
117ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=400&he=300&test=&apppkg=&fv=1&proto=https&pid=6114dbdb1f8b0669e215b7e4&cid=6114dbec10453b5f0e60bac4&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&e=inventory&vi=100&cb=1629299599489
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 49ms
21ms Script
application/javascript 2600:9000:2190:4400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:18:43 GMT
content-encoding: gzip
age: 3277
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 3rxplspyFhA1aXplQREstDnnxO5Gw4_1TGZt-Ve1h2D01-4nwtyFQw==

GET
H2 200 / Show response
serv.modoro360.com/api/adserver/tag/ 14 KB
2 KB 386ms
127ms XHR
application/json 54.83.70.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=6114dc90d1bead46fe092d17&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&AV_CHANNELID=6114dbec10453b5f0e60bac4&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=1&AV_TAG=6114dc90d1bead46fe092d17&AV_TEMPLATE=6049d3f140d88e45f4252456&v=6.1.1.243&avtoken=599488&AV_WIDTH=400&AV_HEIGHT=300&AV_DNT=0&cb=1629299599588
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.70.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-70-249.compute-1.amazonaws.com
Software: /
Resource Hash: e2e2137f91906b27bbf7fce480ec250e1cebac3fa996c4e3ee192bd3c9acd85c

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
cache-control: no-cache
access-control-allow-credentials: true
expires: Sat, 07 Aug 2021 01:26:39 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1528
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dc4fc475d-b1c0-42cc-6c56-f9bbed00fd71%2...
https://mwzeom.zeotap.com/mw?adnxs_uid=5010540260737221063&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258

95 B
153 B

25ms
24ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=5010540260737221063&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 680c15e2cf430742-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 15:13:19 GMT
X-Proxy-Origin: 185.236.203.76; 185.236.203.76; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5bc2c1b3-ef39-4fa1-a482-6f3dd5fc7cff
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=5010540260737221063&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1528
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2...
https://mwzeom.zeotap.com/mw?google_gid=CAESEFmFsrp54WOem5AVGuE4FRs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc...

95 B
153 B

18ms
17ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEFmFsrp54WOem5AVGuE4FRs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 680c15e318000742-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 15:13:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEFmFsrp54WOem5AVGuE4FRs&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 450
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1528
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dc4fc475d-b1c0-42cc-6c56-f9bbed00fd71%26reqId%3D46835a87-6902-4a6b-4f82-ccc65c...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dc4fc475d-b1c0-42cc-6c56-f9bbed00fd71%26reqId%3D46835a87-6902-4a6b-4f82-ccc65c...
https://mwzeom.zeotap.com/mw?cid=eaa09621-da52-4c0f-9991-21c19ab41bba&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc...

95 B
153 B

34ms
34ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=eaa09621-da52-4c0f-9991-21c19ab41bba&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 680c15e3180f0742-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 15:13:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=eaa09621-da52-4c0f-9991-21c19ab41bba&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 449

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1528
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=75155309225091601483735078058774488428&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f...

95 B
153 B

30ms
30ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=75155309225091601483735078058774488428&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 680c15e328440742-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-2-v012-0a68183d3.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: wlvLHb/uTWc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=75155309225091601483735078058774488428&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1528
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=I2IGvsgljKnFDwuohQ2sObEbS6AwJ4p3%2BS41iYitP1U%3D

95 B
164 B

19ms
18ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=I2IGvsgljKnFDwuohQ2sObEbS6AwJ4p3%2BS41iYitP1U%3D
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 680c15e27e860742-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 15:13:19 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=I2IGvsgljKnFDwuohQ2sObEbS6AwJ4p3%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 1528
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3Dc4fc475...
https://mwzeom.zeotap.com/mw?cid=f05b611d-238f-4100-9a4b-69cb76acb2c9&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc6...

95 B
153 B

36ms
35ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=f05b611d-238f-4100-9a4b-69cb76acb2c9&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 680c15e27e870742-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

Date: Wed, 18 Aug 2021 15:13:19 GMT
Server: MT3 3842 1127766 master cdg-pixel-x11
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=f05b611d-238f-4100-9a4b-69cb76acb2c9&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 18 Aug 2021 15:13:15 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame 1528 541 B
474 B 30ms
29ms Script
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73b9da7b7330a97578bdaf0c871defb83d7557c86c67a9b7eed0461d83cb4b43

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 680c15e17c750742-FRA
date: Wed, 18 Aug 2021 15:13:19 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H2 200 monitoring-828a61c.js Show response
cdn.pbstck.com/ 176 KB
50 KB 51ms
24ms XHR
application/javascript 2606:4700:10::6816:15d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/monitoring-828a61c.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/6f803b36-0c37-4e39-a253-2d39499e0e11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:15d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a86dbfb7f9f2d4045eeab9b87306fff6803d2a643bda41bdf56b360545fda0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 172101
x-guploader-uploadid: ADPycdstiOLaDDIazBfgoKZL4wDzg0CN7fTom8K2Nyai6y9ANkcKwyfuuYmPC7iRaIJtbnx1n3NT4pmayOnlroAAlu3DxRNnjw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 22 Jul 2021 13:27:00 GMT
server: cloudflare
etag: W/"dc2515da4d840da4e92aa8ebbf0be50c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=NvqwTw==, md5=3CUV2k2EDaTpKqjrvwvlDA==
x-goog-generation: 1626960420547908
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800, immutable
x-goog-stored-content-length: 49441
cf-ray: 680c15e1a83d05ed-FRA
expires: Mon, 23 Aug 2021 15:12:31 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 18:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 18:10:59 GMT

GET
H2 204 cmp
spl.zeotap.com/ Frame 1528 0
0 34ms
34ms Document
text/plain 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&id_mid_4=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71&reqId=46835a87-6902-4a6b-4f82-ccc65cbda0f9&uc=2&zdid=1258&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=c4fc475d-b1c0-42cc-6c56-f9bbed00fd71; zsc=%A8P%A5%E4%BDZ%FE%A9ypR%22L7%CA%1A%A0q%21%BC%FF%9DD%3Bdm%F5%85%E0%BA%FB%14W3%9D%80%2F%E1%08%C6%86%B9%DF4%D1%229%89%AB%C3%CD%07%EDe%D1%CB%A1%2FC%97b%23%AE%DF%E1%F5A%0D%E8%C9S%3DJ%08_%E4W%5D%D0%C7%96%1AN%A5%9D%A2%E3%FE%BCG%B9%3A%0B%1C%FD%C4%F7%B2%9F%9E%0D%C8%40%FC%25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map

Response headers

date: Wed, 18 Aug 2021 15:13:19 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 680c15e1bcec0742-FRA

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 3 KB
1 KB 100ms
100ms Script
application/javascript 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=412339&pgid=1384643&fmtid=26326&async=1&visit=m&tmstp=7900714977&tag=sas_26326&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ww1097.smartadserver.com
URL: https://ww1097.smartadserver.com/config.js?nwid=1097
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: d7fcc43e5d2d0091ae14f9a8ea2f8a4da1fc25da861b5c8da37e50854cdbaa1e

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 15:13:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 3%3b5%3b60
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 8698524
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
522 B 213ms
51ms XHR
application/x-javascript 54.217.215.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.215.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-215-116.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 15:13:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Aug 2021 15:13:19 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ 14 KB
4 KB 29ms
28ms Script
application/x-javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: earnme.club
URL: https://earnme.club/?link=6trZZaT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
age: 27079
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: xGwtkNInlRcv+BftfQzNx7V+sYX5epOsUyaQ/5/HnZ+qbh4hyEkfZ3+QLNo4CuZNZDaH5II4klQ=
x-served-by: cache-fra19162-FRA
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-timer: S1629299600.771474,VS0,VE0
date: Wed, 18 Aug 2021 15:13:19 GMT
vary: Accept-Encoding
x-amz-request-id: RKWMB46B808DBZ5E
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/x-javascript
abp: 36
x-cache-hits: 8977

GET
H/1.1 200
OK aip
eqx.smartadserver.com/h/ 43 B
270 B 123ms
44ms Image
image/gif 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eqx.smartadserver.com/h/aip?uii=233168058494983357&tmstp=7900714977&ckid=0&pubid=5&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d1050%3b%24qt%3d100_3040_80338t%3b%24dma%3d0%3b%24b%3d16890%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d10%3b%24wpc%3d163%3b%24wpc%3d817%3b%24wpc%3d111%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d1273&acd=1629299599719&envtype=0&hol_cpm=0&opid=29892ceb-54e7-4d74-a7a0-aae98cf23e7a&opdt=1629299599718&siteid=412339&tgt=%24dt%3d1t&gdpr=1&visit=V&statid=19&imptype=0&pgDomain=https%3a%2f%2fearnme.club%2fbattlegrounds-mobile-shares-with-chinese-servers-issue%2f&capp=0&mcrdbt=1&insid=8698524&imgid=0&pgid=1384643&fmtid=26326&isLazy=0
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 15:13:19 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame 0687 1 MB
231 KB 28ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: daf1ad1413a040a5a266083475ed3596fe4929d856437dd7e68fbb2227e60387

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Uh2fCV8EGBAaolSSU5VoyZio7VwzdgMi
content-encoding: gzip
etag: "10b13485e8b0b8470d8453c0011a8949"
age: 25469
x-cache: HIT
content-length: 236566
x-amz-id-2: VmR/wjWTvrwOrCklGDGrTP7fdq2tqJvkuBPLngsrYAd8cvU41D0VTCuTA2wVHc7bA8ffYAoZ8lo=
x-served-by: cache-fra19162-FRA
last-modified: Wed, 18 Aug 2021 08:08:29 GMT
server: AmazonS3
x-timer: S1629299600.824679,VS0,VE0
date: Wed, 18 Aug 2021 15:13:19 GMT
vary: Accept-Encoding
x-amz-request-id: KVPSP2S19HN626SC
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 56
x-cache-hits: 13275

GET
H2 200 impl.20210817-13-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 0687 526 KB
117 KB 29ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210817-13-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 7957504f907ffedfc0d7ec27f93664a47d4d36b36ece1386e74492f753d24025

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: TUSbl2l40svWfFlJVwXYPuHPAYztwB_9
content-encoding: br
etag: "01b707a86593ca856ebf2a0f0e6660df"
age: 1217
x-cache: HIT
content-length: 119131
x-amz-id-2: SJFl3emlXaODWt+FNX9JGwX4194FWDOq8QH092XapRhZ7G1it8VYVpihCOnA9OwTQVpjvnfZKns=
x-served-by: cache-fra19162-FRA
last-modified: Tue, 17 Aug 2021 14:51:27 GMT
server: AmazonS3-br
x-timer: S1629299600.927782,VS0,VE0
date: Wed, 18 Aug 2021 15:13:19 GMT
vary: Accept-Encoding
x-amz-request-id: QFVX0N7VDPX5JD4E
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 36
x-cache-hits: 3586

GET
H2 200 json Show response
trc.taboola.com/themonetizer-earnmeclub/trc/3/ Frame 0687 13 KB
5 KB 366ms
359ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-earnmeclub/trc/3/json?tim=17%3A13%3A19.988&lti=deflated&data=%7B%22id%22%3A909%2C%22ii%22%3A%22%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1629274106417%2C%22vi%22%3A1629299599987%2C%22cv%22%3A%2220210817-13-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Fearnme.club%2F%3Flink%3D6trZZaT%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A326%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A326%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-tm%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22412339%20Below%20Article%20Monetizer%22%2C%22orig_uip%22%3A%22412339%20Below%20Article%20Monetizer%22%2C%22cd%22%3A8%2C%22mw%22%3A310%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210817-13-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ceb3768dcc8012d274344bd5c444c70bef93ef351e25ac075f2c3a92872b80f3

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 331
date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
server: nginx
x-timer: S1629299600.008772,VS0,VE331
x-served-by: cache-fra19162-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 117ms
117ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=6045faede4831b73554dc6f4&pasid=6114dc0eef104227c562c9f5&e=request&cb=1629299599999&asid=60f432adfefd02069455d1f4%2C6024f937bb6fe6742b2c1316%2C6040da1b8493df6b886e4e04&ofpr=%2C%2C&fpo=%2C%2C
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 119ms
119ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=60d9e19f300bae39df56a137&pasid=6114dc2d52d5b855400364e8&e=request&cb=1629299599999&asid=60d9e042c3c59a269438a856%2C60d9e045aac2e2613b0847b4%2C60d9e040e1151d701731d30b%2C60d9df6de3ea4720e70806aa%2C60d9e03be568d161976ee48e%2C60d9df69980e33168e552ee6%2C60d9df6ac9ec1355f34ddfd4%2C60d9df6656650922c95b411e&ofpr=%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 118ms
117ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=6045faede4831b73554dc6f4&pasid=6114dc0eef104227c562c9f5&e=bid&cb=1629299600003&asid=60f432adfefd02069455d1f4%2C6024f937bb6fe6742b2c1316%2C6040da1b8493df6b886e4e04&ofpr=%2C%2C&fpo=%2C%2C
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 119ms
118ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=60d9e19f300bae39df56a137&pasid=6114dc2d52d5b855400364e8&e=bid&cb=1629299600003&asid=60d9e042c3c59a269438a856%2C60d9e045aac2e2613b0847b4%2C60d9e040e1151d701731d30b%2C60d9df6de3ea4720e70806aa%2C60d9e03be568d161976ee48e%2C60d9df69980e33168e552ee6%2C60d9df6ac9ec1355f34ddfd4%2C60d9df6656650922c95b411e&ofpr=%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
646 B 64ms
63ms XHR
application/json 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 5c982cca481d56b2dbe42795531ecbfb3406cee67af7a9ccac2ad64e1762b515

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://earnme.club
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Fri, 17 Sep 2021 15:13:20 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
218 B 118ms
53ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5D87 344 KB
119 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8031 344 KB
119 KB 60ms
38ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6056 344 KB
119 KB 60ms
38ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8429 344 KB
119 KB 54ms
33ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1AD3 344 KB
119 KB 59ms
39ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:20 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B7B5 573 KB
188 KB 21ms
8ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5D87 44 KB
17 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:20 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 188D 573 KB
188 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8429 44 KB
16 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:20 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 43E0 573 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8031 44 KB
16 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:20 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 90F6 573 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1AD3 44 KB
16 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:20 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DD24 573 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6056 44 KB
16 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:20 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
424 B 116ms
52ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 15:13:20 GMT
X-AK-INITIAL-GEO: CC:[DK], RC:[], CN:[EU], CIP:[185.236.203.76], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://earnme.club
X-CS-CLIENT-GEO: 10
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 10
Expires: Wed, 18 Aug 2021 15:13:20 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 130D 36 KB
13 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CE18 36 KB
12 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D7ED 36 KB
12 KB 20ms
10ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E2F4 36 KB
12 KB 19ms
11ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 690E 36 KB
12 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H2 200 tfa-eid.20210817-13-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 0687 14 KB
5 KB 28ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210817-13-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80c51846e84e9218f4e11b80e3427ac33539ca65f2f66d910e059df4e23478e2

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rOLQKDH3nBnZwumNo9xtowK5Syskw.BY
content-encoding: gzip
etag: "e2c3b03bd59871b8bf9691b2b4e214f7"
age: 73
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5063
x-amz-id-2: f7IJbpKG1L1dXABW5n5bobTGLiMmitgzlI3HeaM2HZW2ut8HJzu9aGmpItaWt6Z4PS9sP6hV/Bs=
x-served-by: cache-fra19162-FRA
last-modified: Tue, 17 Aug 2021 15:00:46 GMT
server: AmazonS3
x-timer: S1629299600.397104,VS0,VE0
date: Wed, 18 Aug 2021 15:13:20 GMT
vary: Accept-Encoding
x-amz-request-id: T8TDTQBDXV9ZJF68
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 36
x-cache-hits: 246

GET
H2 200 sha256.20210817-13-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 0687 6 KB
3 KB 29ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210817-13-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 910170debb8f5e390ed569fa098a4ffba9fef9b36c9b1c38a76aadc179f903b3

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4zFZ449rd57OFTtDIC04trcdtI8rHG2x
content-encoding: gzip
etag: "b0f4b0f898417433b1433947780cec16"
age: 60
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2590
x-amz-id-2: 86QmwYGxvtyGVldWy0ParspBWH1fnKcWxslQ/hGjTIlNfHl0Gz4DPaN0UtPB6t7RXajV4VR3SAA=
x-served-by: cache-fra19162-FRA
last-modified: Tue, 17 Aug 2021 15:00:59 GMT
server: AmazonS3
x-timer: S1629299600.397235,VS0,VE0
date: Wed, 18 Aug 2021 15:13:20 GMT
vary: Accept-Encoding
x-amz-request-id: SNDPM4M2E0B48JZE
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 36
x-cache-hits: 198

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame 0687 1 MB
232 KB 85ms
28ms Fetch
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210817-13-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: daf1ad1413a040a5a266083475ed3596fe4929d856437dd7e68fbb2227e60387

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Uh2fCV8EGBAaolSSU5VoyZio7VwzdgMi
content-encoding: gzip
etag: "10b13485e8b0b8470d8453c0011a8949"
age: 25469
x-cache: HIT
content-length: 236566
x-amz-id-2: VmR/wjWTvrwOrCklGDGrTP7fdq2tqJvkuBPLngsrYAd8cvU41D0VTCuTA2wVHc7bA8ffYAoZ8lo=
x-served-by: cache-fra19153-FRA
last-modified: Wed, 18 Aug 2021 08:08:29 GMT
server: AmazonS3
x-timer: S1629299600.454726,VS0,VE0
date: Wed, 18 Aug 2021 15:13:20 GMT
vary: Accept-Encoding
x-amz-request-id: KVPSP2S19HN626SC
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 56
x-cache-hits: 14742

GET
H2 200 tb Show response
15.taboola.com/ Frame 0687 147 B
407 B 40ms
38ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=themonetizer-earnmeclub&unitType=226&tbloc=&pageType=text&pstn=412339%20Below%20Article%20Monetizer&uuip=&cisrf=https%3A%2F%2Fearnme.club%2F%3Flink%3D6trZZaT&cirf=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&encoded=1&uid=e94bf3ae-a6d1-4e28-9722-128250e67152-tuct816a910&variant=0|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1629299600411&tagid=&cntry=DK&platform=1&sesid=ab9545edd56591c1c27fa38a66de3d82&itemid=/battlegrounds-mobile-shares-with-chinese-servers-issue&viewid=1629299599987&geolat=&geoing=&deviceifa=&appid=&sd=v2_ab9545edd56591c1c27fa38a66de3d82_e94bf3ae-a6d1-4e28-9722-128250e67152-tuct816a910_1629299600_1629299600_CIi3jgYQjo5VGPPUy861LyABKAEwOjj5twhAoIoQSM_b2ANQydkMWABgAGixr-m1yv33zq0BcAA&ri=0a71933939f5612ce91c0e59abaf870d&appname=&cdb=&gdprApplies=true&rid=&sii=-2008234207880248191&oee=true&tpubid=1394446&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=85&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1196587&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210817-13-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e687b1e7848cc065c48f1625e4912847e84f01377245e76c4d1935a2d65e3fdd

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
access-control-allow-origin: https://earnme.club
machineid: 1429
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-fra19162-FRA
pragma: no-cache
server: nginx
x-timer: S1629299600.426388,VS0,VE10
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20210817-13-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 0687 17 KB
5 KB 28ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210817-13-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e01f922b19c72897e36e730270a7f1a506fa3976dc5ad6cc3b239a5443e806c1

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 2SByTy0ptQlQDCGEcRNVCZY5qmqQFM4m
content-encoding: gzip
etag: "7b72cb23c89788f6cbbaf54dc383a344"
age: 52
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5342
x-amz-id-2: i6CqKaKhTXs2UuarzkLL00/EjgwDntMieW8PIU+D5Ff6wDO5wW6QBAefoPBM+PNzYV4RNFTlDM8=
x-served-by: cache-fra19162-FRA
last-modified: Tue, 17 Aug 2021 15:00:42 GMT
server: AmazonS3
x-timer: S1629299600.424461,VS0,VE0
date: Wed, 18 Aug 2021 15:13:20 GMT
vary: Accept-Encoding
x-amz-request-id: TR4S2V3MXMV6NVF9
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 36
x-cache-hits: 49

GET
H2 200 765842a1b261d012ec89fa71f3398f80_1000x600_36aa31a25bb4606bb263b2327394a9fb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 0687 14 KB
15 KB 36ms
34ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/765842a1b261d012ec89fa71f3398f80_1000x600_36aa31a25bb4606bb263b2327394a9fb.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 26525c4eb745f8934dca71dcab93f636991dcebf2a90c9fb4f296873a82576e5

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 1730193
edge-cache-tag: 539887087937998332510526511112361939454,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 41
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/765842a1b261d012ec89fa71f3398f80_1000x600_36aa31a25bb4606bb263b2327394a9fb.png
content-length: 14728
x-request-id: 0e5894015c1b57b0509a23260cee8421
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Wed, 28 Jul 2021 08:56:58 GMT
server: nginx
x-timer: S1629299601.542568,VS0,VE1
etag: "3cf889212ce76ee39310aaa5c56f12b9"
x-served-by: cache-wdc5583-WDC, cache-dca17780-DCA, cache-fra19162-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 ddaa663e43fffd5cc5309e2f7d2881a0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 0687 11 KB
12 KB 138ms
136ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ddaa663e43fffd5cc5309e2f7d2881a0.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c545c51842beacc28c49f886ce6b27d6d79ed4a6301bd94c6dbd1c1607c5401

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 106
date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 1047827
edge-cache-tag: 581421660895585060681525524020352507908,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 35
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ddaa663e43fffd5cc5309e2f7d2881a0.png
content-length: 11256
x-request-id: 272e8409745897197ecb829369c6b753
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Thu, 05 Aug 2021 13:36:25 GMT
server: nginx
x-timer: S1629299601.542585,VS0,VE106
etag: "181239decb5b002ec97028fc1ad1fc2f"
x-served-by: cache-wdc5555-WDC, cache-dca17723-DCA, cache-fra19162-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 1143077915__8Ilf8QFC.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 0687 17 KB
18 KB 125ms
124ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1143077915__8Ilf8QFC.jpg
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 40d96715dd5d28801628ac9b5c3b3302b2eca359249abe7e831f7bfa1b662eea

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 92
date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 2342282
edge-cache-tag: 534877485143570728289991320899146628449,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 38
expiration: expiry-date="Sat, 31 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1143077915__8Ilf8QFC.jpg
content-length: 17586
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Wed, 30 Jun 2021 18:34:58 GMT
server: nginx
x-timer: S1629299601.542601,VS0,VE92
etag: "a4bbd768cd0c3422cf197860dd3086cd"
x-served-by: cache-wdc5529-WDC, cache-dca12921-DCA, cache-fra19162-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 8b1f2998-314d-41e4-bf77-5644c4542d58_1000x600_6c11ba953079e1ae2b00f65d297b0954.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 0687 13 KB
14 KB 33ms
31ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/8b1f2998-314d-41e4-bf77-5644c4542d58_1000x600_6c11ba953079e1ae2b00f65d297b0954.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 360526f11cba75d3f55fd149fd544eff0b2d2e4bab600e8cf886f76462374647

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 463452
edge-cache-tag: 360494935809787964474968752019157124339,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 466
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/8b1f2998-314d-41e4-bf77-5644c4542d58_1000x600_6c11ba953079e1ae2b00f65d297b0954.png
content-length: 13666
x-request-id: c861230618151e7dcff70eebd9adc2e4
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 13 Aug 2021 04:58:01 GMT
server: nginx
x-timer: S1629299601.542606,VS0,VE1
etag: "f73033346eb0bade42a73f492bb274fc"
x-served-by: cache-wdc5539-WDC, cache-dca17781-DCA, cache-fra19162-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 201f1a43-1577-40d0-af84-7c37f943c7d5_1000x600_2880cdf2137477965b332fa2b73f2875.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 0687 15 KB
16 KB 34ms
33ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/201f1a43-1577-40d0-af84-7c37f943c7d5_1000x600_2880cdf2137477965b332fa2b73f2875.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5557acd3e7f5cbcd88393415e037314c81f3e5bffc823a9b6d8117e27ffec65a

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 2951634
edge-cache-tag: 466667584366830763641526602509035459955,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 41
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/201f1a43-1577-40d0-af84-7c37f943c7d5_1000x600_2880cdf2137477965b332fa2b73f2875.png
content-length: 15472
x-request-id: f64317b7196a6ef92c1ecca21f93595d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 02 Jul 2021 13:56:10 GMT
server: nginx
x-timer: S1629299601.542566,VS0,VE1
etag: "5ab2371e4da5014c67791516cbc487c7"
x-served-by: cache-wdc5524-WDC, cache-dca17726-DCA, cache-fra19162-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 9b29ce5f-48f3-487f-8629-ebd74929aa56_1000x600_34f28b6f1aa21b21fd2f07cfe076ec62.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 0687 29 KB
29 KB 32ms
32ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/9b29ce5f-48f3-487f-8629-ebd74929aa56_1000x600_34f28b6f1aa21b21fd2f07cfe076ec62.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92b022617a8f97288469bd1dc2e1162ae2cd8e8d17328c6fc718e81203868592

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 1735159
edge-cache-tag: 301205010394085586430487305612890757371,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 141
expiration: expiry-date="Sat, 21 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/9b29ce5f-48f3-487f-8629-ebd74929aa56_1000x600_34f28b6f1aa21b21fd2f07cfe076ec62.png
content-length: 29288
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 21 Jul 2021 17:39:49 GMT
server: nginx
x-timer: S1629299601.542538,VS0,VE1
etag: "e2af5bd372ac490f09a3c40a053c7696"
x-served-by: cache-wdc5565-WDC, cache-dca12928-DCA, cache-fra19162-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/765842a1b261d012ec89fa71f3398f80_1000x600_36aa31a25bb4606bb263b2327394a9fb.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 26525c4eb745f8934dca71dcab93f636991dcebf2a90c9fb4f296873a82576e5

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 1730193
edge-cache-tag: 539887087937998332510526511112361939454,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 41
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/765842a1b261d012ec89fa71f3398f80_1000x600_36aa31a25bb4606bb263b2327394a9fb.png
content-length: 14728
x-request-id: 0e5894015c1b57b0509a23260cee8421
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Wed, 28 Jul 2021 08:56:58 GMT
server: nginx
x-timer: S1629299601.592814,VS0,VE0
etag: "3cf889212ce76ee39310aaa5c56f12b9"
x-served-by: cache-wdc5583-WDC, cache-dca17780-DCA, cache-fra19162-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/8b1f2998-314d-41e4-bf77-5644c4542d58_1000x600_6c11ba953079e1ae2b00f65d297b0954.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 360526f11cba75d3f55fd149fd544eff0b2d2e4bab600e8cf886f76462374647

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 463452
edge-cache-tag: 360494935809787964474968752019157124339,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 466
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/8b1f2998-314d-41e4-bf77-5644c4542d58_1000x600_6c11ba953079e1ae2b00f65d297b0954.png
content-length: 13666
x-request-id: c861230618151e7dcff70eebd9adc2e4
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 13 Aug 2021 04:58:01 GMT
server: nginx
x-timer: S1629299601.592918,VS0,VE0
etag: "f73033346eb0bade42a73f492bb274fc"
x-served-by: cache-wdc5539-WDC, cache-dca17781-DCA, cache-fra19162-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/201f1a43-1577-40d0-af84-7c37f943c7d5_1000x600_2880cdf2137477965b332fa2b73f2875.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5557acd3e7f5cbcd88393415e037314c81f3e5bffc823a9b6d8117e27ffec65a

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 2951634
edge-cache-tag: 466667584366830763641526602509035459955,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 41
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/201f1a43-1577-40d0-af84-7c37f943c7d5_1000x600_2880cdf2137477965b332fa2b73f2875.png
content-length: 15472
x-request-id: f64317b7196a6ef92c1ecca21f93595d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 02 Jul 2021 13:56:10 GMT
server: nginx
x-timer: S1629299601.593016,VS0,VE0
etag: "5ab2371e4da5014c67791516cbc487c7"
x-served-by: cache-wdc5524-WDC, cache-dca17726-DCA, cache-fra19162-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/9b29ce5f-48f3-487f-8629-ebd74929aa56_1000x600_34f28b6f1aa21b21fd2f07cfe076ec62.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92b022617a8f97288469bd1dc2e1162ae2cd8e8d17328c6fc718e81203868592

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 1735159
edge-cache-tag: 301205010394085586430487305612890757371,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 141
expiration: expiry-date="Sat, 21 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/9b29ce5f-48f3-487f-8629-ebd74929aa56_1000x600_34f28b6f1aa21b21fd2f07cfe076ec62.png
content-length: 29288
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 21 Jul 2021 17:39:49 GMT
server: nginx
x-timer: S1629299601.593031,VS0,VE0
etag: "e2af5bd372ac490f09a3c40a053c7696"
x-served-by: cache-wdc5565-WDC, cache-dca12928-DCA, cache-fra19162-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5D87 107 B
570 B 41ms
20ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1143077915__8Ilf8QFC.jpg
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 40d96715dd5d28801628ac9b5c3b3302b2eca359249abe7e831f7bfa1b662eea

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 2342282
edge-cache-tag: 534877485143570728289991320899146628449,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 38
expiration: expiry-date="Sat, 31 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1143077915__8Ilf8QFC.jpg
content-length: 17586
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Wed, 30 Jun 2021 18:34:58 GMT
server: nginx
x-timer: S1629299601.676851,VS0,VE0
etag: "a4bbd768cd0c3422cf197860dd3086cd"
x-served-by: cache-wdc5529-WDC, cache-dca12921-DCA, cache-fra19162-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8429 107 B
165 B 26ms
25ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ddaa663e43fffd5cc5309e2f7d2881a0.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c545c51842beacc28c49f886ce6b27d6d79ed4a6301bd94c6dbd1c1607c5401

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 18 Aug 2021 15:13:20 GMT
via: 1.1 varnish, 1.1 varnish
age: 1047827
edge-cache-tag: 581421660895585060681525524020352507908,612468382432388073812094334041579167997,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 35
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_254%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ddaa663e43fffd5cc5309e2f7d2881a0.png
content-length: 11256
x-request-id: 272e8409745897197ecb829369c6b753
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Thu, 05 Aug 2021 13:36:25 GMT
server: nginx
x-timer: S1629299601.696086,VS0,VE0
etag: "181239decb5b002ec97028fc1ad1fc2f"
x-served-by: cache-wdc5555-WDC, cache-dca17723-DCA, cache-fra19162-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8031 107 B
122 B 35ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B7B5 136 B
501 B 75ms
65ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F27560194%2Faplvideovast7047%2Fvast2.0&description_url=earnme.club&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1301579703267622&sdkv=h.3.475.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=2899431784&sdk_apis=2%2C8&sid=66CBD908-7BF5-41AC-860F-29D6AAE7ECD8&eid=44746832&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299600007&idt=460&dt=1629299600711&cookie_enabled=1&scor=1425463389946221&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1AD3 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6056 107 B
122 B 20ms
20ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B7B5 136 B
125 B 63ms
62ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 188D 136 B
241 B 20ms
20ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-4903453974745530&slotname=aniplay%2Faniplay_075&ad_type=video_text_image&max_ad_duration=33000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.475.0&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&ea=0&image_size=200x200&num_ads=3&t_pyv=allow&video_format=43&is_amp=0&u_so=l&gdpr_consent=tcunavailable&sdki=44d&adk=2348648828&sdk_apis=2%2C8&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299600017&idt=469&dt=1629299600889&cookie_enabled=1&correlator=2261879108887516&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 43E0 136 B
125 B 60ms
60ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F27560194%2Faplvideovast7047%2Fvast3.5&description_url=earnme.club&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2518707042203011&sdkv=h.3.475.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=701978305&sdk_apis=2%2C8&sid=CE6A030A-16C8-4340-8B4E-8085AC2D55CC&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299600011&idt=491&dt=1629299600895&cookie_enabled=1&scor=3604110807738658&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 90F6 136 B
125 B 58ms
58ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F27560194%2Faplvideovast7047%2Fvast1.7&description_url=earnme.club&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2041871511189627&sdkv=h.3.475.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=1205157624&sdk_apis=2%2C8&sid=89A4527C-777D-4471-A48C-A2580F3B8834&eid=31061774&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299600021&idt=494&dt=1629299600904&cookie_enabled=1&scor=2813458907535020&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DD24 136 B
125 B 57ms
57ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F27560194%2Faplvideovast7047%2Fvast1.5&description_url=earnme.club&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2140251730785349&sdkv=h.3.475.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=1141705736&sdk_apis=2%2C8&sid=C57A587F-07C8-49BF-8AC3-E84B98144F53&eid=44746831&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299600014&idt=536&dt=1629299600910&cookie_enabled=1&scor=919334164834690&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 188D 136 B
120 B 34ms
20ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 43E0 136 B
125 B 61ms
60ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 90F6 136 B
125 B 59ms
59ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C27D 344 KB
119 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:20 GMT

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DD24 136 B
125 B 60ms
58ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4935 344 KB
119 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:20 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 987B 573 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C27D 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:21 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8037 573 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 4935 44 KB
16 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:21 GMT

POST
H2 200 track Show response
servt.modoro360.com/ 0
94 B 351ms
119ms XHR
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 18 Aug 2021 15:13:21 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6898 36 KB
12 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7EC2 36 KB
12 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7D31 344 KB
119 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:21 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BEEC 344 KB
119 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:21 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0D77 344 KB
119 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:21 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0879 573 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7D31 44 KB
16 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:21 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D185 573 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BEEC 44 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:21 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1076 573 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0D77 44 KB
16 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:21 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EBE1 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FA7E 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 72E0 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

POST
H2 204 bulk Show response
trc.taboola.com/themonetizer-earnmeclub/log/3/ Frame 0687 0
266 B 86ms
86ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-earnmeclub/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210817-13-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 58
pragma: no-cache
date: Wed, 18 Aug 2021 15:13:21 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629299602.537470,VS0,VE58
x-served-by: cache-fra19162-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://earnme.club
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C27D 107 B
122 B 34ms
34ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4935 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 0687 254 B
754 B 28ms
28ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: earnme.club
URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 27333
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
x-served-by: cache-fra19162-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1629299602.575310,VS0,VE0
date: Wed, 18 Aug 2021 15:13:21 GMT
x-amz-request-id: 6P8Y14FA9N2SAAH6
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 36
x-cache-hits: 23121

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 987B 136 B
125 B 74ms
74ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F27560194%2Faplvideovast7047%2Fvast3.0&description_url=earnme.club&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3662004686170289&sdkv=h.3.475.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=3185440280&sdk_apis=2%2C8&sid=58E3992B-E7B1-46C1-92A1-D52F3C89D4A7&eid=44732023&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299600952&idt=252&dt=1629299601573&cookie_enabled=1&scor=1994062902977131&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8037 136 B
120 B 33ms
33ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-4903453974745530&slotname=aniplay%2Faniplay_100&ad_type=video&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.475.0&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&gdpr_consent=tcunavailable&sdki=44d&adk=2310985495&sdk_apis=2%2C8&eid=420706097%2C44737475&top=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299600958&idt=267&dt=1629299601584&cookie_enabled=1&correlator=3575036256359409&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H3-29 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8037 136 B
120 B 19ms
19ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 987B 136 B
125 B 60ms
60ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 982D 344 KB
119 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:21 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4282 573 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 982D 44 KB
16 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:21 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A5BB 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7D31 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame BEEC 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0879 136 B
125 B 60ms
59ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F27560194%2Faplvideovast7047%2Fvast2.5&description_url=earnme.club&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4098618067489901&sdkv=h.3.475.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=3569894489&sdk_apis=2%2C8&sid=453847F7-E232-4313-BECF-E28D73A46D7F&eid=44729309&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299601065&idt=340&dt=1629299601787&cookie_enabled=1&scor=3753476771188485&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0D77 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D185 136 B
125 B 57ms
56ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F27560194%2Faplvideovast7047%2Fvast1.0&description_url=earnme.club&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1511879375683779&sdkv=h.3.475.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=2654234090&sdk_apis=2%2C8&sid=AE41A431-14B5-4D06-82FB-F4894CC35C92&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299601074&idt=353&dt=1629299601803&cookie_enabled=1&scor=1897117946163020&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1076 136 B
125 B 57ms
57ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F27560194%2Faplvideovast7047%2Fvast1.3&description_url=earnme.club&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=560523524635667&sdkv=h.3.475.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=697011191&sdk_apis=2%2C8&sid=FBF15E6E-6121-41CC-956E-A4606210E65F&eid=44736285&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299601083&idt=364&dt=1629299601812&cookie_enabled=1&scor=3737689377832975&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0879 136 B
125 B 61ms
61ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D185 136 B
125 B 59ms
59ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1076 136 B
125 B 59ms
59ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 982D 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4282 136 B
125 B 64ms
64ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F27560194%2Faplvideovast7047%2Fvast5&description_url=earnme.club&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1274583639018933&sdkv=h.3.475.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=44d&adk=1142750408&sdk_apis=2%2C8&sid=51256454-A67C-4540-9B5A-BD02845DB4DE&eid=44730612&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299601646&idt=131&dt=1629299602239&cookie_enabled=1&scor=1688399322618000&ged=ve4_td0_tt0_pd0_la0_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 303 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4282 136 B
125 B 62ms
62ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
servt.modoro360.com/ 0
93 B 125ms
125ms XHR
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 18 Aug 2021 15:13:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 116ms
116ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=6045faede4831b73554dc6f4&pasid=6114dc0eef104227c562c9f5&e=request&cb=1629299602372&asid=6040da1b8493df6b886e4e04&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 117ms
117ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=6045faede4831b73554dc6f4&pasid=6114dc0eef104227c562c9f5&e=bid&cb=1629299602372&asid=6040da1b8493df6b886e4e04&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 30A9 344 KB
119 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:22 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 87AD 573 KB
188 KB 8ms
8ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 30A9 44 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:22 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 08F8 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 30A9 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87AD 136 B
120 B 22ms
22ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-4903453974745530&slotname=aniplay%2Faniplay_100&ad_type=video&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.475.0&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&gdpr_consent=tcunavailable&sdki=44d&adk=677546525&sdk_apis=2%2C8&eid=668123729&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299602374&idt=101&dt=1629299602963&cookie_enabled=1&correlator=3387126785587124&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H3-29 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87AD 136 B
120 B 18ms
18ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-4903453974745530&slotname=aniplay%2Faniplay_100&ad_type=video&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.475.0&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&gdpr_consent=tcunavailable&sdki=44d&adk=677546525&sdk_apis=2%2C8&eid=668123729&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299602374&idt=101&dt=1629299602963&cookie_enabled=1&correlator=3387126785587124&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 117ms
117ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=6045faede4831b73554dc6f4&pasid=6114dc0eef104227c562c9f5&e=request&cb=1629299603011&asid=6040da1b8493df6b886e4e04&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 117ms
116ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=6045faede4831b73554dc6f4&pasid=6114dc0eef104227c562c9f5&e=bid&cb=1629299603011&asid=6040da1b8493df6b886e4e04&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BB68 344 KB
119 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:23 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6D39 573 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412528
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BB68 44 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:23 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C08E 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BB68 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D39 136 B
167 B 19ms
19ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-4903453974745530&slotname=aniplay%2Faniplay_100&ad_type=video&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.475.0&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&gdpr_consent=tcunavailable&sdki=44d&adk=1959544251&sdk_apis=2%2C8&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299603012&idt=179&dt=1629299603608&cookie_enabled=1&correlator=2267451295741611&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H3-29 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D39 136 B
120 B 23ms
23ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-4903453974745530&slotname=aniplay%2Faniplay_100&ad_type=video&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.475.0&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&gdpr_consent=tcunavailable&sdki=44d&adk=1959544251&sdk_apis=2%2C8&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299603012&idt=179&dt=1629299603608&cookie_enabled=1&correlator=2267451295741611&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 116ms
116ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=6045faede4831b73554dc6f4&pasid=6114dc0eef104227c562c9f5&e=request&cb=1629299603660&asid=6040da1b8493df6b886e4e04&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 119ms
118ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=6045faede4831b73554dc6f4&pasid=6114dc0eef104227c562c9f5&e=bid&cb=1629299603661&asid=6040da1b8493df6b886e4e04&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 786B 344 KB
119 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:23 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 67EB 573 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412528
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 786B 44 KB
16 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:23 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E206 36 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 13ms
13ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y&gtm=2oe8g0&_p=296508162&sr=1600x1200&ul=en-us&cid=665174655.1629299599&_s=2&dl=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dr=https%3A%2F%2Fearnme.club%2F%3Flink%3D6trZZaT&dt=Battlegrounds%20Mobile%20Shares%20with%20Chinese%20Servers%20Issue%20%E2%80%93%20Tech%20One&sid=1629299599&sct=1&seg=1&en=page_view&_et=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 15:13:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 786B 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 67EB 136 B
120 B 20ms
20ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-4903453974745530&slotname=aniplay%2Faniplay_100&ad_type=video&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.475.0&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&gdpr_consent=tcunavailable&sdki=44d&adk=4084023308&sdk_apis=2%2C8&eid=44712633&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299603663&idt=184&dt=1629299604264&cookie_enabled=1&correlator=247606724689662&ged=ve4_td0_tt0_pd0_la0_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H3-29 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 67EB 136 B
120 B 18ms
18ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-4903453974745530&slotname=aniplay%2Faniplay_100&ad_type=video&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.475.0&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&gdpr_consent=tcunavailable&sdki=44d&adk=4084023308&sdk_apis=2%2C8&eid=44712633&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299603663&idt=184&dt=1629299604264&cookie_enabled=1&correlator=247606724689662&ged=ve4_td0_tt0_pd0_la0_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 117ms
116ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=6045faede4831b73554dc6f4&pasid=6114dc0eef104227c562c9f5&e=request&cb=1629299604312&asid=6040da1b8493df6b886e4e04&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:24 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 119ms
119ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=6045faede4831b73554dc6f4&pasid=6114dc0eef104227c562c9f5&e=bid&cb=1629299604313&asid=6040da1b8493df6b886e4e04&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:24 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 2AF0 344 KB
119 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:24 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B473 573 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412529
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 2AF0 44 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:24 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F86B 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2AF0 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B473 136 B
120 B 22ms
22ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-4903453974745530&slotname=aniplay%2Faniplay_100&ad_type=video&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.475.0&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&gdpr_consent=tcunavailable&sdki=44d&adk=855366160&sdk_apis=2%2C8&eid=44725356&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299604314&idt=123&dt=1629299604916&cookie_enabled=1&correlator=4474636098829045&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H3-29 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B473 136 B
120 B 18ms
18ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-4903453974745530&slotname=aniplay%2Faniplay_100&ad_type=video&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.475.0&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&gdpr_consent=tcunavailable&sdki=44d&adk=855366160&sdk_apis=2%2C8&eid=44725356&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299604314&idt=123&dt=1629299604916&cookie_enabled=1&correlator=4474636098829045&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

POST
H2 200 track Show response
servt.modoro360.com/ 0
93 B 128ms
127ms XHR
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 18 Aug 2021 15:13:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 122ms
121ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=6045faede4831b73554dc6f4&pasid=6114dc0eef104227c562c9f5&e=request&cb=1629299604965&asid=6040da1b8493df6b886e4e04&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 121ms
121ms Image
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&&ppid=6114dbdb1f8b0669e215b7e4&nid=60095c900c0799791c46d8d4&pcid=6114dbec10453b5f0e60bac4&ncid=6045faede4831b73554dc6f4&pasid=6114dc0eef104227c562c9f5&e=bid&cb=1629299604966&asid=6040da1b8493df6b886e4e04&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BF1C 344 KB
119 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121543
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:24 GMT

GET
H3-29 200 bridge3.475.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DCDD 573 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.475.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnme.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://earnme.club/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192138
date: Fri, 13 Aug 2021 20:37:55 GMT
expires: Sat, 13 Aug 2022 20:37:55 GMT
last-modified: Fri, 13 Aug 2021 20:30:55 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 412530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BF1C 44 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 18 Aug 2021 15:13:25 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CA33 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 18 Aug 2021 15:30:14 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame BF1C 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 15:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DCDD 136 B
120 B 21ms
21ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-4903453974745530&slotname=aniplay%2Faniplay_100&ad_type=video&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.475.0&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&gdpr_consent=tcunavailable&sdki=44d&adk=3794253638&sdk_apis=2%2C8&eid=418572006&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299604967&idt=124&dt=1629299605557&cookie_enabled=1&correlator=2144720702355481&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H3-29 303 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DCDD 136 B
120 B 20ms
20ms XHR
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-4903453974745530&slotname=aniplay%2Faniplay_100&ad_type=video&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.475.0&video_product_type=0&min_ad_duration=0&sz=400x300&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&gdpr_consent=tcunavailable&sdki=44d&adk=3794253638&sdk_apis=2%2C8&eid=418572006&url=https%3A%2F%2Fearnme.club%2Fbattlegrounds-mobile-shares-with-chinese-servers-issue%2F&dlt=1629299604967&idt=124&dt=1629299605557&cookie_enabled=1&correlator=2144720702355481&ged=ve4_td1_tt1_pd1_la1000_er795.9.951.309_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.475.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 15:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

POST
H2 200 track Show response
servt.modoro360.com/ 0
93 B 117ms
117ms XHR
text/plain 54.152.122.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=DK&cos=Windows&r=earnme.club&rs=earnme.club&sid=70799&t=1629299599&cip=185.236.203.76&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=6114dbdb1f8b0669e215b7e4&test=&aafaid=&proto=https&uid=1629299599907-944233947292-008580-012-009189&cha=0.7&stagid=6114dc90d1bead46fe092d17&stplid=6049d3f140d88e45f4252456&cb=84533076611&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6114dbdb1f8b0669e215b7e4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.122.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-122-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 18 Aug 2021 15:13:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
earnme.club/	1970-01-20 05:20:35	Name: trc_cookie_storage Value: themonetizer-earnmeclub%253Asession-data%3Dv2_ab9545edd56591c1c27fa38a66de3d82_e94bf3ae-a6d1-4e28-9722-128250e67152-tuct816a910_1629299600_1629299600_CIi3jgYQjo5VGPPUy861LyABKAEwOjj5twhAoIoQSM_b2ANQydkMWABgAGixr-m1yv33zq0BcAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522themonetizer-earnmeclub%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3De94bf3ae-a6d1-4e28-9722-128250e67152-tuct816a910
.zeotap.com/	1970-01-20 05:20:35	Name: zc Value: c4fc475d-b1c0-42cc-6c56-f9bbed00fd71
.earnme.club/	1970-01-20 14:06:11	Name: _ga_LY1N2M6E7Y Value: GS1.1.1629299599.1.1.1629299599.0
.earnme.club/	1970-01-20 14:06:11	Name: _ga Value: GA1.1.665174655.1629299599
.zeotap.com/	1970-01-19 20:36:25	Name: zsc Value: %A8P%A5%E4%BDZ%FE%A9ypR%22L7%CA%1A%A0q%21%BC%FF%9DD%3Bdm%F5%85%E0%BA%FB%14W3%9D%80%2F%E1%08%C6%86%B9%DF4%D1%229%89%AB%C3%CD%07%EDe%D1%CB%A1%2FC%97b%23%AE%DF%E1%F5A%0D%E8%C9S%3DJ%08_%E4W%5D%D0%C7%96%1AN%A5%9D%A2%E3%FE%BCG%B9%3A%0B%1C%FD%C4%F7%B2%9F%9E%0D%C8%40%FC%25
.earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue	1969-12-31 23:59:59	Name: _dlt Value: 1

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][setOption] The option "debug" he was assigned to "true"
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][on] A type of event "detected" was added
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][on] A type of event "notDetected" was added
console-api	error	URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://earnme.club/battlegrounds-mobile-shares-with-chinese-servers-issue/(Line 251) Message: anchor ad not available, try emulating a mobile device
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js(Line 6) Message: [GPT] Invalid arguments: googletag.display('null').
console-api	log	(Line 14) Message: sas_siteid : 412339
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][onload->eventCallback] A check loading is launched
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][_creatBait] Bait has been created
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][check] An audit was requested with a loop
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][check] A check is in progress ...
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][_checkBait] A check (1/5 ~1ms) was conducted and detection is negative
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][_checkBait] A check (2/5 ~51ms) was conducted and detection is negative
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][_checkBait] A check (3/5 ~101ms) was conducted and detection is negative
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][_checkBait] A check (4/5 ~151ms) was conducted and detection is negative
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][_checkBait] A check (5/5 ~201ms) was conducted and detection is negative
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][_stopLoop] A loop has been stopped
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][_destroyBait] Bait has been removed
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][emitEvent] An event with a negative detection was called
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][emitEvent] Call function 1/1
console-api	log	URL: https://earnme.club/js/fuckadblock.js(Line 4) Message: [FuckAdBlock][clearEvent] The event list has been cleared

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
aa.agkn.com
ads.themoneytizer.com
adservice.google.com
adtrack.adleadevent.com
ajax.googleapis.com
api.rlcdn.com
as-sec.casalemedia.com
boot.pbstck.com
c.tmyzer.com
cdn.pbstck.com
cdn.taboola.com
ced-ns.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dpm.demdex.net
earnme.club
eqx.smartadserver.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
images.taboola.com
imasdk.googleapis.com
js-sec.indexww.com
link.tnlink.in
match.adsrvr.org
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pixel.mathtag.com
player.aniview.com
player.avplayer.com
pubads.g.doubleclick.net
quantcast.mgr.consensu.org
rules.quantcount.com
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
serv.modoro360.com
servt.modoro360.com
spl.zeotap.com
storage.de.cloud.ovh.net
tag.leadplace.fr
tg1.modoro360.com
tnlink.in
trc.taboola.com
ww1097.smartadserver.com
www.google-analytics.com
www.googletagmanager.com
13.224.89.192
141.95.4.196
142.250.184.226
142.250.186.66
145.239.192.166
145.239.193.145
151.101.13.44
151.139.241.23
185.33.220.241
185.86.137.114
2.18.233.201
2.18.234.21
2600:9000:2190:4400:6:44e3:f8c0:93a1
2600:9000:2190:9400:9:46dc:4700:93a1
2606:4700:10::6816:15d
2606:4700:10::6816:1857
2606:4700:10::ac43:1997
2606:4700:3035::ac43:c76a
2606:4700:3036::6815:2aa6
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2006
2a02:2638::1c
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:ba29
2a02:26f0:6c00::210:bb91
2a02:26f0:6c00::210:bb99
3.8.243.222
34.120.133.55
34.248.25.248
51.89.9.251
54.152.122.180
54.217.215.116
54.246.143.132
54.38.64.100
54.83.70.249
76.223.111.131
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
01e51940762b45561e5a0c1ea5e5ad122f4c732178d0cb428f8f4409030efb13
071bb2e3c8516e772831b3085348e451b060e85f2026300f1a1d168aef923732
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
1005904ed58effec20fe3eebe0156d6c53a08ce7a4f64ae1106821a4308a9e4a
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1ca80befda3fc0a1aa6ef5e9039e064f5132e549b068ef54bd1726cc6b4ddc3f
1db0c5a52f4b6afff48b7539fa61041a99ad04208363b200833d38688a6678dd
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
26525c4eb745f8934dca71dcab93f636991dcebf2a90c9fb4f296873a82576e5
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
27f255403630c2aac3427aa6b00ab5ec9090b684106572476531160091240a4b
292d4b5420e4fb37a51631f33b0cee8869a0a36404c8260ce123827446f2cd1c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c013d3fb73112b051523c0798ab7ec22c3120ffb2742b4c9b45e6ca0fd1f9f7
2ce57bd0fa2624bc5eac3701da8c04e315f177fc440ef4a9f46bb0699f942c34
34b4f46a1278a287eecbab8897310844ce3e7969e3561745f6d3d6e5bbc000e2
360526f11cba75d3f55fd149fd544eff0b2d2e4bab600e8cf886f76462374647
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39a86dbfb7f9f2d4045eeab9b87306fff6803d2a643bda41bdf56b360545fda0
3a40c2004b3607e3715e0cf21311000332cf42259eb349df53676f1c3389e747
3af7764a8736aca1bb0b51f2bea228a344a1aefce9a04c8d4b68b2758588e2ae
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
40d96715dd5d28801628ac9b5c3b3302b2eca359249abe7e831f7bfa1b662eea
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
47478a31d73e4d80cb4971f181c07bb5134fc3dd9a84af930cdbaae5ed525fdc
5363d0d723ef689558ef89ce2a0a30f58bdf30d571aa79ccb764d1a005b3fa98
5557acd3e7f5cbcd88393415e037314c81f3e5bffc823a9b6d8117e27ffec65a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c982cca481d56b2dbe42795531ecbfb3406cee67af7a9ccac2ad64e1762b515
5d5e6735264dd15a8c13338997941d1725811db834df6403abfb16f8b1d945a9
722751dd1491aac555f90f3d89607a36c50bdd273a935cff85313f083f2a33e9
73b9da7b7330a97578bdaf0c871defb83d7557c86c67a9b7eed0461d83cb4b43
77c1e785a0a278ca390fc41e0c5503a9565b9f6f72c042d48e6832a3b84aedb9
7957504f907ffedfc0d7ec27f93664a47d4d36b36ece1386e74492f753d24025
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
806452f1b480eeeadffcc371cb695fc34d6accba5ebaab95fe8c7b50d8d6061b
80c51846e84e9218f4e11b80e3427ac33539ca65f2f66d910e059df4e23478e2
88275a8fa9bdbc6bbc76ea8da55ead3ba88a5934b434a90b7242cc05b22d0f58
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c545c51842beacc28c49f886ce6b27d6d79ed4a6301bd94c6dbd1c1607c5401
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8da935c18168ab5561137d875449b7b5b4e38ec854c5f3d2296823cf0b93a3f9
8f6901c061a53e9a128e0c75521a58d3086ea8fb16e3b49f82a59f4e9b35aa38
910170debb8f5e390ed569fa098a4ffba9fef9b36c9b1c38a76aadc179f903b3
92b022617a8f97288469bd1dc2e1162ae2cd8e8d17328c6fc718e81203868592
9358f222ba40b683e83f1705f68d251bf6002d597f38707e59abef418d6dfc37
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b75fbcebeb3ed3f372c80f47fd553179656a53959dba64c516e9859619c58136
b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675
bd63b8f0f7ca2f0cfffab88049d3fdee89162fdfa11b80c64f122415dc6acb7e
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ceb3768dcc8012d274344bd5c444c70bef93ef351e25ac075f2c3a92872b80f3
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d4fd70934ff0f5ee1d0532a77b78824aa035865292c57d5f86baf08694cd03cc
d5aea6792c807cf687f4c33074139aabbafb9af1d0b61e6b41dbe7cae8a64d7a
d7fcc43e5d2d0091ae14f9a8ea2f8a4da1fc25da861b5c8da37e50854cdbaa1e
daf1ad1413a040a5a266083475ed3596fe4929d856437dd7e68fbb2227e60387
ddf5e545fd7eeec5f9bad1260cf250e3a119bd8225e376ba197bbb9fe4872aa1
e01f922b19c72897e36e730270a7f1a506fa3976dc5ad6cc3b239a5443e806c1
e2e2137f91906b27bbf7fce480ec250e1cebac3fa996c4e3ee192bd3c9acd85c
e2eec0a17ceff950d3a14f07356a795a80b42dea59c9e2d81922c982f94d5878
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e687b1e7848cc065c48f1625e4912847e84f01377245e76c4d1935a2d65e3fdd
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fbc18d8db6012565449eef0a113333f5b8d04c86bd3b3492439b9907fc7f5ad6

earnme.club Open in urlscan Pro 2606:4700:3036::6815:2aa6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

238 Requests

93 %HTTPS

51 %IPv6

39 Domains

53 Subdomains

40 IPs

6 Countries

7262 kBTransfer

21876 kBSize

6 Cookies

5 Outgoing links

Page URL History

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

earnme.club Open in urlscan Pro
2606:4700:3036::6815:2aa6 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

93 %
HTTPS

51 %
IPv6

39
Domains

53
Subdomains

40
IPs

6
Countries

7262 kB
Transfer

21876 kB
Size

6
Cookies

238 HTTP transactions
-14 data transactions